¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 18.02.2014.7

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 20:49:35 - 18/02/2014

Mis à jour le : 18/02/2014 | 16.30 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal  

Système : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

Mémoire RAM = Total (MB) : 4106 | Libre (MB) : 2321
Pagefile = Total (MB) : 8210 | Libre (MB) : 5261
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4056

¤¤¤¤¤¤¤¤¤¤ | Mises à jour Windows

Aucune mise à jour détectée !!! 


880 | C:\windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.97.) - (8.17.13.697) -> C:\windows\system32\nvvsvc.exe
1432 | C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.697) -> "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
1444 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.97.) - (8.17.13.697) -> C:\Windows\system32\nvvsvc.exe -session -first
1504 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) -> C:\Windows\System32\spoolsv.exe
1660 | C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
2036 | C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (.Intel Corporation - Bluetooth Device Monitor.) - (1.3.0.117) -> "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
1696 | C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.70.0.0) -> "C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe"
1924 | C:\Program Files (x86)\PDF Architect\HelperService.exe (.pdfforge GmbH - PDF Architect Helper Service.) - (1.0.0.1) -> "C:\Program Files (x86)\PDF Architect\HelperService.exe"
1824 | C:\Program Files (x86)\PDF Architect\ConversionService.exe (.pdfforge GmbH - PDF Architect Conversion Service.) - (1.1.83.9982) -> "C:\Program Files (x86)\PDF Architect\ConversionService.exe"
1308 | C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (. - RichVideo Module.) - (2.0.0.2930) -> "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
2484 | C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.3.24650) -> "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
2876 | C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (.Intel Corporation - Bluetooth OBEX Service.) - (1.3.0.117) -> "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
2180 | C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.3.24650) -> "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
1608 | C:\Windows\system32\taskhost.exe (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) -> "taskhost.exe"
2492 | C:\Users\Malwarebytes' Anti-Malware\mbamgui.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.70.0.0) -> "C:\Users\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
3012 | C:\Windows\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) -> C:\Windows\Explorer.EXE
2572 | C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (.Microsoft Corporation - Microsoft Office Client Virtualization Service .) - (14.0.7101.5000) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
3168 | C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (.Google Inc. - Google Crash Handler.) - (1.3.22.5) -> "C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"
3612 | C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe (.Google Inc. - Google Crash Handler.) - (1.3.22.5) -> "C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"
3564 | C:\Windows\System32\igfxtray.exe (.Intel Corporation - igfxTray Module.) - (8.15.10.2266) -> "C:\Windows\System32\igfxtray.exe" 
3596 | C:\Windows\System32\hkcmd.exe (.Intel Corporation - hkcmd Module.) - (8.15.10.2266) -> "C:\Windows\System32\hkcmd.exe" 
3632 | C:\Windows\System32\igfxpers.exe (.Intel Corporation - persistence Module.) - (8.15.10.2266) -> "C:\Windows\System32\igfxpers.exe" 
3680 | C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.3.7.0) -> "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
3252 | C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.711) -> "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
3544 | C:\Windows\System32\rundll32.exe (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) -> "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
3640 | C:\Program Files\Microsoft Security Client\msseces.exe (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
3260 | C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.697) -> "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
3424 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) -> taskeng.exe {114EE258-09CB-41AC-A91F-52C104E0A178}
3388 | C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (.Samsung - SWMAgent.) - (1.1.39.23) -> "C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe" 
3248 | C:\Users\Kalaya\AppData\Roaming\Spotify\spotify.exe (.Spotify Ltd - Spotify.) - (0.9.7.16) -> "C:\Users\Kalaya\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
1008 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) -> C:\Windows\system32\SearchIndexer.exe /Embedding
3784 | C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (.Intel Corporation - Bluetooth Media Service.) - (1.3.0.119) -> "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
2308 | C:\Users\Kalaya\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (.Spotify Ltd - SpotifyWebHelper.) - (0.9.7.16) -> "C:\Users\Kalaya\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" 
4412 | C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (.McAfee, Inc. - McAfee Security Scanner Scheduler.) - (3.8.141.0) -> "C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe" 
4188 | C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.3.7.0) -> "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 
4776 | C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (.OpenOffice.org - OpenOffice.org 3.4.1.) - (3.4.9593.500) -> "C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
5068 | C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (.OpenOffice.org - OpenOffice.org 3.4.1.) - (3.4.9593.500) -> "C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
4328 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) -> taskeng.exe {A0C69019-5693-40E7-9CB3-27D34506E6E4}
4792 | C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) - (1.0.5.4) -> "C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe" 
4804 | C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (.Samsung Electronics Co., Ltd. - Easy Display Manager.) - (3.2.8.17) -> "C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe" 
4820 | C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (.Samsung Electronics Co., Ltd. - Smart Setting Program.) - (2.3.1.7) -> "C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe" 
4840 | C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (.Samsung Electronics - Easy Speed Up Manager.) - (3.1.1.2) -> "C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe" 
4828 | C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (.CyberLink - YouCam Mirage.) - (1.0.0.602) -> "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" 
4832 | C:\Windows\system32\igfxext.exe (.Intel Corporation - igfxext Module.) - (8.15.10.2266) -> C:\Windows\system32\igfxext.exe -Embedding
4444 | C:\Windows\system32\igfxsrvc.exe (.Intel Corporation - igfxsrvc Module.) - (8.15.10.2266) -> C:\Windows\system32\igfxsrvc.exe -Embedding
4428 | C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (.Intel Corporation - Bluetooth Media Player Controller.) - (1.3.0.117) -> "C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
1728 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"
968 | C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (.Intel Corporation - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter.) - (15.0.0.74) -> "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
3304 | C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (.SEC - Samsung Recovery Solution 5.) - (5.0.1.5) -> "C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe" 
5736 | C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (.Intel(R) Corporation - Intel(R) BlueTooth(R) HS Security Manager Service.) - (15.0.0.7) -> "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
504 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (.Intel Corporation - Local Manageability Service.) - (7.1.13.1088) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
3116 | C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (.Symantec Corporation - Norton Online Backup Service.) - (2.1.17869.0) -> "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
2564 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
6076 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) -> WLIDSvcM.exe 2564
3796 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (.Intel Corporation - User Notification Service.) - (7.1.13.1088) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
5760 | C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe (.SAMSUNG Electronics - SSCKbdHk.) - (1.1.2.7) -> "C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe" 
3552 | C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (.CyberLink - CyberLink MediaLibray Service.) - (2.1.1803.0) -> "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
5156 | C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (.CyberLink Corp. - Media+Player RC Service.) - (10.0.920.0) -> "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
2372 | C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe (.Microsoft Corporation. - Microsoft SeaPort Search Enhancement Broker.) - (7.3.124.0) -> "C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe"
5524 | C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.Mozilla Corporation - Firefox.) - (27.0.1.5156) -> "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
588 | C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (.Mozilla Corporation - Plugin Container for Firefox.) - (27.0.1.5156) -> "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5524.1aa6aa00.911873798 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5524 "\\.\pipe\gecko-crash-server-pipe.5524" plugin
948 | C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) - (12.0.0.44) -> "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe" --proxy-stub-channel=Flash588.674CC768.10044 --host-broker-channel=Flash588.674CC768.920 --host-pid=588 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll"
6124 | C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) - (12.0.0.44) -> "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe" --channel=948.0036F668.1621529413 --proxy-stub-channel=Flash588.674CC768.10044 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll" --host-npapi-version=27 --type=renderer
1928 | C:\Program Files\Microsoft Security Client\MpCmdRun.exe (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey A87C8112-BB4C-E399-8B11-48E04FA6CD02 -Reinvoke

¤¤¤¤¤¤¤¤¤¤ | Services


¤¤¤¤¤¤¤¤¤¤ | Registre

Supprimé avec succès : HKCR\BTToolbar.BTToolbarDeskband
Supprimé avec succès : HKCR\PDFArchitectIEPlugin.PDFIEConverter
Supprimé avec succès : HKCR\AppID\{913e7c84-3d19-4c58-8552-331e0a0d4ffc} : PDFIEPlugin
Supprimé avec succès : HKCR\TypeLib\{78D9250B-1DEB-4469-9B35-591AB7D41CAA} : C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
Supprimé avec succès : HKCR\Interface\{0BC622F2-DE35-4130-8A74-F520B692F446} : {78D9250B-1DEB-4469-9B35-591AB7D41CAA}
Supprimé avec succès : HKLM\Software\Microsoft\Tracing\FindRight_RASAPI32
Supprimé avec succès : HKLM\Software\Microsoft\Tracing\updateFindRight_RASAPI32
Supprimé avec succès : HKLM\Software\Microsoft\Tracing\utilFindRight_RASAPI32
Supprimé avec succès : HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3773B19E-9CAB-4FE5-A42F-ACF3EBF9E4BF} : uTorrentBar_FR Customized Web Search
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\extensions\toolbar@ask.com\chrome\skin\ ask_32x.png
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775] : C:\Program Files (x86)\Ask.com\assets\oobe\b.png
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907] : C:\Program Files (x86)\Ask.com\Updater\Updater.exe
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7C8BBFE1B6F508C478E5CD66A3378F92] : 02:\Software\Microsoft\MSN\Toolbar\Version
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] : C:\Program Files (x86)\Ask.com\TaskScheduler.exe
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] : C:\Program Files (x86)\Ask.com\UpdateTask.exe
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] : C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9F3A106491E58A40805ADDF99C7CC93] : 02:\Software\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f}
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\extensions\toolbar@ask.com\searchplugins\askcom.xml
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] : C:\Program Files (x86)\Ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\extensions\toolbar@ask.com\
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E7E8DD10109CA3D4BB05B71BD375BE1E] : 22:\Software\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f}
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\extensions\toolbar@ask.com\chrome\content\about.js
Supprimé avec succès : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FindRight : C:\Program Files (x86)\FindRight\FindRightuninstall.exe

¤¤¤¤¤¤¤¤¤¤ | Dossiers

Supprimé avec succès : C:\Users\Kalaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8GX3028\toolbar_nd[1].png
Supprimé avec succès : C:\Users\Kalaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9J9G0T1\lyricspage[1]
Supprimé avec succès : C:\Users\Kalaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9J9G0T1\toolbar[1].png
Supprimé avec succès : C:\Users\Kalaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J83ABLBB\conduit[1].png
Supprimé avec succès : C:\Users\Kalaya\AppData\Local\Temp\._msige61\LocalAppData\Google\Custom Buttons\toolbar.google.com_MXE8GT6B9RBHXCGLZ06L.xml
Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\Microsoft\CLView\Toolbars.dat
Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\jetpack
Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\uTorrent\toolbar.benc
Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\uTorrent\toolbar_offer.benc
Supprimé avec succès : C:\Users\Kalaya\Desktop\LAURA\son\Delta Spirit - Yamaha (Fennec &amp; Wolf Edit).mp3
Supprimé avec succès : C:\Users\Kalaya\Desktop\son\Delta Spirit - Yamaha (Fennec &amp; Wolf Edit).mp3
Supprimé avec succès : C:\Users\Kalaya\Desktop\son\Torchess - Pumped up kicks.mp3
Supprimé avec succès : C:\Users\Kalaya\Videos\films\action\babylon ad - dvdrip fr.avi
Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M6NFXKY4\media.benchmark.fr
Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.benchmark.fr

¤¤¤¤¤¤¤¤¤¤ | Détournements de raccourcis

¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 18.02.2014.7

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 21:16:18 - 18/02/2014

Mis à jour le : 18/02/2014 | 16.30 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal  

Système : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

Mémoire RAM = Total (MB) : 4106 | Libre (MB) : 2550
Pagefile = Total (MB) : 8210 | Libre (MB) : 6586
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4055

¤¤¤¤¤¤¤¤¤¤ | Mises à jour Windows

Aucune mise à jour détectée !!! 


884 | C:\windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.97.) - (8.17.13.697) -> C:\windows\system32\nvvsvc.exe
1360 | C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.697) -> "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
1372 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.97.) - (8.17.13.697) -> C:\Windows\system32\nvvsvc.exe -session -first
1504 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) -> taskeng.exe {A4A032CE-67CB-4280-AC87-8E6C6AA5A9DE}
1524 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) -> C:\Windows\System32\spoolsv.exe
1800 | C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
1852 | C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe (.Microsoft Corporation. - BingBar Service.) - (7.3.124.0) -> "C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe"
1880 | C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (.Intel Corporation - Bluetooth Device Monitor.) - (1.3.0.117) -> "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
2032 | C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.70.0.0) -> "C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe"
2096 | C:\Windows\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) -> C:\Windows\Explorer.EXE
2104 | C:\Windows\system32\taskhost.exe (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) -> "taskhost.exe"
2316 | C:\Program Files (x86)\PDF Architect\HelperService.exe (.pdfforge GmbH - PDF Architect Helper Service.) - (1.0.0.1) -> "C:\Program Files (x86)\PDF Architect\HelperService.exe"
2364 | C:\Users\Malwarebytes' Anti-Malware\mbamgui.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.70.0.0) -> "C:\Users\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
2380 | C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (.Google Inc. - Google Crash Handler.) - (1.3.22.5) -> "C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"
2496 | C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe (.Google Inc. - Google Crash Handler.) - (1.3.22.5) -> "C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"
2548 | C:\Program Files (x86)\PDF Architect\ConversionService.exe (.pdfforge GmbH - PDF Architect Conversion Service.) - (1.1.83.9982) -> "C:\Program Files (x86)\PDF Architect\ConversionService.exe"
2616 | C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (. - RichVideo Module.) - (2.0.0.2930) -> "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
2880 | C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.3.24650) -> "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
2900 | C:\Program Files (x86)\Skype\Updater\Updater.exe (.Skype Technologies - Skype Updater Service.) - (5.10.1.44067) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe"
1892 | C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (.Intel Corporation - Bluetooth OBEX Service.) - (1.3.0.117) -> "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
1900 | C:\Windows\System32\igfxtray.exe (.Intel Corporation - igfxTray Module.) - (8.15.10.2266) -> "C:\Windows\System32\igfxtray.exe" 
1240 | C:\Windows\System32\hkcmd.exe (.Intel Corporation - hkcmd Module.) - (8.15.10.2266) -> "C:\Windows\System32\hkcmd.exe" 
1348 | C:\Windows\System32\igfxpers.exe (.Intel Corporation - persistence Module.) - (8.15.10.2266) -> "C:\Windows\System32\igfxpers.exe" 
2440 | C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.3.7.0) -> "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
2404 | C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.3.24650) -> "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
1184 | C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.711) -> "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
2396 | C:\Windows\System32\rundll32.exe (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) -> "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
3096 | C:\Program Files\Microsoft Security Client\msseces.exe (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
3120 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) -> taskeng.exe {E33B8091-E9A4-4BA8-AFE7-A1E241404FD3}
3292 | C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.697) -> "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
3684 | C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (.Samsung - SWMAgent.) - (1.1.39.23) -> "C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe" 
3852 | C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.3.7.0) -> "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 
3384 | C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (.Microsoft Corporation - Microsoft Office Client Virtualization Service .) - (14.0.7101.5000) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
3172 | C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (.Intel Corporation - Bluetooth Media Service.) - (1.3.0.119) -> "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
3468 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) -> C:\Windows\system32\SearchIndexer.exe /Embedding
3472 | C:\Windows\servicing\TrustedInstaller.exe (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) -> C:\Windows\servicing\TrustedInstaller.exe
3632 | C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe (.Samsung Electronics Co., Ltd. - SCCSpeedBoot.) - (1.0.0.10) -> "C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe" /s
3944 | C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) - (1.0.5.4) -> "C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe" 
4040 | C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (.Samsung Electronics Co., Ltd. - Easy Display Manager.) - (3.2.8.17) -> "C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe" 
2172 | C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (.Samsung Electronics Co., Ltd. - Smart Setting Program.) - (2.3.1.7) -> "C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe" 
2328 | C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (.CyberLink - YouCam Mirage.) - (1.0.0.602) -> "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" 
2012 | C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (.Samsung Electronics - Easy Speed Up Manager.) - (3.1.1.2) -> "C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe" 
3836 | C:\Users\Kalaya\AppData\Roaming\Spotify\spotify.exe (.Spotify Ltd - Spotify.) - (0.9.7.16) -> "C:\Users\Kalaya\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
4600 | C:\Windows\system32\igfxext.exe (.Intel Corporation - igfxext Module.) - (8.15.10.2266) -> C:\Windows\system32\igfxext.exe -Embedding
4320 | C:\Windows\system32\igfxsrvc.exe (.Intel Corporation - igfxsrvc Module.) - (8.15.10.2266) -> C:\Windows\system32\igfxsrvc.exe -Embedding
2204 | C:\Users\Kalaya\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (.Spotify Ltd - SpotifyWebHelper.) - (0.9.7.16) -> "C:\Users\Kalaya\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" 
4512 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"
5092 | C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (.Intel Corporation - Bluetooth Media Player Controller.) - (1.3.0.117) -> "C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
4956 | C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (.McAfee, Inc. - McAfee Security Scanner Scheduler.) - (3.8.141.0) -> "C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe" 
1936 | C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (.OpenOffice.org - OpenOffice.org 3.4.1.) - (3.4.9593.500) -> "C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
740 | C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (.OpenOffice.org - OpenOffice.org 3.4.1.) - (3.4.9593.500) -> "C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"

¤¤¤¤¤¤¤¤¤¤ | Services


¤¤¤¤¤¤¤¤¤¤ | Registre

Supprimé avec succès : HKCR\BTToolbar.BTToolbarDeskband.1
Supprimé avec succès : HKCR\PDFArchitectIEPlugin.PDFIEConverter.1
Supprimé avec succès : HKLM\Software\Microsoft\Tracing\FindRight_RASMANCS
Supprimé avec succès : HKLM\Software\Microsoft\Tracing\updateFindRight_RASMANCS
Supprimé avec succès : HKLM\Software\Microsoft\Tracing\utilFindRight_RASMANCS
Supprimé avec succès : HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95BC71B8-DF0C-42A2-98D4-5DD3828FC5CC} : http://websearch.ask.com/redirect?client=ie&tb=PTF&o=15503&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=^LH&apn_dtid=^YYYYYY^YY^FR&apn_uid=af07ead7-6f7c-4845-8c97-747bb3e1634f&apn_sauid=7B00B64C-EF74-40FA-B967-A6BA4AE0A883

¤¤¤¤¤¤¤¤¤¤ | Dossiers


¤¤¤¤¤¤¤¤¤¤ | Détournements de raccourcis


¤¤¤¤¤¤¤¤¤¤ | Détournement internet Explorer

Réparé : [HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_fr_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_686ae4e2d72a4b7a8429606679ee14cb_39_1007_20140217_FR_ie_sp_ -> http://www.google.com/
Réparé : [HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Réparé : [HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> http://go.microsoft.com/fwlink/?LinkId=69157
Réparé : [HKLM\Software\Microsoft\Internet Explorer\AboutURLs]|[Tabs] : http://www.google.com -> res://ieframe.dll/tabswelcome.htm
Réparé : [HKLM64\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
Réparé : [HKLM64\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Réparé : [HKLM64\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> http://go.microsoft.com/fwlink/?LinkId=69157
Réparé : [HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Détournement Google Chrome

[Kalaya] Remis a zéro avec succès : SearchURL
[Kalaya] Remis a zéro avec succès : Preferences

¤¤¤¤¤¤¤¤¤¤ | Détournement Firefox

[Kalaya] Supprimé avec succès : C:\Users\Kalaya\AppData\Roaming\Mozilla\Firefox\Profiles\c3azqbi4.default\sessionstore.js
[Kalaya] Remplacé : user_pref("browser.newtab.url", "http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_fr_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_686ae4e2d72a4b7a8429606679ee14cb_39_1007_20140217_FR_ff_nt_"); -> user_pref("browser.newtab.url", "http://www.google.fr");
[Kalaya] Remplacé : user_pref("browser.search.order.1", "Amazon "); -> user_pref("browser.search.order.1", "google.com");
[Kalaya] Remplacé : user_pref("browser.startup.homepage", "https://www.facebook.com/"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
[Kalaya] Supprimé avec succès : user_pref("extensions.FindRight.aul", "1392712151713");
[Kalaya] Supprimé avec succès : user_pref("extensions.FindRight.is", "isgiwhFR");
[Kalaya] Supprimé avec succès : user_pref("extensions.FindRight.ug", "C17B142C-7E17-4F60-9DAB-9B10D738BC2C");

¤¤¤¤¤¤¤¤¤¤ | Détournement des clés StartMenuInternet

Réparé : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

¤¤¤¤¤¤¤¤¤¤ | AppInit_DLLs



[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

¤¤¤¤¤¤¤¤¤¤ | Détournement Javascript


¤¤¤¤¤¤¤¤¤¤ | Firewall

Réparé : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
Réparé : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
Réparé : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0


¤¤¤¤¤¤¤¤¤¤ | Fichiers temporaires

[All Users] Fichiers temporaires Supprimés : 0 Ko
[Default User] Fichiers temporaires Supprimés : 0 Ko
[Default] Fichiers temporaires Supprimés : 0 Ko
[UpdatusUser] Fichiers temporaires Supprimés : 0 Ko
[Public] Fichiers temporaires Supprimés : 0 Ko
[Kalaya] Fichiers temporaires Supprimés : 204870 Ko
[Malwarebytes' Anti-Malware] Fichiers temporaires Supprimés : 0 Ko


¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤