cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.30.182 par Nicolas Coolman, Update du 30/04/2013
Run by MOHAMMED at 30/04/2013 18:11:14
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 20.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Ultimate Edition, 32-bit (Build 6000)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK

---\\ System Protection
ESET Online Scanner v3

---\\ System Optimizer
CCleaner v3.25

---\\ Peer To Peer (P2P)
�Torrent v3.1.0

---\\ Software Update
Adobe Flash Player 11 ActiveX

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3055 MB (39% free)
System Restore: Activ� (Enable)
System drive C: has 46 GB (62%) free of 74 GB

---\\ Logged in mode
~ Computer Name: AMRANI
~ User Name: MOHAMMED
~ All Users Names: MOHAMMED, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\MOHAMMED\AppData\Roaming\
~ %Desktop% : C:\Users\MOHAMMED\Desktop\
~ %Favorites% : C:\Users\MOHAMMED\Favorites\
~ %LocalAppData% : C:\Users\MOHAMMED\AppData\Local\
~ %StartMenu% : C:\Users\MOHAMMED\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 46 Go of 74 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 75 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 295 Go of 373 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
~ Security Center: 25 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 01:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 01:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioth�que de licences.) (.14/07/2009 - 01:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 23:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 23:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 23:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 23:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 23:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 23:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.14/07/2009 - 01:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 00:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 23:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/07/2009 - 01:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/2094
~ Mes musiques (My Musics) : 2/4
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 1/177
~ Mon Bureau (My Desktop) : 2/81
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lanc�s
[MD5.C3ED032AF1C30F92546A698CC7173605] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3080264] [PID.2256]
[MD5.85A5DB9C8DEFDDE941EC121ADB5B3175] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe [2744960] [PID.2352]
[MD5.F15E6014E812A5E2CD469FCF5682C0E1] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [296056] [PID.2400]
[MD5.E04A8938CDFF49D3B4AEE4D4F80CF48B] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3532224] [PID.2408]
[MD5.4679D9A51C33938BB5AB230E817C36D0] - (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe [735608] [PID.2496] =>P2P.�Torrent
[MD5.F920FBB43C1CDB905044C91B9A3FD516] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18643560] [PID.3364]
[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [263600] [PID.3800]
[MD5.407FE7D64BF0257EC28D8DA8EF77DDA4] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files\Steam\Steam.exe [1631144] [PID.4468]
[MD5.2C32E3E596CFE660353753EABEFB0540] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673048] [PID.5652]
[MD5.BDB7D97012F9B3102DB72AA76A24942A] - (.ESET - ESET Online Scanner container.) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe [546944] [PID.1424]
[MD5.E44242BF9861C118A1DE12E279BF4B1E] - (.Adobe Systems Incorporated - Adobe� Flash� Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe [697272] [PID.788]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.2704]
[MD5.CE0D0B11986FD2C0247AE88A59B36A6E] - (...) -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe [579904] [PID.4168]
[MD5.9313678EC46F3A2E89D3F6377350EEB3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7100928] [PID.176]
[MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\system32\nvvsvc.exe [645992] [PID.696]
[MD5.F0359F7CE712D69ACEF0886BDB4792ED] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382824] [PID.720]
[MD5.C71F2B4D0151CFEDE5D405C5D60B6FCE] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [864616] [PID.1308]
[MD5.C7BB95CF9631AA401E4ADED1648F6AF7] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [974944] [PID.1648]
[MD5.B1EF4686961986DFFB7FE8F18E6FCB5B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\system32\nlssrv32.exe [66560] [PID.1716]
[MD5.0F97E7A47A52F4A36969F0FC319654C2] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3048136] [PID.1756]
[MD5.E56F39F6B7FDA0AC77A79B0FD3DE1A2F] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856] [PID.4036]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.2724]
[MD5.0AB205EDC2D0DD419D88AF0E3C2358F2] - (.Valve Corporation - Steam Client Service (buildbot_winslave04_s.) -- C:\Program Files\Common Files\Steam\SteamService.exe [543656] [PID.4596]
[MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] - (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.exe [4640000] [PID.5380]
[MD5.B45DA4D9075AF4297DF675CCD11D4997] - (.Microsoft Corporation - Isolation graphique de p�riph�rique audio W.) -- C:\Windows\system32\AUDIODG.exe [100864] [PID.5660]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\MOHAMMED\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preference [User Data\Default] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activ�)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [bbljgmognlmekcmkmlbgnmmkpklflojd] nGenx nFinity Browser v.0.0.1.0 (Activ�)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activ�)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activ�)
G2 - GCE: Preference [User Data\Default] [djajencflkkjdejpmmielapebmcjogoc] vBulletin WYSIWYG v.1.36 (Activ�)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [elioihkkcdgakfbahdoddophfngopipi] Photo Zoom for Facebook v.1.1208.30.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [janmfndmohbaaoocpcgfbghioojoakjg] rtplugin v.0.7 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.5 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [jmolcgpienlcieaajfkkdamlngancncm] IDM Integration v.6.15.9.1, (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [knfmphhfikndpfbllhdojajhgpmlnlef] Man of Steel v.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.1.0.10441 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activ�)
G2 - GCE: Preference [User Data\Default] [pmejhjjecaldkllonlokhkglbdbkdcni] Privacyfix by Privacychoice v.4.0.4 (D�sactiv�)
~ Google Browser: Scanned in 00mn 14s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\MOHAMMED\AppData\Roaming\Mozilla\Firefox\Profiles\1lptkgb0.default\prefs.js
~ Firefox Browser: 25 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startimes2.com
~ IE Browser: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: 212.227.67.195 we9stun.winning-eleven.net
O1 - Hosts: 31.193.132.42 pes6gate-ec.winning-eleven.net
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} . (.SimplyGen - Complitly - Helps you search the web.) -- C:\Users\MOHAMMED\AppData\Roaming\Complitly\Complitly.dll =>Adware.PredictAd
~ BHO: 6 Legitimates Filtered in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\MOHAMMED\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [AdobeBridge] Cl� orpheline
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.�Torrent
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] . (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe
O4 - HKCU\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files\Steam\Steam.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\MOHAMMED\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [AdobeBridge] Cl� orpheline
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.�Torrent
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [DAEMON Tools Pro Agent] . (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files\Steam\Steam.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-4135628867-2155432133-4217210963-1000\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe (.not file.)
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: PC CS6.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) -- C:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe
O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: ChrisTV Online!.lnk . (.Chris P.C. srl - ChrisTV Online!.) -- C:\Program Files\ChrisTV Online\ChrisTV Online.exe
O4 - GS\QuickLaunch: Foxit Reader 5.1.lnk . (...) -- C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: XnView.lnk . (.XnView, http://www.xnview.com - XnView for Windows.) -- C:\Program Files\XnView\xnview.exe
O4 - GS\QuickLaunch: �Torrent.lnk . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.�Torrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Adobe Illustrator CS6.lnk . (.Adobe Systems Inc. - Adobe Illustrator CS6.) -- C:\Program Files\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\Illustrator.exe
O4 - GS\Desktop: Aimersoft Video Converter Ultimate.lnk . (.Aimersoft - Aimersoft Studio.) -- C:\Program Files\Aimersoft\Video Converter Ultimate\VideoConverterUltimate.exe
O4 - GS\Desktop: ChrisTV Online!.lnk . (.Chris P.C. srl - ChrisTV Online!.) -- C:\Program Files\ChrisTV Online\ChrisTV Online.exe
O4 - Global Startup: C:\Users\MOHAMMED\Desktop\Company of Heroes 2 - Beta Stress Test.url . (.Chris P.C. srl - ChrisTV Online!.) -- C:\Users\MOHAMMED\Desktop\Company of Heroes 2 - Beta Stress Test.url
O4 - GS\Desktop: Documents.lnk . (...) -- C:\Users\MOHAMMED\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop: PC CS5.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) -- C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
O4 - GS\Desktop: PC CS6.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) -- C:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe
O4 - GS\Desktop: ProgDVB.lnk . (...) -- C:\Program Files\ProgDVB\ProgDVB.exe
O4 - GS\Desktop: T�l�chargement.lnk . (...) -- C:\Users\MOHAMMED\Downloads
O4 - GS\Desktop: Word 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: XnView.lnk . (.XnView, http://www.xnview.com - XnView for Windows.) -- C:\Program Files\XnView\xnview.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office14\ONBttnIE.dll
O9 - Extra button: Notes &li�es OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office14\ONBTTN~1.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{811F5916-AD50-49A4-85F5-B5AA2FC08D43}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{811F5916-AD50-49A4-85F5-B5AA2FC08D43}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{811F5916-AD50-49A4-85F5-B5AA2FC08D43}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
[MD5.74E56A0D832162C0830541E9E2C6C373] [APT] [{BE124513-61F8-4031-8616-52CEC3F38151}] (...) -- E:\KONAMI\PES6\PES6\kitserver\setup.exe [57344]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 04s



---\\ Logiciels install�s (O42)
O42 - Logiciel: CLVD Pack - 08.04.2010 - (...) [HKLM] -- CLVD Pack
O42 - Logiciel: Complitly - (.Complitly.) [HKLM] -- {4FFBB818-B13C-11E0-931D-B2664824019B}_is1 =>Adware.PredictAd
O42 - Logiciel: Easy MP3 Downloader - (...) [HKLM] -- EasyMP3Downloader
O42 - Logiciel: HDR Efex Pro 2 - (.Nik Software, Inc..) [HKLM] -- HDR Efex Pro 2
O42 - Logiciel: PESJP Patch 2013 version 3.0.0 - (.PESJP Production.) [HKLM] -- {A3EBC021-4FBA-40DB-BC59-9C5ECEF3514E}_is1
~ Logic: 81 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\973935f91e7e01875b34a217ebd20cc6]
[HKCU\Software\ChrisTV Online]
[HKCU\Software\Colorjinn]
[HKCU\Software\Complitly] =>Adware.PredictAd
[HKCU\Software\Sharing]
[HKCU\Software\Softonic]
[HKCU\Software\Topaz Labs]
[HKLM\Software\ChrisTV Online]
[HKLM\Software\ChrisTV_Online]
[HKLM\Software\DVB Support]
[HKLM\Software\SimplyGen] =>Adware.PredictAd
[HKLM\Software\Topaz Labs LLC]
[HKLM\Software\Topaz Labs]
[HKLM\Software\VVK]
~ Key Software: 178 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/02/2013 - 00:32:40 - [0,000] ----D C:\Program Files\Apex
O43 - CFD: 23/03/2013 - 22:51:52 - [9,823] ----D C:\Program Files\ChrisTV Online
O43 - CFD: 21/03/2013 - 22:55:55 - [1,611] ----D C:\Program Files\Complitly =>Adware.PredictAd
O43 - CFD: 13/03/2013 - 21:11:56 - [45,627] ----D C:\Program Files\HDR Efex Pro 2
O43 - CFD: 24/02/2013 - 01:05:19 - [0] ----D C:\Program Files\iPixSoft
O43 - CFD: 12/12/2012 - 20:16:44 - [4,929] ----D C:\Program Files\Topaz Labs LLC
O43 - CFD: 02/03/2013 - 21:02:31 - [2,866] ----D C:\Program Files\Webplayer setup =>Adware.SocialSkinz
O43 - CFD: 20/02/2013 - 16:38:01 - [46,821] ----D C:\Program Files\Common Files\Topaz Labs
O43 - CFD: 14/04/2013 - 13:18:36 - [0] ----D C:\ProgramData\xml_param
O43 - CFD: 20/02/2013 - 16:38:01 - [19,845] --H-D C:\ProgramData\{7D1F40B1-FDA9-48B3-9A00-C43B98B6061B}
O43 - CFD: 21/03/2013 - 22:55:54 - [0,474] ----D C:\Users\MOHAMMED\AppData\Roaming\Complitly =>Adware.PredictAd
O43 - CFD: 08/03/2013 - 20:00:10 - [4,937] ----D C:\Users\MOHAMMED\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 13/12/2012 - 15:14:55 - [0,001] ----D C:\Users\MOHAMMED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVB Support
O43 - CFD: 12/12/2012 - 20:16:47 - [0,008] ----D C:\Users\MOHAMMED\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
~ 198 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 390 Legitimates Filtered in 00mn 19s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.31CAE7029DFC81FC01D2E01E916D2AD2] - 27/04/2013 - 10:31:08 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [13296]
O44 - LFC:[MD5.31CAE7029DFC81FC01D2E01E916D2AD2] - 27/04/2013 - 10:31:07 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [13296]
~ Files: 44 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.014DF770CA26383B9FACA84D72C1A2C3] - 27/04/2013 - 16:09:05 ---A- - C:\Windows\Prefetch\GLADIATOR.EXE-031D3A77.pf
O45 - LFCP:[MD5.D6AB9D16E5F3CDF5AF2402F7B924D2E4] - 27/04/2013 - 16:11:02 ---A- - C:\Windows\Prefetch\GALADIAOR BY SOUFIANE.EXE-13A2EA86.pf
O45 - LFCP:[MD5.C8BEE34175459647135B503407466290] - 27/04/2013 - 16:12:20 ---A- - C:\Windows\Prefetch\GLADIATOR_SSSP_CCCAM V1.16.EX-83756D41.pf
O45 - LFCP:[MD5.43564FC1CB10EA09396952F1596F6B64] - 27/04/2013 - 16:13:29 ---A- - C:\Windows\Prefetch\SATHACKS TEAM.EXE-9935EE26.pf
O45 - LFCP:[MD5.E65C9D710914217EA434ECF1A671BB77] - 27/04/2013 - 16:14:45 ---A- - C:\Windows\Prefetch\GALADIAOR BY SOUFIANE.EXE-AB26462B.pf
O45 - LFCP:[MD5.334ABADA3D140274CCDB37A95BC9C363] - 27/04/2013 - 16:16:02 ---A- - C:\Windows\Prefetch\SATHACKS TEAM.EXE-064A78AF.pf
O45 - LFCP:[MD5.6B705DC49A18017F82D5834837CFFA55] - 27/04/2013 - 16:17:12 ---A- - C:\Windows\Prefetch\CLIQUER ICI.EXE-186BBCBA.pf
O45 - LFCP:[MD5.D06000D1D656DC6FBA1AA4C9F864FD50] - 27/04/2013 - 17:38:19 ---A- - C:\Windows\Prefetch\NCPV1.EXE-8020C059.pf
O45 - LFCP:[MD5.7E50A2E564FB30266871F04AFE0876B0] - 27/04/2013 - 17:38:50 ---A- - C:\Windows\Prefetch\NCP1.EXE-E0A366CB.pf
O45 - LFCP:[MD5.99E0EFFBC0AB3CD52F821CC59304D4AA] - 28/04/2013 - 22:03:31 ---A- - C:\Windows\Prefetch\MPC-HC.EXE-AB34CF8C.pf
O45 - LFCP:[MD5.5786BB19957C729D28BF7FB2872109C1] - 29/04/2013 - 21:51:20 ---A- - C:\Windows\Prefetch\LOGTRANSPORT2.EXE-D6DBADED.pf
O45 - LFCP:[MD5.18990EC43B829FCE24A7B45CFEA76BC1] - 30/04/2013 - 12:14:43 ---A- - C:\Windows\Prefetch\NCPV1.EXE-535C6B30.pf
O45 - LFCP:[MD5.88FD2B9EE05F53389B520E509E00F47D] - 30/04/2013 - 12:14:46 ---A- - C:\Windows\Prefetch\NCP1.EXE-3074227A.pf
O45 - LFCP:[MD5.9CFFA4D5909AA72DC46A418EF845E675] - 30/04/2013 - 12:43:15 ---A- - C:\Windows\Prefetch\NS3882.TMP-16FBAF12.pf
O45 - LFCP:[MD5.00EBC51F74F5273EF9A349A7CE6951AE] - 30/04/2013 - 12:43:15 ---A- - C:\Windows\Prefetch\NS3959.TMP-988F6042.pf
O45 - LFCP:[MD5.7DABB5412FFC61C45DFBE0AEE8964B56] - 30/04/2013 - 17:40:13 ---A- - C:\Windows\Prefetch\PESJP 2013 - 1.00.EXE-6B899567.pf
~ Prefetcher: 139 Legitimates Filtered in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{c0d349f3-5e82-11e2-93ff-00215a165ff7}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{c0d34a0d-5e82-11e2-93ff-00215a165ff7}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 27/04/2013 - 10:06:27 ---A- C:\Users\MOHAMMED\Downloads\Video\880003_10201092504614109_1568287584_n.mp4 [4647405]
O61 - LFC: 27/04/2013 - 16:15:27 ---A- C:\Users\MOHAMMED\Downloads\Compressed\gladiator-of-krimo_71_6.rar [44712]
O61 - LFC: 27/04/2013 - 16:15:32 ---A- C:\Users\MOHAMMED\Downloads\Compressed\JSC Sport+1 TO +10 FULL HD By sathacks.com.rar [992797]
O61 - LFC: 27/04/2013 - 17:04:19 ---A- C:\Users\MOHAMMED\Downloads\Compressed\gladiator-of-krimo_71_6_2.rar [44712]
O61 - LFC: 27/04/2013 - 19:45:22 ---A- C:\Users\MOHAMMED\Downloads\Video\001...avi - YouTube.mp4 [14683974]
O61 - LFC: 28/04/2013 - 12:09:21 ---A- C:\Users\MOHAMMED\Downloads\Compressed\Hair Textures 3.rar [1128446]
O61 - LFC: 28/04/2013 - 12:18:39 ---A- C:\Users\MOHAMMED\Downloads\Compressed\Tou.11.rar [238340999]
O61 - LFC: 30/04/2013 - 12:05:17 ---A- C:\Users\MOHAMMED\Downloads\Programs\esetsmartinstaller_fra.exe [2347384]
O61 - LFC: 30/04/2013 - 12:35:45 ---A- C:\Users\MOHAMMED\AppData\Local\Google\Chrome\User Data\First Run [0]
O61 - LFC: 30/04/2013 - 12:41:52 ---A- C:\Users\MOHAMMED\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [271421]
O61 - LFC: 30/04/2013 - 12:42:38 ---A- C:\Users\MOHAMMED\Downloads\Programs\Firefox Setup 20.0.1.exe [21192480]
O61 - LFC: 30/04/2013 - 17:42:23 ---A- C:\Users\MOHAMMED\Documents\KONAMI\Pro Evolution Soccer 2013\PesJP\ML01.bin [8985744]
O61 - LFC: 30/04/2013 - 17:42:29 ---A- C:\Users\MOHAMMED\Documents\KONAMI\Pro Evolution Soccer 2013\PesJP\OPTION.bin [402008]
O61 - LFC: 30/04/2013 - 18:12:11 ---A- C:\Users\MOHAMMED\AppData\Local\Google\Chrome\User Data\Local State [30823]
~ 7 Fichiers temporaires (Temporary files)
~ Files: 618 Legitimates Filtered in 00mn 05s



---\\ Alternate Data Stream File (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\100.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\D3DCompiler_43.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\D3DX9_43.dll:Zone.Identifier
~ ADS: Scanned in 00mn 01s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (ATE_PROCMON) .(...) - LEGACY_ATE_PROCMON
O64 - Services: CurCS - 27/09/2012 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 110 Legitimates Filtered in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Crack & Keygen Files (O82)
C:\Users\MOHAMMED\AppData\Roaming\uTorrent\DAEMON Tools Pro Advanced v5.0.0316.0317 + Keygen.rar.torrent =>P2P.�Torrent
C:\Users\MOHAMMED\AppData\Roaming\uTorrent\DAEMON Tools Pro Advanced v5.0.0316.0317 + Keygen.rar.torrent =>P2P.�Torrent
D:\?????\Al-Haytham.Soft.v.1.0~By.MoOOoKa\AutoPlay\Docs\keygen For Ultraiso BY Haitham Gamal.exe
D:\?????\Al-Haytham.Soft.v.1.0~By.MoOOoKa\AutoPlay\Docs\Keygen For WinRAR By Haitham Gamal.exe
D:\?????\istirjal sowar\32 Bit\Keygen\Keygen.exe
D:\?????\Keygen Photoshop CS6.rar
D:\?????\logciel\winrar.4b4\CoRE Keygen.exe
D:\?????\logciel\winrar.4b4\keygen.rar
D:\???? ???? ???\????? ????? ???\Serials + Keygen X-Force.rar
D:\???? ???? ???\?????? ???? ???? ???\MyEgy.CoM.Photoshop.Filters.2013\Topaz Photoshop Plugins Bundle 2013\keygen.rar
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\1.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\2.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\3.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\4.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\5.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\6.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Adobe Photoshop CS3 ME\keygen\???\7.png
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\(3000) Filters & (900) Actions For Adobe Photoshop\(3000) Filters & (900) Actions For Adobe Photoshop\Photoshop Actions\Cracked_Text.atn
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\(3000) Filters & (900) Actions For Adobe Photoshop\(3000) Filters & (900) Actions For Adobe Photoshop\Photoshop Actions\Cracked_Text.gif
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\(3000) Filters & (900) Actions For Adobe Photoshop\(3000) Filters & (900) Actions For Adobe Photoshop\Photoshop Actions\herosactions1\atn\cracked tile.atn
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\(3000) Filters & (900) Actions For Adobe Photoshop\(3000) Filters & (900) Actions For Adobe Photoshop\Photoshop Actions\herosactions1\atn\Crackle_bevel_2.ATN
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\(3000) Filters & (900) Actions For Adobe Photoshop\(3000) Filters & (900) Actions For Adobe Photoshop\Photoshop Actions\pbutter crackers.atn
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\(3000) Filters & (900) Actions For Adobe Photoshop\(3000) Filters & (900) Actions For Adobe Photoshop\Photoshop Actions\pbutter crackers.jpg
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\Adobe Photoshop Filters DVD\Adobe Photoshop Filters DVD\Topaz Plugins Bundle\Instructions\Activation\Keygen.rar
E:\photo shop\Photoshop.Collection.2013.WwW.MaZika2daY.CoM\Tools\Over 1000 brushes for Photoshop\Shop_Brushes_\Brushes1\pureanodyne - cracked.abr
~ Files: Scanned in 00mn 45s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{0322DB9B-521C-4BE7-B1BE-5BB7E3F4ACFD}C:\program files\progdvb\progdvbnet.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\progdvb\progdvbnet.exe (.not file.)
O87 - FAEL: "UDP Query User{095FB53E-7B6B-411F-8C84-9A59697CF69D}C:\program files\progdvb\progdvbnet.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\progdvb\progdvbnet.exe (.not file.)
O87 - FAEL: "TCP Query User{0A6261C9-212B-4D3C-ABA1-1825D434D770}C:\program files\progdvb\progdvb.exe" | In - Private - P6 - TRUE | .(.Pas de propri�taire - ProgDVB.) -- C:\program files\progdvb\progdvb.exe
O87 - FAEL: "UDP Query User{668C67C2-E8B0-4503-A83B-8587EF4FEEE0}C:\program files\progdvb\progdvb.exe" | In - Private - P17 - TRUE | .(.Pas de propri�taire - ProgDVB.) -- C:\program files\progdvb\progdvb.exe
O87 - FAEL: "TCP Query User{A60808BC-7608-4241-ADFA-ADBBFAEF13A6}C:\program files\christv online\christv online.exe" | In - Private - P6 - TRUE | .(.Chris P.C. srl - ChrisTV Online!.) -- C:\program files\christv online\christv online.exe
O87 - FAEL: "UDP Query User{8D5568C0-46C4-4E34-8150-5EFF94ABF16E}C:\program files\christv online\christv online.exe" | In - Private - P17 - TRUE | .(.Chris P.C. srl - ChrisTV Online!.) -- C:\program files\christv online\christv online.exe
~ Firewall: 236 Legitimates Filtered in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.11782 - (30/04/2013)
Cl�s trouv�es (Keys found) : 22
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 3
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKLM\Software\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKLM\Software\Classes\AppID\{442f13bc-2031-42d5-9520-437f65271153}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}] =>Parasite.Pugi
[HKLM\Software\Classes\Interface\{c9ae652b-8c99-4ac2-b556-8b501182874e}] =>Adware.PredictAd
[HKLM\Software\Classes\AppID\Complitly.DLL] =>Adware.PredictAd
[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho] =>Adware.PredictAd
[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho.1] =>Adware.PredictAd
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Complitly] =>Adware.PredictAd
[HKLM\Software\SimplyGen] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1] =>Adware.PredictAd
C:\Program Files\Webplayer setup =>Adware.SocialSkinz
C:\Users\MOHAMMED\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\MOHAMMED\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda =>Adware.PredictAd
~ Additionnel Scan: 175092 Items scanned in 00mn 26s



---\\ Random Export Key (O91)
[HKCU\Software\973935f91e7e01875b34a217ebd20cc6]:US="@"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 22/09/2011 974944 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
SS - | Auto 30/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 05/09/2012 66560 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\system32\nlssrv32.exe
SR - | Auto 02/10/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 05/07/2012 3048136 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Demand 19/04/2013 543656 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe
SR - | Auto 02/10/2012 382824 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by MOHAMMED at 30/04/2013 18:13:39

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ MBR: 9 Legitimates Filtered in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by MOHAMMED at 30/04/2013 18:13:41

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 2100 Legitimates filtered by white list
End of the scan (595 lines in 02mn 26s)(25)

Publicité


Signaler le contenu de ce document

Publicité