cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2014.4.13.25 - Nicolas Coolman (13/04/2014)
~ Launched by user (14/04/2014 11:16:01)
~ Web site address : http://nicolascoolman.webs.com
~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/
~ Translated by
~ Version State :
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Activate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17041
MFIE: Mozilla Firefox 28.0
GCIE: Google Chrome v27.0.1453.116 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows Vista (TM) Ultimate, 32-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
~ Windows Partial Key : 2C9T3
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK

---\\ System protection software
Malwarebytes Anti-Malware version 2.0.1.1004

---\\ System optimization software
CCleaner v4.00 =>.Piriform Ltd

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Information on the system
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3497 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 142 GB (58%) free of 244 GB

---\\ Connection to the system mode
~ Computer Name: ACCENT-PC
~ User Name: user
~ All Users Names: user, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\user\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 142 Go of 244 Go)
D: Hard drive, Flash drive, Thumb drive (Free 32 Go of 222 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Free 0 Go of 0 Go)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ State of the Windows Security Center
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 05:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 05:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 12:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/01/2014 - 22:14:17.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 08:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 08:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 13:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 08:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/138
Mes musiques (My Musics) : 2/2 (Modified)
~ Mes Videos (My Videos) : 2/16
~ Mes Favoris (My Favorites) : 2/66
~ Mes Documents (My Documents) : 3/1516
~ Mon Bureau (My Desktop) : 8/7716
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 08s



---\\ Process running
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.5260]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.5532]
[MD5.CAED806D31777467273C71BADD1ED6AA] - (.No owner - PVDAgent Application.) -- C:\Program Files\PHotkey\PVDAgent.exe [457224] [PID.4676]
[MD5.78A79F00C6778983BC5DEE5E5D0BA56B] - (...) -- C:\Program Files\Internet Mobile\Internet Mobile.exe [514560] [PID.4252]
[MD5.5178A245B4C35A7C12AC4142AC5E8DC0] - (...) -- C:\Program Files\My Connection\BackgroundService\ModemListener.exe [126056] [PID.1944]
[MD5.3A5AE09E859BF74F275D0D2225113F7F] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3829328] [PID.5052]
[MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368] [PID.3000]
[MD5.5521928AA79079565B7CB8FCE6806131] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [825808] [PID.5796]
[MD5.08FECDE82830FA31E186E071D87CE86A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8212992] [PID.816]
[MD5.D480F4069BFCD9ACC3E7399317038CCF] - (.Enigma Software Group USA, LLC. - Service scanner interface.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432] [PID.0] =>Crapware.SpyHunter
[MD5.0A7F86657755ADA92C57E597BF5151F7] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1068]
[MD5.EFD89582B55DD32DC79C1A4EB54612A1] - (.No owner - ASLDR Service.) -- C:\Program Files\PHotkey\ASLDRSrv.exe [104968] [PID.1564]
[MD5.6CF91B90C0F2B750F128BB28AB6B1A01] - (.No owner - GFNEXSrv.) -- C:\Program Files\PHotkey\GFNEXSrv.exe [133640] [PID.1600]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1880]
[MD5.97ED5AA5FBAA105EF614B8C240B62BA1] - (.Apache Software Foundation - Apache HTTP Server.) -- C:\AppServ\Apache2.2\bin\httpd.exe [24635] [PID.1900]
[MD5.A6307F356D778E18A76E7783EF98C6AA] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files\Atheros\Ath_CoexAgent.exe [151552] [PID.2004]
[MD5.935B12A4795F7B81596D128FC869B534] - (.Atheros Commnucations - AdminService Application.) -- C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe [56480] [PID.1868]
[MD5.BE531939BB6D153DB63DBBFBD398A713] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584] [PID.1204]
[MD5.33E9F08F675EF94633C8EF8A7C4EADF3] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608] [PID.1980]
[MD5.5EF3427AE503B5C03A48F7C9FF458B69] - (.No owner - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService.exe [271712] [PID.2416]
[MD5.F14317082B49575B64365028D88230D7] - (...) -- C:\Program Files\My Connection\BackgroundService\ServiceManager.exe [53312] [PID.2492]
[MD5.8B4B572753419FE601220526205F9455] - (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\Windows\system32\libusbd-nt.exe [18944] [PID.2544]
[MD5.69C494AE77EC2CFC31FD4B0D7AB6F24A] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [1777488] [PID.2564]
[MD5.0E08BDD7326E657D59DB40BAD23D8169] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.2588]
[MD5.A8E7F3DB083EB0839DFC1C763CDD2594] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912] [PID.2896]
[MD5.6D9C3B76768D5B2E72F0CB9E237A9D82] - (...) -- C:\AppServ\MySQL\bin\mysqld-nt.exe [5750784] [PID.2972]
[MD5.4D09B93F16DA1AA08EB226F9F1AA4D51] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [665200] [PID.3136]
[MD5.9B08F70037CD7AAA87419C6C485C6567] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\system32\vmnat.exe [432752] [PID.3188]
[MD5.0FC29ADB3F634ED3E535A76395B470B5] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [79872] [PID.3332]
[MD5.58B2C15F4D26E7E34ADE53CAC695FBE8] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\system32\vmnetdhcp.exe [354416] [PID.3612]
[MD5.249D12488F9EE43B0D812C87335E0EF2] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- c:\Program Files\Microsoft Security Client\NisSrv.exe [295376] [PID.2428]
[MD5.A15E517B1687027B896F80D6A7223226] - (.Pegatron Corporation - Pegatron Hotkey.) -- C:\Program Files\PHotkey\PHotkey.exe [813576] [PID.4308]
[MD5.FEEA84F8621DFCC013EDBB7D9E517F64] - (.No owner - MsgTranAgt.) -- C:\Program Files\PHotkey\MsgTranAgt.exe [117256] [PID.4004]
[MD5.0672055A1EEF2BBA0EC569F414EEE3DB] - (.No owner - PVDesktop.) -- C:\Program Files\PHotkey\PVDesktop.exe [547336] [PID.3840]
[MD5.1E0B408D5D2AD80C880CF43C0EB04DE5] - (.Pegatron Corporation - Pegatron Osd.) -- C:\Program Files\PHotkey\POSD.exe [3095048] [PID.3232]
[MD5.926EBA26A8B49D1597751CED06B50862] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.3328]
[MD5.FDF92EC84FECEE834FB10A2A0A19BCDA] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2655768] [PID.3252]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.5708]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G0 - GCSP: Preference [User Data\Default][HomePage] about:blank

---\\ Google Chrome Extension Folder

~ Google Lines Browser: 7 Legitimates Filtered in 00mn 10s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2d1y0tz3.default\prefs.js (.not file.)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6e0ynqls.default\prefs.js (.not file.)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6hb9d6vz.default\prefs.js (.not file.)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\lycuect0.default\prefs.js
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\lycuect0.default\searchplugins\VenteeRo.xml
M0 - MFSP: prefs.js [user - lycuect0.default] about:blank
~ Firefox Browser: 34 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityresponse.symantec.com
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key
~ Toolbar: Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: eduMedia-Primaire-Annee3.lnk . (...) -- C:\Program Files\eduMedia-Primaire-Annee3\eduMedia-Primaire-Annee3.exe
O4 - GS\Desktop [Public]: Internet Mobile.lnk . (...) -- C:\Program Files\Internet Mobile\Internet Mobile.exe
O4 - GS\Desktop [Public]: YAC.lnk . (.Elex do Brasil Participações Ltda - iStart.) -- C:\Program Files\iSafe\iStart.exe =>Trojan.Staser
O4 - GS\Program [Public]: Ayat.lnk . (...) -- C:\Program Files\Ayat\Ayat.exe
O4 - GS\Program [Public]: eduMedia-Primaire-Annee3.lnk . (...) -- C:\Program Files\eduMedia-Primaire-Annee3\eduMedia-Primaire-Annee3.exe
O4 - GS\Program [Public]: eduMedia-Primaire-Annee6.lnk . (...) -- C:\Users\user\Documents\eduMedia-Primaire-Annee6\eduMedia-Primaire-Annee6.exe
O4 - GS\Program [Public]: Mocha for After Effects CS4.lnk . (...) -- C:\Program Files\Adobe\Adobe After Effects CS4\Mocha\bin\Mocha For After Effects.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [user]: CodeStuff Starter.lnk . (.CodeStuff - Startup Manager for Windows 9x/Me/NT/2000/X.) -- C:\Program Files\CodeStuff\Starter\Starter.exe
O4 - GS\QuickLaunch [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [user]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [user]: OJOsoft Total Video Converter.lnk . (.OJOsoft Corporation - TotalVideoConverter.exe.) -- C:\Program Files\OJOsoft\OJOsoft Total Video Converter\TotalVideoConverter.exe
O4 - GS\QuickLaunch [user]: Paltalk Messenger.lnk . (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - GS\QuickLaunch [user]: Upgrade to Paltalk Extreme.lnk - Orphan key
O4 - GS\TaskBar [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [user]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [user]: PowerPoint 2013.lnk . (...) -- C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\pptico.exe
O4 - GS\Program [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [user]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [user]: DVB Dream Plugins Folder (pip00).lnk . (...) -- C:\dvbdream\Plugins\pip00
~ Global Startup: 81 Legitimates Filtered in 00mn 06s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [IAM Aegean ModemListener] . (...) -- C:\Program Files\My Connection\BackgroundService\ModemListener.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1732316212-2870636193-3753681979-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1732316212-2870636193-3753681979-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} . (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Orphan key
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office15\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{463E9EEC-B6C4-4A95-ADC8-8EF82D6ACFAD}: NameServer = 212.217.0.1 212.217.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDE4C4FA-A5BE-4FE6-A84A-8421AB3F9CDF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{463E9EEC-B6C4-4A95-ADC8-8EF82D6ACFAD}: NameServer = 212.217.0.1 212.217.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BDE4C4FA-A5BE-4FE6-A84A-8421AB3F9CDF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{463E9EEC-B6C4-4A95-ADC8-8EF82D6ACFAD}: NameServer = 212.217.0.1 212.217.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BDE4C4FA-A5BE-4FE6-A84A-8421AB3F9CDF}: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: ASLDR Service (ASLDRService) . (.No owner - ASLDR Service.) - C:\Program Files\PHotkey\ASLDRSrv.exe
O23 - Service: GFNEX Service (GFNEXSrv) . (.No owner - GFNEXSrv.) - C:\Program Files\PHotkey\GFNEXSrv.exe
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: IAM Aegean Modem Device Helper (IAM Aegean Modem Device Helper) . (...) - C:\Program Files\My Connection\BackgroundService\ServiceManager.exe
O23 - Service: IAM Wave Modem Device Helper (IAM Wave Modem Device Helper) . (...) - C:\Program Files\My Connection\BackgroundService\ServiceManager.exe
O23 - Service: mysql (mysql) . (...) - C:\AppServ\MySQL\bin\mysqld-nt --defaults-file=C:\AppServ\MySQL\my.ini mysql (.not file.)
~ Services: 24 Legitimates Filtered in 00mn 12s



---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\XoftSpySE.job [374] =>PUP.XoftSpySE
[MD5.00000000000000000000000000000000] [APT] [XoftSpySE] (...) -- C:\Program Files\XoftSpySE6\XoftSpySELauncher.exe (.not file.) [0] =>PUP.XoftSpySE
[MD5.00000000000000000000000000000000] [APT] [{024F1106-4899-45F1-AB7E-EE7507A6B1D9}] (...) -- C:\users\user\Downloads\Programs\winsetupfromusb_0.2.3.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0AE5FF31-8F13-4E73-9060-2905E4FA78B7}] (...) -- C:\users\user\Desktop\htc\WinSetupFromUSB 0.2.2\WinSetupFromUSB 0.2.2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{159AB764-204D-492C-AB8F-4503929F8357}] (...) -- E:\DirectX\dxsetup.exe (.not file.) [0]
[MD5.5DD0045F3AFAB407E990F3E6A7C4F7DB] [APT] [{4D9D7F04-8B9C-4445-977B-86EA70E0A6DB}] (...) -- C:\users\user\Downloads\Programs\WinSetupFromUSB_0-2-3.exe [4429393]
[MD5.5DD0045F3AFAB407E990F3E6A7C4F7DB] [APT] [{A4E0D74A-C45E-4DAD-AA8A-4CC07A0932D7}] (...) -- C:\users\user\Downloads\Programs\WinSetupFromUSB_0-2-3.exe [4429393]
[MD5.5DD0045F3AFAB407E990F3E6A7C4F7DB] [APT] [{B9865295-F124-4E01-916A-C44A97573D9E}] (...) -- C:\users\user\Downloads\Programs\WinSetupFromUSB_0-2-3.exe [4429393]
[MD5.592E610D4176CD23E83150A3285D1991] [APT] [{C6BA9C73-4A5C-4B4E-A821-F88C94D48766}] (...) -- D:\shamela\setup.exe [456204]
[MD5.00000000000000000000000000000000] [APT] [{E3CD27FB-CB68-41A4-883F-925469208176}] (...) -- C:\users\user\Desktop\ں駩ي«\êي©ں©§ ë مéêï ééê«¢يî ںé£ںé£\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E6C6096D-66A9-4456-9292-52CCDA4FD678}] (...) -- E:\Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EEF6AFB4-FFB5-4A89-8CA2-92DDAC5DD0DC}] (...) -- E:\CH340\HL-340.exe (.not file.) [0]
~ Scheduled Task: 33 Legitimates Filtered in 00mn 06s



---\\ Drivers launched at startup (O41)
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files\iSafe\iSafeKrnlKit.sys =>Trojan.Staser
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\Program Files\iSafe\iSafeNetFilter.sys =>Trojan.Staser
O41 - Driver: (wStLibG) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLibG.sys =>PUP.LinkiDoo
~ Drivers: 96 Legitimates Filtered in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: My Connection - (.IAM.) [HKLM] -- IAM Aegean My Connection_is1
O42 - Logiciel: Ri7abi_Coran1 version 1.5 - (.Mounaissir.) [HKLM] -- {3CBC91D1-11E3-4DFA-B0FB-2D9237AA3010}_is1
O42 - Logiciel: Ri7abi_Coran2 version 1.5 - (.Mounaissir.) [HKLM] -- {5C1760D5-02B7-4D81-9FCC-82148BD5A758}_is1
O42 - Logiciel: Yet Another Cleaner! - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM] -- iSafe =>Trojan.Staser
~ Logic: 10 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AAA Logo 2014]
[HKCU\Software\ARHome]
[HKCU\Software\Filseclab]
[HKCU\Software\Fuzebox]
[HKCU\Software\NoVooITSet]
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera
[HKLM\Software\Aegean]
[HKLM\Software\DVBDream]
[HKLM\Software\Filseclab]
[HKLM\Software\IAM Aegean Modem Service]
[HKLM\Software\IAM Wave Modem Service]
[HKLM\Software\Softronics]
[HKLM\Software\Wave]
~ Key Software: 416 Legitimates Filtered in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 18/07/2013 - 02:43:42 - [0,570] ----D C:\Program Files\Alfa Programs
O43 - CFD: 10/04/2013 - 04:18:58 - [0,199] ----D C:\Program Files\brnamj hissab alojra
O43 - CFD: 18/10/2013 - 12:49:49 - [14,028] ----D C:\Program Files\Cantine_Scolaire
O43 - CFD: 07/06/2013 - 16:13:33 - [69,059] ----D C:\Program Files\cube-para
O43 - CFD: 24/11/2013 - 11:14:53 - [0] ----D C:\Program Files\FT7191
O43 - CFD: 14/04/2014 - 10:33:14 - [39,445] ----D C:\Program Files\iSafe =>Trojan.Staser
O43 - CFD: 17/01/2014 - 20:45:42 - [1,490] ----D C:\Program Files\Mixlr
O43 - CFD: 04/03/2014 - 19:44:34 - [17,541] ----D C:\Program Files\My Connection
O43 - CFD: 01/05/2012 - 17:32:15 - [5,366] ----D C:\Program Files\ProfOffice
O43 - CFD: 19/11/2013 - 16:53:29 - [25,950] ----D C:\Program Files\Ri7abi_Coran1
O43 - CFD: 28/10/2013 - 19:54:30 - [23,801] ----D C:\Program Files\Ri7abi_Coran2
O43 - CFD: 17/08/2013 - 08:35:56 - [0] ----D C:\Program Files\SaveShare =>Adware.SaveShare
O43 - CFD: 10/04/2013 - 04:18:44 - [0,001] ----D C:\Program Files\Sola GSM Calc
O43 - CFD: 11/04/2013 - 20:10:21 - [2,697] ----D C:\Program Files\XUSSoft
O43 - CFD: 02/11/2012 - 17:37:25 - [4,346] ----D C:\Program Files\برنامج حساب الأجرة
O43 - CFD: 11/04/2014 - 18:37:48 - [1,265] ----D C:\Users\user\AppData\Roaming\ARHome
O43 - CFD: 05/08/2013 - 17:49:48 - [0,001] ----D C:\Users\user\AppData\Roaming\SmileysWeLove =>Adware.SmileyBar
O43 - CFD: 24/04/2013 - 23:07:25 - [0] ----D C:\Users\user\AppData\Roaming\system32
O43 - CFD: 11/04/2014 - 18:37:48 - [0,519] ----D C:\Users\user\AppData\Roaming\VolIE
O43 - CFD: 11/04/2013 - 20:11:09 - [2,850] ----D C:\Users\user\AppData\Roaming\XUSSoft
O43 - CFD: 23/03/2014 - 22:56:39 - [0] ----D C:\Users\user\AppData\Local\.distlib
O43 - CFD: 26/05/2013 - 16:38:17 - [0,002] ----D C:\Users\user\AppData\Local\DefaultDomain_Path_2jjdwwwbej4fajitudmutkjkc2soxwl5
O43 - CFD: 12/04/2014 - 19:05:03 - [0] -SH-D C:\Users\user\AppData\Local\EmieSiteList
O43 - CFD: 12/04/2014 - 19:05:03 - [0] -SH-D C:\Users\user\AppData\Local\EmieUserList
O43 - CFD: 08/01/2014 - 20:24:50 - [0] ----D C:\Users\user\AppData\Local\mixlr
O43 - CFD: 04/02/2013 - 21:06:48 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\brnamj hissab alojra
O43 - CFD: 07/06/2013 - 16:13:31 - [0,001] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cube
O43 - CFD: 17/03/2013 - 20:12:22 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fausto
O43 - CFD: 10/04/2013 - 04:18:14 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDVB
O43 - CFD: 12/04/2014 - 23:26:28 - [0,005] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
~ Program Folder: 344 Legitimates Filtered in 01mn 28s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.358FE7EA4CB2DDF9B3DD5474F0CA3633] - 11/04/2014 - 06:13:06 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [30720] =>Trojan.Staser
O44 - LFC:[MD5.9B19FC778590F070F6ED49AC3C1D0321] - 12/04/2014 - 18:56:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG.sys [52928] =>PUP.LinkiDoo
O44 - LFC:[MD5.1FACA83E9DB8B2F61FF1AA8E0FF1A76C] - 12/04/2014 - 21:35:11 ---A- . (...) -- C:\Windows\wininit.ini [177]
O44 - LFC:[MD5.2F10E29732352BCD12BDE3DE2F3F9B14] - 12/04/2014 - 21:44:22 ---A- . (...) -- C:\Windows\win.ini [580]
~ Files: 47 Legitimates Filtered in 00mn 02s



---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{19c0bff5-4b0c-11e3-bbdd-a8d2370abf9a}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{1c0b377e-16e7-11e3-b175-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{1d67eede-7205-11e3-b848-e06995650eba}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{20f3f041-61d6-11e3-bc54-001e101f1ed9}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{20f3f05f-61d6-11e3-bc54-001e101f1ed9}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{3d283496-4a54-11e3-969b-d804049ef560}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{3e8ea8f0-63d4-11e3-8596-005056c00008}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{5fbeec36-1c61-11e3-a740-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{64b86805-8b42-11e3-819e-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{69525f51-7143-11e3-92e3-00a0c6000000}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{7e603af9-8abb-11e3-9fe1-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{b3c08d5d-546d-11e3-8eec-005056c00008}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{bbe45b44-b133-11e3-9eca-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{bc003b2c-7184-11e3-8565-005056c00008}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{bc003b56-7184-11e3-8565-001e101fe70e}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{cf00a120-b7c1-11e2-8f41-e0915348bfa5}\AutoRun\command - Orphan key
O51 - MPSK:{d15dde7c-1727-11e3-b328-001e101fa1f5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{d15dde8e-1727-11e3-b328-001e101fa1f5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{d15ddf77-1727-11e3-b328-001e101fa1f5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{e20dde30-6261-11e3-9377-a9feaddf9877}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{e20dde4b-6261-11e3-9377-a9feaddf9877}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{feb3d86b-7fb8-11e3-8bf2-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{feb3d881-7fb8-11e3-8bf2-e0915348bfa5}\AutoRun\command. (.No owner - AutoRun.) -- F:\AutoRun.exe
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableStatusMessages"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.B6F4A83911336E84BEAD8F8905285FAB] - 12/06/2007 - 00:00:00 ---A- . (.www.winchiphead.com - Win98 WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\Drivers\CH341S98.SYS [19680]
O58 - SDL:[MD5.A3E467EF4A30CCF8AE674AC879CC56FE] - 03/06/2009 - 00:00:00 ---A- . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\Drivers\CH341SER.SYS [39632]
O58 - SDL:[MD5.4EB6222BE3C3C8071F4A9CA076241D1D] - 11/05/2013 - 22:09:06 ---A- . (.Connectify - NDIS filter driver.) -- C:\Windows\System32\Drivers\cnnctfy2.sys [27248]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.01CE484FF6D70A39479BC6D619DE7ED6] - 22/06/2012 - 10:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [19984]
O58 - SDL:[MD5.21B9BACDD4418B59B546C42B4C5A084A] - 17/01/2014 - 20:59:12 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:[MD5.483924F92E55A5F9423201EC635E2CED] - 30/06/2013 - 00:40:02 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\Windows\System32\Drivers\gfibto.sys [13560]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 22:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 21:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.093CEE3B45F0954DCE6CB891F6A920F7] - 07/03/2013 - 09:49:20 ---A- . (...) -- C:\Windows\System32\epmntdrv.sys [14920]
O58 - SDL:[MD5.01CE484FF6D70A39479BC6D619DE7ED6] - 22/06/2012 - 10:01:32 ---A- . (...) -- C:\Windows\System32\ESGScanner.sys [19984]
O58 - SDL:[MD5.F1DE3EEF501DDA7DDF99F2EDF0C5540E] - 07/03/2013 - 09:49:20 ---A- . (...) -- C:\Windows\System32\EuGdiDrv.sys [9160]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 21:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 21:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 21:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 21:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 21:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 21:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 21:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 21:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 21:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 21:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 21:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 00mn 02s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 17/01/2014 - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - 26/03/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20140411.001\IDSvix86.sys (IDSVix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86
O64 - Services: CurCS - 11/04/2014 - C:\Program Files\iSafe\iSafeKrnlKit.sys (iSafeKrnlKit) .(.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - LEGACY_ISAFEKRNLKIT =>Trojan.Staser
O64 - Services: CurCS - 11/04/2014 - C:\Program Files\iSafe\iSafeNetFilter.sys (iSafeNetFilter) .(.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - LEGACY_ISAFENETFILTER =>Trojan.Staser
O64 - Services: CurCS - 12/04/2014 - C:\Windows\System32\drivers\wStLibG.sys (wStLibG) .(.StdLib - StdLib.) - LEGACY_WSTLIBG =>PUP.LinkiDoo
~ Legacy: 202 Legitimates Filtered in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- c:\program files\mozilla firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} - (VenteeRo) - http://www.arabyonline.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.647E9CB948C605C751091A00998CBCDF] [SPRF][20/05/2012] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.04B47DEEB298AE90A0C42DEAED71F8BA] [SPRF][12/04/2014] (...) -- C:\Users\user\Desktop\AdwCleaner.exe [1426178]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "7E9C3C6D433D8194DB75B5E11FC402D7" . (.Bing Bar.) -- C:\Windows\Installer\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 168 Legitimates Filtered in 00mn 00s



---\\ Windows Installer Scan (WIS) (O93) (NTFS)
[MD5.D05776674C392AAF5C3BE92C14D2F494] [WIS][11/12/2009] (.Alcor Micro Corp. - AmIcoSinglun.) -- C:\Windows\Installer\18cd41.msi [1455104]
[MD5.D85B3D8BDEEB942F36B9548F0A3FA6B3] [WIS][18/04/2012] (.UNKNOWN - Ayat.) -- C:\Windows\Installer\3daadd.msi [29184]
[MD5.AAB1622643C674ECD635A916F9E57957] [WIS][27/04/2013] (.eduMedia SARL - eduMedia-Primaire-Annee6.) -- C:\Windows\Installer\487e9.msi [62464]
[MD5.76A80F4FE7222D1F8BC3B4282B3A3265] [WIS][12/10/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\535e3.msi [22413312]
[MD5.0BEFA25140075B816C1C563A22A03BA7] [WIS][07/12/2013] (.eduMedia SARL - eduMedia-Primaire-Annee3.) -- C:\Windows\Installer\d897d5.msi [62976]
~ WIS: 181 Legitimates Filtered in 01mn 37s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BI_RunOnce_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BI_RunOnce_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASMANCS =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\HBLiteSA_RASAPI32 =>Adware.HotBar
HKLM\SOFTWARE\Microsoft\Tracing\HBLiteSA_RASMANCS =>Adware.HotBar
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASMANCS =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseMark_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseMark_RASMANCS =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\vbmz7_RASAPI32 =>PUP.Duuqu
HKLM\SOFTWARE\Microsoft\Tracing\vbmz7_RASMANCS =>PUP.Duuqu
HKLM\SOFTWARE\Microsoft\Tracing\VisualBeeSilent-1-_RASAPI32 =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\VisualBeeSilent-1-_RASMANCS =>Adware.VisualBeeToolbar
~ BTK: 286 Legitimates Filtered in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 22/07/2013 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/02/2012 193816 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe =>Toolbar.Bing
SS - | Demand 22/03/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe
SS - | Demand 26/07/2013 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 24/06/2009 136704 | (HP LaserJet Service) . (.HP.) - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
SS - | Auto 14/03/2012 53312 | (IAM Wave Modem Device Helper) . (...) - C:\Program Files\My Connection\BackgroundService\ServiceManager.exe
SS - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SS - | Demand 04/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 13/07/2012 769432 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Auto 22/08/2011 11837440 | (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 17/01/2008 24635 | (Apache2.2) . (.Apache Software Foundation.) - C:\AppServ\Apache2.2\bin\httpd.exe
SR - | Auto 18/12/2009 104968 | (ASLDRService) . (...) - C:\Program Files\PHotkey\ASLDRSrv.exe
SR - | Auto 24/05/2010 151552 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Atheros\Ath_CoexAgent.exe
SR - | Auto 27/09/2010 56480 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe
SR - | Demand 10/02/2012 240408 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe =>Toolbar.Bing
SR - | Auto 06/10/2010 133640 | (GFNEXSrv) . (...) - C:\Program Files\PHotkey\GFNEXSrv.exe
SR - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Auto 14/03/2012 53312 | (IAM Aegean Modem Device Helper) . (...) - C:\Program Files\My Connection\BackgroundService\ServiceManager.exe
SR - | Auto 09/03/2005 18944 | (libusbd) . (.http://libusb-win32.sourceforge.net.) - C:\Windows\System32\libusbd-nt.exe
SR - | Auto 05/10/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 09/06/2013 1777488 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 12/08/2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (mysql) . (...) - C:\AppServ\MySQL\bin\mysqld-nt --defaults-file=C:\AppServ\MySQL\my.ini mysql
SR - | Auto 21/05/2013 144368 | (N360) . (.Symantec Corporation.) - C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
SR - | Auto 09/01/2014 770432 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
SR - | Auto 05/10/2010 2655768 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 22/08/2011 79872 | (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc
SR - | Auto 22/08/2011 354416 | (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe
SR - | Auto 21/08/2011 665200 | (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
SR - | Auto 22/08/2011 432752 | (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 09s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (13/04/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 3

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XoftSpySE] =>PUP.XoftSpySE^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>Trojan.Staser^
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter
[HKLM\Software\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole] =>Toolbar.AdAware
C:\Program Files\iSafe =>Trojan.Staser^
C:\Program Files\SaveShare =>Adware.SaveShare^
C:\Users\user\AppData\Roaming\SmileysWeLove =>Adware.SmileyBar^
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter^
C:\Windows\Tasks\XoftSpySE.job =>PUP.XoftSpySE^
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera^
~ Additionnel Scan: 453876 Items scanned in 00mn 35s



---\\ Summary of the detections found on your workstation
http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser
http://nicolascoolman.webs.com/apps/blog/show/28598549-pup-xoftspyse =>PUP.XoftSpySE
http://nicolascoolman.webs.com/apps/blog/show/31951367-trojan-vonteera =>Trojan.Vonteera
http://nicolascoolman.webs.com/apps/blog/show/31929570-adware-saveshare =>Adware.SaveShare
http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
http://nicolascoolman.webs.com/apps/blog/show/42099886-pup-browsemark =>PUP.BrowseMark
http://nicolascoolman.webs.com/apps/blog/show/26834113-adware-hotbar =>Adware.HotBar
http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
http://nicolascoolman.webs.com/apps/blog/show/29058830-adware-visualbeetoolbar =>Adware.VisualBeeToolbar
~ MSI: 12 link(s) detected in 00mn 00s



~ 1620 Legitimates filtered by white list
End of the scan (669 lines in 05mn 05s)(0)

Publicité


Signaler le contenu de ce document

Publicité