> Tous les forums > Forum Sécurité
 Plusieurs soucis pour mon pc...
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
Jéré34
  Posté le 01/06/2014 @ 15:22 
Aller en bas de la page 
Petit astucien

Bonjour a tous,

Voila j ai enfin ressorti mon pc fixe de son carton suite a un demenagement, j ai effectuer les dernieres mise a jour de xp et autres logiciels,

Mais mon pc est devenu lent depuis quelques jours, quand je joue j ai souvent le message le plugin shockwave a planter et cela me bloque tout le pc ,encore pire dernierement une page bleu est apparu rapidement avec ecrit un probleme a etait detecté est mon pc a redemarré tout seul.

j ai l impression qu il y a aussi un ventilo qui tourne a plein regime, j ai verifier les temperatures de tout les composants du pc avec speccy est aucun ne depasse les 48 degres.

Comment pourrais je verifier si mon pc est infecter?

MERCI de votre aide

Publicité
poussebois
 Posté le 01/06/2014 à 15:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Maître astucien

Bonjour et ,

Si tu crains que ton PC soit infecté :

  1. Tu lis attentivement l’aide au diagnostic d’un PC infecté (en rouge, en bas dans ma signature).
  2. Tu suis scrupuleusement les indications indiquées, à savoir postes dans l’ordre les 3 rapports demandés : MBAM, AdwCleaner, ZHPDiag.
  3. Tu attends qu’un membre du Groupe Sécurité te prenne en charge.

@ +

@ +

Jéré34
 Posté le 01/06/2014 à 15:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Salut et merci pour ton aide, je vais donc commencer par faire les 3 analyses

merci

Jéré34
 Posté le 01/06/2014 à 15:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

1er rapport mbam

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 01/06/2014
Heure de l'examen: 15:39:56
Fichier journal: MBAM.txt
Administrateur: Oui

Version: 2.00.2.1012
Base de données Malveillants: v2014.06.01.04
Base de données Rootkits: v2014.05.21.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Self-protection: Désactivé(e)

Système d'exploitation: Windows XP Service Pack 3
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Chef

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 317752
Temps écoulé: 8 min, 21 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristics: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 7
Trojan.BHO, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6156A32A-C512-4E23-AA9A-2315F4265681}, , [b39583f0413abd79cf38ed6be220649c],
Trojan.BHO, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9506910A-0F94-4EA1-B567-7070428B8B2B}, , [2b1d284b5f1cc274c6272038e1214fb1],
Trojan.BHO, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{994B5FB4-0103-44A6-B6B3-C73572B362BC}, , [41070a6983f880b65cac3a1f2bd755ab],
Adware.Shopper, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}, , [80c8cea599e296a0f30aa3aa55ad09f7],
Trojan.Agent, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BCA95E31-1FBF-4F84-8F23-1BA653007A1E}, , [fd4bcea5cfac54e26a24f560da287f81],
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\cpmsky, , [9dab254ea1da1b1b559bc4779c67748c],
Trojan.Agent, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\adzgalore, , [3f09c6adb9c2a98d469960bbfe05c43c],

Valeurs du Registre: 0
(No malicious items detected)

Données du Registre: 0
(No malicious items detected)

Dossiers: 0
(No malicious items detected)

Fichiers: 2
Trojan.BHO, C:\WINDOWS\system32\WhoisCL.exe, , [1f2921529fdc1d19c9310ebb56abc53b],
Trojan.BHO, C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe, , [20285b1818632b0bfc609d60f909b24e],

Secteurs physiques: 0
(No malicious items detected)


(end)

Jéré34
 Posté le 01/06/2014 à 15:54 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

2eme rapport adw

# AdwCleaner v3.211 - Rapport créé le 01/06/2014 à 15:54:26
# Mis à jour le 26/05/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Chef - MOI-6669CFEA352
# Exécuté depuis : C:\Documents and Settings\Chef\Mes documents\Téléchargements\adwcleaner_3.211.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKCU\Software\AppDataLow\Software

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v29.0.1 (fr)

[ Fichier : C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\6k26nbsu.default\prefs.js ]


[ Fichier : C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\prefs.js ]


-\\ Google Chrome v

[ Fichier : C:\Documents and Settings\Chef\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [99671 octets] - [17/05/2014 14:42:25]
AdwCleaner[R1].txt - [1314 octets] - [01/06/2014 15:52:39]
AdwCleaner[S0].txt - [100993 octets] - [17/05/2014 14:43:45]
AdwCleaner[S1].txt - [1236 octets] - [01/06/2014 15:54:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1296 octets] ##########



Modifié par Jéré34 le 01/06/2014 16:00
poussebois
 Posté le 01/06/2014 à 16:02 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Maître astucien

,

Tu es infecté par le cheval de Troie BHO.

Postes le 3ème rapport demandé : ZHPDiag et attends qu'un membre du Groupe Sécurité te prenne en charge.

Jéré34
 Posté le 01/06/2014 à 16:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

et voici le 3eme

~ Rapport de ZHPDiag v2014.5.31.79 - Nicolas Coolman (31/05/2014)
~ Lancé par Chef (01/06/2014 16:02:44)
~ Adresse du Site Web http://nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 29.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware version 2.0.2.1012

---\\ Logiciels d'optimisation du système
CCleaner v4.03

---\\ Logiciels de partage PeerToPeer
µTorrent v3.3.0.29625 =>P2P.µTorrent

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3583 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 292 GB (62%) free of 466 GB

---\\ Mode de connexion au système
~ Computer Name: MOI-6669CFEA352
~ User Name: Chef
~ All Users Names: UpdatusUser, SUPPORT_388945a0, HelpAssistant, Chef, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Chef\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Chef\Application Data\
~ %Desktop% : C:\Documents and Settings\Chef\Bureau\
~ %Favorites% : C:\Documents and Settings\Chef\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Chef\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Chef\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 292 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 45 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.5158A1C542A355B3A67E59538BBD894D] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [3200000]
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/03/2014 - 18:58:52.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2697
~ Mes musiques (My Musics) : 1/687
~ Mes Videos (My Videos) : 1/34
~ Mes Favoris (My Favorites) : 0/76
~ Mes Documents (My Documents) : 1/4983
~ Mon Bureau (My Desktop) : 1/55
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 12s



---\\ Processus lancés
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1764]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.908]
[MD5.76B04173A13A045523FD10DB483E2B25] - (.Pas de propriétaire - System Level Service Utility.) -- C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe [68608] [PID.936]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1060]
[MD5.691B9B7C0CC1653732717D292D6B305D] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153584] [PID.1948]
[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.256]
[MD5.4F45ED469906494F9BF754E476390DBD] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472] [PID.1316]
[MD5.BB4D46468EA1F4B53FDFD3933AC133FC] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 331.8.) -- C:\WINDOWS\system32\nvsvc32.exe [156960] [PID.1488]
[MD5.815290E27B7B7D12AF013638819BE1B6] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1914656] [PID.1024]
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.1720]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2760]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2916]
[MD5.32C139FC0363681804EFF9394CD6B1B8] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16126464] [PID.3888]
[MD5.22E458A5DC55A961DC22AC8824E8E6B7] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648] [PID.3128]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648] [PID.968]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.2372]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\RUNDLL32.exe [0] [PID.572]
[MD5.E6D9D561DC70442E1371C6A90F0CABCD] - (...) -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [344064] [PID.3056]
[MD5.86F0D0B3A07C142C81DAB47E8495A822] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [152872] [PID.3876]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.3624]
[MD5.2DA7185EA6117B94E59620E061ADB401] - (.Gainward Co. - EXPERTool : Display Control Panel.) -- C:\Program Files\EXPERTool\TBPanel.exe [2265416] [PID.2744]
[MD5.463790AEF94D8EAB674631257F53252E] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3044]
[MD5.DD5B5B10BB387F7A7D4B60323163C93B] - (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Chef\Application Data\uTorrent\uTorrent.exe [1268560] [PID.2064] =>P2P.BitTorrent
[MD5.A328A46D87BB92CE4D8A4528E9D84787] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [279848] [PID.2508]
[MD5.A6455ADF66EE2FDD53B81AAE74F40C4C] - (.Microsoft Corporation - SQL Server Service Manager.) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [74308] [PID.2668]
[MD5.FFBD5650348D4F9E0AA8E72938DC6478] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe [1213736] [PID.3316]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.3284]
[MD5.D760ACB8167872C4EF9FFBC122BFD141] - (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ZHPDiag2(1).exe [6820846] [PID.3024]
[MD5.9E30AB5E3F6B43F69F928E6B4FCFD604] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Documents and Settings\Chef\Local Settings\Temp\is-4CGEL.tmp\ZHPDiag2(1).tmp [680960] [PID.3772]
[MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.3124]
[MD5.6877258ACB29024D4681BC4FE8B63E8D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8020480] [PID.2004]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Chef\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\6k26nbsu.default\prefs.js
C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 25 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [UserFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [GAINWARD] . (.Gainward Co. - EXPERTool : Display Control Panel.) -- C:\Program Files\EXPERTool\TBPanel.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Chef\Application Data\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\.DEFAULT\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (.not file.)
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] Clé orpheline
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [RocketDock] . (...) -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [GAINWARD] . (.Gainward Co. - EXPERTool : Display Control Panel.) -- C:\Program Files\EXPERTool\TBPanel.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Chef\Application Data\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ((no name)) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1205421076527
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 212.27.54.252 212.27.53.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Autodata Limited License Service (Autodata Limited License Service) . (.Pas de propriétaire - System Level Service Utility.) - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
~ Services: 10 Legitimates Filtered in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Chef\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Chef\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk /r \??\N:) - File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\N:) - File not found
~ BEX: 3 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job [1082]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [220]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [214]
~ Scheduled Task: 9 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: BangBang Manager - (.RallyeSim.) [HKLM] -- BangBang Manager_is1
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {BC5F0435-BB76-46AE-A070-ED6A9ED01D79} =>Adware.IMBooster
O42 - Logiciel: RSRBR2014 - (.RallyeSim.) [HKLM] -- RSRBR_v2014_is1
O42 - Logiciel: Richard Burns Rally - (...) [HKLM] -- {92C7D009-A464-4948-A980-7A3E28CB2F49}
O42 - Logiciel: SoundsManager - (.RallyeSim.) [HKLM] -- Sounds_Manager_is1
~ Logic: 34 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\SendReplays]
[HKCU\Software\SkinManager2]
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]
[HKLM\Software\3DManager]
[HKLM\Software\AUTODATA]
[HKLM\Software\PaceNotesManager]
[HKLM\Software\Scenalyzer]
[HKLM\Software\SendReplays]
[HKLM\Software\SetupManager2]
[HKLM\Software\SkinManager2]
[HKLM\Software\SystemCheck]
~ Key Software: 333 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/03/2008 - 21:45:45 - [] ---AD C:\Program Files\Audio
O43 - CFD: 01/03/2010 - 21:28:32 - [] ----D C:\Program Files\_jvm
O43 - CFD: 31/03/2010 - 09:28:06 - [] -SH-D C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 02/01/2010 - 21:11:33 - [] ----D C:\Documents and Settings\Chef\Application Data\LimeWire
O43 - CFD: 11/11/2012 - 13:07:09 - [] ----D C:\Documents and Settings\Chef\Application Data\Shareaza
O43 - CFD: 23/05/2011 - 22:35:09 - [] ----D C:\Documents and Settings\Chef\Local Settings\Application Data\Nicolas_Séveno
O43 - CFD: 01/11/2011 - 10:15:06 - [] ----D C:\Documents and Settings\Chef\Local Settings\Application Data\Shareaza
~ Program Folder: 254 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3289630FE016C1EA87F38DF1C707BEB5] - 01/06/2014 - 12:00:06 ---A- . (...) -- C:\version.txt [894]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 01/06/2014 - 14:53:08 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\WINDOWS\system32\sqlite3.dll [536576]
O44 - LFC:[MD5.FA4D5755AFD0A2395E9514A5B18C62BE] - 01/06/2014 - 14:56:37 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.972689670A2EE4D41EF528D76817A8AE] - 01/06/2014 - 14:56:37 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.C779F047FD138B4F31A85FCA83CAFC77] - 01/06/2014 - 15:00:24 ---A- . (...) -- C:\WINDOWS\system32\nvAppTimestamps [1692]
O44 - LFC:[MD5.74AFE0692CD319595B1C46BFEA4863BD] - 19/05/2014 - 20:09:09 ---A- . (.Chilkat Software, Inc. - Chilkat FTP2 ActiveX Component.) -- C:\WINDOWS\system32\ChilkatFtp2.dll [2276352]
O44 - LFC:[MD5.BDB66D051344C612F534DE896B33BED6] - 30/05/2014 - 08:45:15 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb1.bin [1127544]
O44 - LFC:[MD5.77A7DF097636A07405998E384DB8EB7A] - 30/05/2014 - 08:45:19 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb0.bin [1127544]
O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 30/05/2014 - 08:45:19 ---A- . (...) -- C:\WINDOWS\system32\nvdrssel.bin [1]
O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 30/05/2014 - 13:34:52 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
~ Files: 34 Legitimates Filtered in 00mn 23s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.C615563C48E88CE96193E97DF4CC3202] - 01/06/2014 - 14:59:30 ---A- - C:\WINDOWS\Prefetch\UTORRENT.EXE-09A8B288.pf =>P2P.µTorrent
~ Prefetcher: 1 Legitimates Filtered in 00mn 00s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Chef\Local Settings\Temp\Rar$EX00.609\Memo.exe" [Enabled] .(...) -- C:\Documents and Settings\Chef\Local Settings\Temp\Rar$EX00.609\Memo.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Chef\Local Settings\Temp\uttB.tmp.exe" [Enabled] .(...) -- C:\Documents and Settings\Chef\Local Settings\Temp\uttB.tmp.exe (.not file.)
~ Keys Export: 22 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{27e36588-52de-11de-99f9-001bfcfbb488}\AutoRun\command. (...) -- I:\wd_windows_tools\WDSetup.exe (.not file.)
O51 - MPSK:{87fb0d85-8562-11e0-9fe3-001bfcfbb488}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 01s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:01/07/2009 - 15:43:06 R--A- . (.none - Autodata Licensing System.) -- C:\WINDOWS\system32\Drivers\adatadrv.sys [762112]
O58 - SDL:13/08/2004 - 11:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [5810]
O58 - SDL:11/10/2006 - 04:33:58 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS [10288]
O58 - SDL:17/05/2014 - 13:53:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:17/05/2014 - 13:53:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:17/05/2014 - 13:53:11 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [180632] =>.ALWIL Software
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:08/07/2013 - 18:59:57 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\WINDOWS\system32\Drivers\gfibto.sys [13560]
O58 - SDL:13/04/2008 - 17:36:05 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:07/01/2005 - 17:07:16 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys [145920]
O58 - SDL:20/03/2007 - 10:33:26 ---A- . (.http://libusb-win32.sourceforge.net - LibUSB-Win32 - Kernel Driver.) -- C:\WINDOWS\system32\Drivers\libusb0.sys [28672]
O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
O58 - SDL:03/08/2004 - 21:41:38 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
O58 - SDL:03/08/2004 - 21:29:38 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
O58 - SDL:03/08/2004 - 21:41:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
O58 - SDL:03/08/2004 - 21:41:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
O58 - SDL:03/08/2004 - 21:41:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
O58 - SDL:03/08/2004 - 21:41:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sptd.sys [428088]
O58 - SDL:16/03/2007 - 10:11:38 ---A- . (.Windows (R) 2000 DDK provider - Display Control Program.) -- C:\WINDOWS\system32\Drivers\TBPanel.sys [12256]
O58 - SDL:13/12/2012 - 12:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [45056]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 121 Legitimates Filtered in 00mn 11s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/06/2014 - 16:05:25 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\205gtiv2_MC88_Ballet.exe [1764379]
O61 - LFC: 01/06/2014 - 16:05:25 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\BMW_M3_Patrick_Rouillard.exe [3157492]
O61 - LFC: 01/06/2014 - 16:05:25 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\adwcleaner_3.211.exe [1327971]
O61 - LFC: 01/06/2014 - 16:05:26 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ClioWilliams-Carretero_1-clem66.exe [6402008]
O61 - LFC: 01/06/2014 - 16:05:26 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ClioWilliams-Dessens_1-clem66.exe [5212288]
O61 - LFC: 01/06/2014 - 16:05:27 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\DS3_R3_Officiel.exe [2107282]
O61 - LFC: 01/06/2014 - 16:05:27 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Escort_Brunson_2006.exe [3114596]
O61 - LFC: 01/06/2014 - 16:05:27 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_A6_2_2014.exe [43513343]
O61 - LFC: 01/06/2014 - 16:05:29 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_N4_SW_2014.exe [15786959]
O61 - LFC: 01/06/2014 - 16:05:29 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_R2_2014.exe [45422926]
O61 - LFC: 01/06/2014 - 16:05:31 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_R5_2014.exe [14648456]
O61 - LFC: 01/06/2014 - 16:05:31 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Update_04_RSRBR2014.exe [270260827]
O61 - LFC: 01/06/2014 - 16:05:33 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\JEAN_JOSEPH.exe [3942907]
O61 - LFC: 01/06/2014 - 16:05:35 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\LANCER_EVO_X_Lecureux.M_By_Mr_Panizzi.exe [11372604]
O61 - LFC: 01/06/2014 - 16:05:37 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Mitsubishi_EvoIX_Reconnaissance.exe [2180965]
O61 - LFC: 01/06/2014 - 16:05:38 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ROUSSET.exe [3675688]
O61 - LFC: 01/06/2014 - 16:05:43 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Subaru_N14-A.Aigner-riko.exe [10997336]
O61 - LFC: 01/06/2014 - 16:05:46 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Thomas_Badel_Clio_Williams_F2-14_Final_Oyonnax_2013__arnorallye_Mr_Panizzi_GuiguiWRC.exe [5662335]
O61 - LFC: 01/06/2014 - 16:05:48 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\xsara_kit_car_Bugalski_200.exe [2783702]
O61 - LFC: 29/05/2014 - 16:05:27 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Fix_Audio.exe [359090796]
O61 - LFC: 29/05/2014 - 16:05:31 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Sounds_Manager.exe [1057926]
O61 - LFC: 29/05/2014 - 16:05:37 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ModAudioIni.exe [911360]
~ 104 Fichiers temporaires (Temporary files)
~ 6 Fichiers cookies (Cookies files)
~ Files: 55 Legitimates Filtered in 01mn 43s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 17/05/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 03/11/2009 - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited License Service) .(.Pas de propriétaire - System Level Service Utility.) - LEGACY_AUTODATA_LIMITED_LICENSE_SERVICE
O64 - Services: CurCS - 16/03/2007 - C:\WINDOWS\system32\drivers\TBPANEL.sys (Cardex) .(.Windows (R) 2000 DDK provider - Display Control Program.) - LEGACY_CARDEX
O64 - Services: CurCS - 08/11/2013 - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (nvUpdatusService) .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) - LEGACY_NVUPDATUSSERVICE
~ Legacy: 153 Legitimates Filtered in 00mn 02s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <WOOBrowser.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part1\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part2\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part3\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part4\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\BigGui\bigGUI.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\BigGui\ImpBIG.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Rugby_2008.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\vty-esr8\Rugby08.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd.rar =>.Crack,Keygen
~ Files: Scanned in 04mn 54s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][03/05/2014] (...) -- C:\Documents and Settings\Chef\Bureau\Install_Pack_ALL_Packs_2014.exe [1043637702]
[MD5.0C56A762B6EF71C4E66FA0AB08ED4634] [SPRF][01/03/2010] (...) -- C:\Program Files\dialogysclip.bat [63]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5340F5CB67BBEA640A07DEA6E90DD197" . (.Iminent.) -- C:\WINDOWS\Installer\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}\imbooster.ico =>Adware.IMBooster
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:167b88b4="x%8c%c7v%ae%60%c6%14%89%91%b4oI%3f%d0.%c2%c79%b7o%3f%06%cf%d2xj%ea%0e3%c2%08%28D%92K%29%b8%3e%0cHz%80A_%ce%e5%ae"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:2819d2ba="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:2f5dc75="%15%aao%dc4%04o%05"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:3854b8a6="%ed%93=%c6%dd%f3%16%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:4bcea63d="%2c%29%210%a0%2cI%c9%d4%25%e2%7b%21%cc%05%b7%9a%5c%81%11%a1%cb%9b%0a%2f%a2%04%c8%ca%7fs%90%af%13%d3%9dW%9a%23%89%d1I%
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:568d2252="h%10%a5%895%13%8b%c1I%7d%0f%f4%e3-%a9%ba%d2%d8a%0b%0fM%94%b5%15%fb%10%ee%2f%9e%87%90%c0%bd%f0%f1%c8+%0d%ef%cc4R%7f%a7
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:56ce4d0d="kt%d3%adW7@%8a"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:5ee5f46="kt%d3%adW7@%8a"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:89aedc31="tb%b7%f7Y*%fat%d4%ec%d02%cb%3f%d5%91"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:97b5fa41="%60%01%d3%b8%9a%87%21%eb%a4f%19%b5%9b%60%92%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:=""
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:a76ed395="%e73%2c%c0%05%a4a%b9"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:a7966986="p%8a%05%bd%11-%27%05.%ab%0c%85%24%dfqI"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:a7c499ab="kt%d3%adW7@%8a"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:aa9e377a="H5%83n%014%0dL%7d%28%bf%ad%ba%e2%09h"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:b308e13d="%ed%93=%c6%dd%f3%16%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:bf1cd3c3="%d4%01%84%e8%fa%e0%ae%bb"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:ccf3978b="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:cdbdeaa8="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:ee6e5e89="%14%0f%81%cf%bd%00i%87%16%bd%8c+%c5%bc%99%a3%ba%ac%aek%7b%e2%0f%84%aa%2c%28%1b%d5%83%02h*%86b%bc%ef%eb=%d6%00%80W%b5%
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:ef4e1b6="%60%01%d3%b8%9a%87%21%eb%a4f%19%b5%9b%60%92%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:f75641ea="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:f92f3e70="D%ces%ce%a9%8a%3e%2f"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 17/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 13/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 29/06/2007 800040 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 08/02/2007 212480 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 03/11/2009 68608 | (Autodata Limited License Service) . (...) - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
SR - | Auto 17/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 21/02/2014 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 24/09/2012 153584 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Demand 27/06/2007 279848 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
SR - | Auto 11/11/2013 156960 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 08/11/2013 1914656 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
~ Services: Scanned in 00mn 11s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Chef at 01/06/2014 16:11:12
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\sptd.sys
1 ntkrnlpa!IofCallDriver[0x804EF200] >> \Device\Harddisk0\DR0[0x8B58BAB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 14 Legitimates Filtered in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Chef at 01/06/2014 16:11:14
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sptd.sys [428088]
~ Emulateurs: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (31/05/2014)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}] =>Adware.IMBooster^
[HKLM\Software\Classes\CLSID\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14BC640-4070-47C6-94E4-24E70D1A1800}] =>Adware.AdRotator
[HKLM\Software\Google\Chrome\Extensions\cefhbpnokonbkocpbpbglkkbhnfflpel] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Quax] =>Adware.Cpmsky
[HKLM\Software\Classes\Installer\Features\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster
[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Documents and Settings\Chef\Application Data\uTorrent\uTorrent.exe =>P2P.BitTorrent^
[HKCU\Software\BitComet] =>P2P.BitComet^
~ Additionnel Scan: 453551 Items scanned in 00mn 30s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/26601630-adware-adrotator =>Adware.AdRotator
http://nicolascoolman.fr/pup-mediafinder =>PUP.MediaFinder
~ MSI: 4 link(s) detected in 00mn 00s



~ 1093 Legitimates filtered by white list
End of the scan (651 lines in 09mn 01s)(9)

Jéré34
 Posté le 01/06/2014 à 16:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
poussebois a écrit :

,

Tu es infecté par le cheval de Troie BHO.

Postes le 3ème rapport demandé : ZHPDiag et attends qu'un membre du Groupe Sécurité te prenne en charge.

D ou peut provenir ce cheval de troie bho?

Par contre cela peut il etre une raison de plantage du plugin shockwave?

poussebois
 Posté le 01/06/2014 à 16:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Maître astucien

,

D ou peut provenir ce cheval de troie bho?

Probablement d'un téléchargement non fiable.

Quant au plugin Shockwave, j'ignore si son plantage est lié à BHO. Peut-être ...

As-tu la dernière version et l'as-tu téléchargé sur le site de l'éditeur ?

Maintenant que tu as posté les 3 rapports, tu n'as plus qu'à attendre qu'un membre du Groupe Sécurité te prenne en charge.

Publicité
Jéré34
 Posté le 01/06/2014 à 16:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Ou puis je trouver la derniere version de shock wave?

Par contre j utilise mozillla comme navigateur, je veux par exemple faire la mise a jour de ma carte graphique nvidia ge force 430 , je clique sur le lien et une page internet explorer s ouvre, mais elle reste blanche et vide, pourquoi?



Modifié par Jéré34 le 01/06/2014 16:45
Mr_Jo
 Posté le 01/06/2014 à 17:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

what is that? :

-\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part1\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part2\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part3\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\Audio.part4\Audio\nzh.dat =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\BigGui\bigGUI.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Patch Fr Rugby 08\BigGui\ImpBIG.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\Rugby_2008.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd\vty-esr8\Rugby08.exe =>.Crack,Keygen
C:\Program Files\EA SPORTS(TM) Rugby 08\Rugby_2008_serial_keygenerateur_patch-fr_exe-no-cd.rar =>.Crack,Keygen
~ Files: Scanned in 04mn 54s

Jéré34
 Posté le 01/06/2014 à 17:39 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Un vieux jeu installer, sa pose soucis?

Ekalb
 Posté le 02/06/2014 à 08:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Maître astucien

Bonjour,

Oui ! car les membres du G.S. refusent de prendre

en charge une machine avec des cracks !

Ils ont bien raison, je les en félicite.



Modifié par Ekalb le 02/06/2014 08:42
Jéré34
 Posté le 02/06/2014 à 20:38 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

ok,c est un ami qui me l avait installer il y a quelques années, je peux sans soucis le désinstaller car cela fait 2/3 ans que je ne joue plus a ce jeu.

Si du coup je ne dois plus recevoir d aide de votre part je le comprendrai bien évidemment et je quitterai ce forum

poussebois
 Posté le 03/06/2014 à 10:09 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Maître astucien

Bonjour ,

Les membres du G.S. refusent de prendre en charge une machine avec des cracks !

Oui, mais si tu les supprimes, le refus est levé.

Puisque tu es d'accord pour le supprimer, tu le fais, et après, tu refais la procédure complète avec l'envoi des 3 fichiers.

Un membre du Groupe Sécurité te prendra alors sans doute en charge.

@ +

Jéré34
 Posté le 03/06/2014 à 20:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

ok j essaye de faire sa dans les jours qui arrivent, plus trop de temps pour ce soir ;)

Par contre je viens de regarder, je ne trouve pas de trace du jeu quand je passe par le panneau de config > suppression de programme, j efface juste le dossier du jeu ?



Modifié par Jéré34 le 03/06/2014 20:06
Anonyme
 Posté le 03/06/2014 à 20:09 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien
Jéré34 a écrit :

ok j essaye de faire sa dans les jours qui arrivent, plus trop de temps pour ce soir ;)

Par contre je viens de regarder, je ne trouve pas de trace du jeu quand je passe par le panneau de config > suppression de programme, j efface juste le dossier du jeu ?

Bonsoir

cherchez dans le dossier noté en rouge si vous voyez pas un fichier uninstall.exe

C:\Program Files\EA SPORTS(TM) Rugby 08

Australien

Publicité
Jéré34
 Posté le 03/06/2014 à 20:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir , j ai cliquer sur ce fichier unistall.exe et rien ne se passe, j ai effacer le fichier, qui n est pas dans la corbeille car trop volumineux, je vais faire les analyses demande finalement.

Jéré34
 Posté le 03/06/2014 à 20:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 03/06/2014
Heure de l'examen: 20:44:37
Fichier journal: MBAM.txt
Administrateur: Oui

Version: 2.00.2.1012
Base de données Malveillants: v2014.06.03.06
Base de données Rootkits: v2014.06.02.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Self-protection: Désactivé(e)

Système d'exploitation: Windows XP Service Pack 3
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Chef

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 313126
Temps écoulé: 6 min, 38 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristics: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [16fc0371106b84b286da5b5921e121df],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [d33fb8bcf18a1125da910bbfe12251af],

Valeurs du Registre: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1V2X1Q1R1M1F, , [d33fb8bcf18a1125da910bbfe12251af]

Données du Registre: 2
PUP.Optional.Speedial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://speedial.com/?f=1&a=spd_tele_14_22_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0C0F0B0ByEzzzzyD0FyBtDtN0D0Tzu0SzzzztAtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzz0EtCyC0A0EzytG0FyD0AyCtG0A0D0ByCtG0EyD0EtBtGyByDtD0ByCzzyD0E0DyEtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EtC0D0D0FyDyDtGtCzz0EtAtGyB0D0EzytG0EtAtD0BtGtA0A0AzytAyCyB0C0F0AzytA2Q&cr=302413867&ir=, Bon: (www.google.com), Mauvais: (http://speedial.com/?f=1&a=spd_tele_14_22_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0C0F0B0ByEzzzzyD0FyBtDtN0D0Tzu0SzzzztAtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzz0EtCyC0A0EzytG0FyD0AyCtG0A0D0ByCtG0EyD0EtBtGyByDtD0ByCzzyD0E0DyEtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EtC0D0D0FyDyDtGtCzz0EtAtGyB0D0EzytG0EtAtD0BtGtA0A0AzytAyCyB0C0F0AzytA2Q&cr=302413867&ir=),,[33df70048deec76fbbef3924f70dd22e]
PUP.Optional.Speedial.A, HKU\S-1-5-21-725345543-682003330-839522115-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://speedial.com/?f=1&a=spd_tele_14_22_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0C0F0B0ByEzzzzyD0FyBtDtN0D0Tzu0SzzzztAtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzz0EtCyC0A0EzytG0FyD0AyCtG0A0D0ByCtG0EyD0EtBtGyByDtD0ByCzzyD0E0DyEtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EtC0D0D0FyDyDtGtCzz0EtAtGyB0D0EzytG0EtAtD0BtGtA0A0AzytAyCyB0C0F0AzytA2Q&cr=302413867&ir=, Bon: (www.google.com), Mauvais: (http://speedial.com/?f=1&a=spd_tele_14_22_ie&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0C0F0B0ByEzzzzyD0FyBtDtN0D0Tzu0SzzzztAtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzz0EtCyC0A0EzytG0FyD0AyCtG0A0D0ByCtG0EyD0EtBtGyByDtD0ByCzzyD0E0DyEtD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EtC0D0D0FyDyDtGtCzz0EtAtGyB0D0EzytG0EtAtD0BtGtA0A0AzytAyCyB0C0F0AzytA2Q&cr=302413867&ir=),,[19f9056f79029d99179485d8ff059e62]

Dossiers: 24
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US, , [65adf97b65160036eaafa0eeb84aad53],

Fichiers: 138
PUP.Optional.InstallCore, C:\Documents and Settings\Chef\Local Settings\Temp\ICReinstall_ccsetup414.exe, , [b55d452fd8a32313b506ed6e32d2b14f],
PUP.Optional.InstallCore, C:\Documents and Settings\Chef\Local Settings\Temp\U6HrA7hh.exe.part, , [848e5e16bcbf79bd2c8f72e96e96e020],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\6k26nbsu.default\searchplugins\Speedial.xml, , [7d95e88c4d2ebc7a1d015548c141ce32],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\bootstrap.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\chrome.manifest, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\install.rdf, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.9.5.5.jsm, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\browser.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.9.5.5.jsm, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\timer.jsm, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_de.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en-gb.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en_us.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_fr.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_he.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_it.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_pt-br.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_ru.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_tr.json, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\crypto-js.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery-2.1.0.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.autocomplete.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.balloon.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.fittext.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.Jcrop.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.simplecolorpicker.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\mustache.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\string.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\underscore-min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.min.js, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\foundation.min.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\indicator.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\Jcrop.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.autocomplete.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.Jcrop.min.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.simplecolorpicker.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\normalize.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow-gallery-cat-selected.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\emptyArea.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery_templates.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\icon-gallery-search.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\not_available_32.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\plus.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\X.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\16.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\48.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\64.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\_16.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\buttons.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\footer.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\header.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\list.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\newtab.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\search.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\themes.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-2.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-bar.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-medium.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-small.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader.gif, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-footer.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-header.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\attachment.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\close.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\edit-button.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-chrome.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-edit.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-layout.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-plus.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-theme.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v_white.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\provider.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\x-button.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\arab_tile.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\batthern_@2X.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\dark_wood_@2X.jpg, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\diagonal_striped_brick.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\escheresque_ste_@2X.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\gold_scale.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\purty_wood_@2X.jpg, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\readme.txt, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\starring_@2X.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\weave_@2X.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\woven.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\list.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\menu.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\activetabs.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\favorites.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\layout.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-add.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-edit.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-group.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\readitlater.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\recentlyclosed.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\theme.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\webapps.css, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\bookmarks.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\download.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloads.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloas.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\extensions.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\history.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\settings.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\trash.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\empty.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\error.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\shadow.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\contactus.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\facebook.ico, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\rateus.png, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\twitter.ico, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\activetabs.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\favorites.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\layout.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-add.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-edit.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-group.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_content.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_menu.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\recentlyclosed.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\theme.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps_contextmenu.html, , [65adf97b65160036eaafa0eeb84aad53],
PUP.Optional.Speedial.A, C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US\translations.dtd, , [65adf97b65160036eaafa0eeb84aad53],

Secteurs physiques: 0
(No malicious items detected)


(end)

Jéré34
 Posté le 03/06/2014 à 21:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

# AdwCleaner v3.211 - Rapport créé le 03/06/2014 à 20:58:58
# Mis à jour le 26/05/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Chef - MOI-6669CFEA352
# Exécuté depuis : C:\Documents and Settings\Chef\Mes documents\Téléchargements\adwcleaner_3.211(1).exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Fichier Supprimé : C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\6k26nbsu.default\user.js
Fichier Supprimé : C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\user.js

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKCU\Software\AppDataLow\Software

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v29.0.1 (fr)

[ Fichier : C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\6k26nbsu.default\prefs.js ]


[ Fichier : C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\prefs.js ]


-\\ Google Chrome v

[ Fichier : C:\Documents and Settings\Chef\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [99671 octets] - [17/05/2014 14:42:25]
AdwCleaner[R1].txt - [1314 octets] - [01/06/2014 15:52:39]
AdwCleaner[R2].txt - [1754 octets] - [03/06/2014 20:53:37]
AdwCleaner[S0].txt - [100993 octets] - [17/05/2014 14:43:45]
AdwCleaner[S1].txt - [1376 octets] - [01/06/2014 15:54:26]
AdwCleaner[S2].txt - [1679 octets] - [03/06/2014 20:58:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1739 octets] ##########

Jéré34
 Posté le 03/06/2014 à 21:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

~ Rapport de ZHPDiag v2014.5.31.79 - Nicolas Coolman (31/05/2014)
~ Lancé par Chef (03/06/2014 21:04:59)
~ Adresse du Site Web http://nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 29.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware version 2.0.2.1012

---\\ Logiciels d'optimisation du système
CCleaner v4.14

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3583 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 303 GB (65%) free of 466 GB

---\\ Mode de connexion au système
~ Computer Name: MOI-6669CFEA352
~ User Name: Chef
~ All Users Names: UpdatusUser, SUPPORT_388945a0, HelpAssistant, Chef, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Chef\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Chef\Application Data\
~ %Desktop% : C:\Documents and Settings\Chef\Bureau\
~ %Favorites% : C:\Documents and Settings\Chef\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Chef\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Chef\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 303 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 45 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.5158A1C542A355B3A67E59538BBD894D] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [3200000]
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/03/2014 - 18:58:52.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2697
~ Mes musiques (My Musics) : 1/687
~ Mes Videos (My Videos) : 1/34
~ Mes Favoris (My Favorites) : 0/76
~ Mes Documents (My Documents) : 1/4975
~ Mon Bureau (My Desktop) : 1/57
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 25s



---\\ Processus lancés
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1800]
[MD5.76B04173A13A045523FD10DB483E2B25] - (.Pas de propriétaire - System Level Service Utility.) -- C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe [68608] [PID.960]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.988]
[MD5.691B9B7C0CC1653732717D292D6B305D] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153584] [PID.1836]
[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.384]
[MD5.4F45ED469906494F9BF754E476390DBD] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472] [PID.816]
[MD5.BB4D46468EA1F4B53FDFD3933AC133FC] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 331.8.) -- C:\WINDOWS\system32\nvsvc32.exe [156960] [PID.128]
[MD5.815290E27B7B7D12AF013638819BE1B6] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1914656] [PID.892]
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.1916]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2956]
[MD5.32C139FC0363681804EFF9394CD6B1B8] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16126464] [PID.820]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648] [PID.1376]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\RUNDLL32.exe [0] [PID.1624]
[MD5.E6D9D561DC70442E1371C6A90F0CABCD] - (...) -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe [344064] [PID.2116]
[MD5.86F0D0B3A07C142C81DAB47E8495A822] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [152872] [PID.2124]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.2136]
[MD5.A6455ADF66EE2FDD53B81AAE74F40C4C] - (.Microsoft Corporation - SQL Server Service Manager.) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [74308] [PID.2248]
[MD5.A328A46D87BB92CE4D8A4528E9D84787] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [279848] [PID.3752]
[MD5.FFBD5650348D4F9E0AA8E72938DC6478] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe [1213736] [PID.4076]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.3280]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2584]
[MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.3024]
[MD5.6877258ACB29024D4681BC4FE8B63E8D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8020480] [PID.3008]
[MD5.865DCB70BCC584CA22FFC3C563083247] - (.Microsoft Corporation - Contrôle du volume.) -- C:\WINDOWS\system32\SNDVOL32.exe [418304] [PID.3076]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Chef\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\6k26nbsu.default\prefs.js
C:\Documents and Settings\Chef\Application Data\Mozilla\Firefox\Profiles\j5iomdl2.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 19 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [UserFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (.not file.)
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] Clé orpheline
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [RocketDock] . (...) -- C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-725345543-682003330-839522115-1004\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} ((no name)) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1205421076527
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 212.27.54.252 212.27.53.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8FC9007F-DA7B-4EDE-9848-7ADA4E68CBAA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Autodata Limited License Service (Autodata Limited License Service) . (.Pas de propriétaire - System Level Service Utility.) - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
~ Services: 10 Legitimates Filtered in 00mn 07s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Chef\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Chef\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk /r \??\N:) - File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\N:) - File not found
~ BEX: 3 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job [1082]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [220]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [214]
~ Scheduled Task: 8 Legitimates Filtered in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gt) . (.StdLib - StdLib.) - C:\WINDOWS\system32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gt.sys =>PUP.LinkiDoo
~ Drivers: 72 Legitimates Filtered in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {BC5F0435-BB76-46AE-A070-ED6A9ED01D79} =>Adware.IMBooster
O42 - Logiciel: RSRBR2014 - (.RallyeSim.) [HKLM] -- RSRBR_v2014_is1
O42 - Logiciel: Richard Burns Rally - (...) [HKLM] -- {92C7D009-A464-4948-A980-7A3E28CB2F49}
O42 - Logiciel: SoundsManager - (.RallyeSim.) [HKLM] -- Sounds_Manager_is1
~ Logic: 32 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\SendReplays]
[HKCU\Software\SkinManager2]
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]
[HKLM\Software\3DManager]
[HKLM\Software\AUTODATA]
[HKLM\Software\PaceNotesManager]
[HKLM\Software\Scenalyzer]
[HKLM\Software\SendReplays]
[HKLM\Software\SetupManager2]
[HKLM\Software\SkinManager2]
[HKLM\Software\SystemCheck]
~ Key Software: 299 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/03/2008 - 21:45:45 - [] ---AD C:\Program Files\Audio
O43 - CFD: 01/03/2010 - 21:28:32 - [] ----D C:\Program Files\_jvm
O43 - CFD: 31/03/2010 - 09:28:06 - [] -SH-D C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 02/01/2010 - 21:11:33 - [] ----D C:\Documents and Settings\Chef\Application Data\LimeWire
O43 - CFD: 11/11/2012 - 13:07:09 - [] ----D C:\Documents and Settings\Chef\Application Data\Shareaza
O43 - CFD: 23/05/2011 - 22:35:09 - [] ----D C:\Documents and Settings\Chef\Local Settings\Application Data\Nicolas_Séveno
O43 - CFD: 01/11/2011 - 10:15:06 - [] ----D C:\Documents and Settings\Chef\Local Settings\Application Data\Shareaza
~ Program Folder: 242 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3289630FE016C1EA87F38DF1C707BEB5] - 01/06/2014 - 12:00:06 ---A- . (...) -- C:\version.txt [894]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 01/06/2014 - 14:53:08 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\WINDOWS\system32\sqlite3.dll [536576]
O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 03/06/2014 - 06:08:27 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.0E857244651258D3848F9B3AFE1ACD3F] - 03/06/2014 - 20:00:16 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.9871DA6CFD5A96AD13F3BB1AF50A74F7] - 03/06/2014 - 20:00:16 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.4C5FB9D988ADB391D422E85029ED5505] - 03/06/2014 - 20:03:58 ---A- . (...) -- C:\WINDOWS\system32\nvAppTimestamps [3132]
O44 - LFC:[MD5.67FFC93F90FA5C44464502678B15E17B] - 22/05/2014 - 17:24:40 ---A- . (.StdLib - StdLib.) -- C:\WINDOWS\system32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gt.sys [55232] =>PUP.LinkiDoo
O44 - LFC:[MD5.BDB66D051344C612F534DE896B33BED6] - 30/05/2014 - 08:45:15 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb1.bin [1127544]
O44 - LFC:[MD5.77A7DF097636A07405998E384DB8EB7A] - 30/05/2014 - 08:45:19 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb0.bin [1127544]
O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 30/05/2014 - 08:45:19 ---A- . (...) -- C:\WINDOWS\system32\nvdrssel.bin [1]
~ Files: 32 Legitimates Filtered in 00mn 23s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.6D34083DA0EEF986F6AA2C761689AD59] - 01/06/2014 - 16:00:08 ---A- - C:\WINDOWS\Prefetch\SPEEDIAL.EXE-0AB8BFEC.pf =>Adware.Adware.SearchYa
O45 - LFCP:[MD5.0F12E2EB386F4F1BC965370F6D24644E] - 01/06/2014 - 15:53:42 ---A- - C:\WINDOWS\Prefetch\UTORRENT.EXE-09A8B288.pf =>P2P.µTorrent
~ Prefetcher: 2 Legitimates Filtered in 00mn 00s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Chef\Local Settings\Temp\Rar$EX00.609\Memo.exe" [Enabled] .(...) -- C:\Documents and Settings\Chef\Local Settings\Temp\Rar$EX00.609\Memo.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Chef\Local Settings\Temp\uttB.tmp.exe" [Enabled] .(...) -- C:\Documents and Settings\Chef\Local Settings\Temp\uttB.tmp.exe (.not file.)
~ Keys Export: 20 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{27e36588-52de-11de-99f9-001bfcfbb488}\AutoRun\command. (...) -- I:\wd_windows_tools\WDSetup.exe (.not file.)
O51 - MPSK:{87fb0d85-8562-11e0-9fe3-001bfcfbb488}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 01s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:01/07/2009 - 15:43:06 R--A- . (.none - Autodata Licensing System.) -- C:\WINDOWS\system32\Drivers\adatadrv.sys [762112]
O58 - SDL:13/08/2004 - 11:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [5810]
O58 - SDL:11/10/2006 - 04:33:58 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS [10288]
O58 - SDL:17/05/2014 - 13:53:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:17/05/2014 - 13:53:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:17/05/2014 - 13:53:11 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [180632] =>.ALWIL Software
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:08/07/2013 - 18:59:57 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\WINDOWS\system32\Drivers\gfibto.sys [13560]
O58 - SDL:13/04/2008 - 17:36:05 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:07/01/2005 - 17:07:16 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys [145920]
O58 - SDL:20/03/2007 - 10:33:26 ---A- . (.http://libusb-win32.sourceforge.net - LibUSB-Win32 - Kernel Driver.) -- C:\WINDOWS\system32\Drivers\libusb0.sys [28672]
O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
O58 - SDL:03/08/2004 - 21:41:38 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
O58 - SDL:03/08/2004 - 21:29:38 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
O58 - SDL:03/08/2004 - 21:41:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
O58 - SDL:03/08/2004 - 21:41:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
O58 - SDL:03/08/2004 - 21:41:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
O58 - SDL:03/08/2004 - 21:41:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sptd.sys [428088]
O58 - SDL:13/12/2012 - 12:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [45056]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:22/05/2014 - 17:24:40 ---A- . (.StdLib - StdLib.) -- C:\WINDOWS\system32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gt.sys [55232] =>PUP.LinkiDoo
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 121 Legitimates Filtered in 00mn 11s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/06/2014 - 21:07:36 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\205gtiv2_MC88_Ballet.exe [1764379]
O61 - LFC: 01/06/2014 - 21:07:36 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\adwcleaner_3.211.exe [1327971]
O61 - LFC: 01/06/2014 - 21:07:37 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\BMW_M3_Patrick_Rouillard.exe [3157492]
O61 - LFC: 01/06/2014 - 21:07:37 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ClioWilliams-Carretero_1-clem66.exe [6402008]
O61 - LFC: 01/06/2014 - 21:07:37 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ccsetup414.exe [605560]
O61 - LFC: 01/06/2014 - 21:07:38 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ClioWilliams-Dessens_1-clem66.exe [5212288]
O61 - LFC: 01/06/2014 - 21:07:38 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\DS3_R3_Officiel.exe [2107282]
O61 - LFC: 01/06/2014 - 21:07:38 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Escort_Brunson_2006.exe [3114596]
O61 - LFC: 01/06/2014 - 21:07:39 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\install_flashplayer13x32_mssd_aaa_aih.exe [605560]
O61 - LFC: 01/06/2014 - 21:07:39 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_A6_2_2014.exe [43513343]
O61 - LFC: 01/06/2014 - 21:07:40 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_N4_SW_2014.exe [15786959]
O61 - LFC: 01/06/2014 - 21:07:40 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_R2_2014.exe [45422926]
O61 - LFC: 01/06/2014 - 21:07:42 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\JEAN_JOSEPH.exe [3942907]
O61 - LFC: 01/06/2014 - 21:07:42 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Pack_R5_2014.exe [14648456]
O61 - LFC: 01/06/2014 - 21:07:42 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Update_04_RSRBR2014.exe [270260827]
O61 - LFC: 01/06/2014 - 21:07:43 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\LANCER_EVO_X_Lecureux.M_By_Mr_Panizzi.exe [11372604]
O61 - LFC: 01/06/2014 - 21:07:45 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Mitsubishi_EvoIX_Reconnaissance.exe [2180965]
O61 - LFC: 01/06/2014 - 21:07:45 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ROUSSET.exe [3675688]
O61 - LFC: 01/06/2014 - 21:07:46 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Subaru_N14-A.Aigner-riko.exe [10997336]
O61 - LFC: 01/06/2014 - 21:07:46 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Thomas_Badel_Clio_Williams_F2-14_Final_Oyonnax_2013__arnorallye_Mr_Panizzi_GuiguiWRC.exe [5662335]
O61 - LFC: 01/06/2014 - 21:07:47 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\xsara_kit_car_Bugalski_200.exe [2783702]
O61 - LFC: 03/06/2014 - 21:07:36 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\adwcleaner_3.211(1).exe [1327971]
O61 - LFC: 29/05/2014 - 21:07:38 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Fix_Audio.exe [359090796]
O61 - LFC: 29/05/2014 - 21:07:42 ---A- . (.RallyeSim.) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\Install_Sounds_Manager.exe [1057926]
O61 - LFC: 29/05/2014 - 21:07:45 ---A- . (...) -- C:\Documents and Settings\Chef\Mes documents\Téléchargements\ModAudioIni.exe [911360]
~ 79 Fichiers temporaires (Temporary files)
~ 7 Fichiers cookies (Cookies files)
~ Files: 59 Legitimates Filtered in 01mn 18s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 17/05/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 03/11/2009 - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited License Service) .(.Pas de propriétaire - System Level Service Utility.) - LEGACY_AUTODATA_LIMITED_LICENSE_SERVICE
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 08/11/2013 - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (nvUpdatusService) .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) - LEGACY_NVUPDATUSSERVICE
O64 - Services: CurCS - 22/05/2014 - C:\WINDOWS\system32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gt.sys ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gt) .(.StdLib - StdLib.) - LEGACY_{8CE1C375-1E13-43F7-A4FD-6530F47C4FDE}GT =>PUP.LinkiDoo
~ Legacy: 154 Legitimates Filtered in 00mn 01s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <WOOBrowser.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {31090377-0740-419E-BEFC-A56E50500D5B} - (Speedial) - http://speedial.com =>Adware.Adware.SearchYa
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.B12CE82078523D61B0684185CDF01538] [SPRF][02/06/2014] (...) -- C:\Documents and Settings\Chef\Bureau\AA.reg [15902]
[MD5.0C56A762B6EF71C4E66FA0AB08ED4634] [SPRF][01/03/2010] (...) -- C:\Program Files\dialogysclip.bat [63]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5340F5CB67BBEA640A07DEA6E90DD197" . (.Iminent.) -- C:\WINDOWS\Installer\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}\imbooster.ico =>Adware.IMBooster
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:167b88b4="x%8c%c7v%ae%60%c6%14%89%91%b4oI%3f%d0.%c2%c79%b7o%3f%06%cf%d2xj%ea%0e3%c2%08%28D%92K%29%b8%3e%0cHz%80A_%ce%e5%ae"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:2819d2ba="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:2f5dc75="%15%aao%dc4%04o%05"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:3854b8a6="%ed%93=%c6%dd%f3%16%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:4bcea63d="%2c%29%210%a0%2cI%c9%d4%25%e2%7b%21%cc%05%b7%9a%5c%81%11%a1%cb%9b%0a%2f%a2%04%c8%ca%7fs%90%af%13%d3%9dW%9a%23%89%d1I%
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:568d2252="h%10%a5%895%13%8b%c1I%7d%0f%f4%e3-%a9%ba%d2%d8a%0b%0fM%94%b5%15%fb%10%ee%2f%9e%87%90%c0%bd%f0%f1%c8+%0d%ef%cc4R%7f%a7
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:56ce4d0d="kt%d3%adW7@%8a"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:5ee5f46="kt%d3%adW7@%8a"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:89aedc31="tb%b7%f7Y*%fat%d4%ec%d02%cb%3f%d5%91"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:97b5fa41="%60%01%d3%b8%9a%87%21%eb%a4f%19%b5%9b%60%92%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:=""
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:a76ed395="%e73%2c%c0%05%a4a%b9"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:a7966986="p%8a%05%bd%11-%27%05.%ab%0c%85%24%dfqI"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:a7c499ab="kt%d3%adW7@%8a"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:aa9e377a="H5%83n%014%0dL%7d%28%bf%ad%ba%e2%09h"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:b308e13d="%ed%93=%c6%dd%f3%16%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:bf1cd3c3="%d4%01%84%e8%fa%e0%ae%bb"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:ccf3978b="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:cdbdeaa8="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:ee6e5e89="%14%0f%81%cf%bd%00i%87%16%bd%8c+%c5%bc%99%a3%ba%ac%aek%7b%e2%0f%84%aa%2c%28%1b%d5%83%02h*%86b%bc%ef%eb=%d6%00%80W%b5%
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:ef4e1b6="%60%01%d3%b8%9a%87%21%eb%a4f%19%b5%9b%60%92%87"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:f75641ea="%09%84%db%da%22%c3%00%96"
[HKCU\Software\ea225853-4134-3f75-6f77-497d88c34b90]:f92f3e70="D%ces%ce%a9%8a%3e%2f"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/06/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 13/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 29/06/2007 800040 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 08/02/2007 212480 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 03/11/2009 68608 | (Autodata Limited License Service) . (...) - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
SR - | Auto 17/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 24/09/2012 153584 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Demand 27/06/2007 279848 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
SR - | Auto 11/11/2013 156960 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 08/11/2013 1914656 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
~ Services: Scanned in 00mn 06s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Chef at 03/06/2014 21:12:59
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\sptd.sys
1 ntkrnlpa!IofCallDriver[0x804EF200] >> \Device\Harddisk0\DR0[0x8B572AB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 14 Legitimates Filtered in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Chef at 03/06/2014 21:13:01
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sptd.sys [428088]
~ Emulateurs: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (31/05/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}] =>Adware.IMBooster^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14BC640-4070-47C6-94E4-24E70D1A1800}] =>Adware.AdRotator
[HKLM\Software\Google\Chrome\Extensions\cefhbpnokonbkocpbpbglkkbhnfflpel] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Quax] =>Adware.Cpmsky
[HKLM\Software\Classes\Installer\Features\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster
[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder
[HKCU\Software\BitComet] =>P2P.BitComet^
~ Additionnel Scan: 399903 Items scanned in 00mn 21s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/26601630-adware-adrotator =>Adware.AdRotator
http://nicolascoolman.fr/pup-mediafinder =>PUP.MediaFinder
~ MSI: 5 link(s) detected in 00mn 00s



~ 1061 Legitimates filtered by white list
End of the scan (627 lines in 08mn 24s)(0)

Jéré34
 Posté le 03/06/2014 à 21:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Voici les 3 rapports,

bonne soirée et merci

Jéré34
 Posté le 09/06/2014 à 09:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Pas de réponse, merci de votre aide....

Publicité
Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
recherche tuto pour créer plusieurs comptes Vista
mon ordi a plusieurs soucis, virus?
plusieurs soucis
Rapport pour verifier mon pc car j' ai des soucis.
gros soucis rap. hijackthis (résolu) pour keruak
aide pour un controle ? PC lent
besoin d'aide pour désinfecter un pc
configuration à minima pour être "en sécurité"
Demande d'aide pour une désinféction, svp
besoin d'aide pour désinfection d'un pc
Plus de sujets relatifs à Plusieurs soucis pour mon pc...
 > Tous les forums > Forum Sécurité