cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

���������� | Shortcut_Module | g3n-h@ckm@n | 21.03.2014.4

����� XP | Vista | 7 | 8 - 32/64 bits ����� - Start 09:52:57 - 22/03/2014

Mis � jour le : 21/03/2014 | 19.50 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal

Syst�me : Windows 8.1 Pro (64 bits) Professional

M�moire RAM = Total (MB) : 16726 | Libre (MB) : 14475
Pagefile = Total (MB) : 19216 | Libre (MB) : 16754
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3987


Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

���������� | Mises � jour Windows

Aucune mise � jour d�tect�e !!!

���������� | Navigateurs

IE : 11.0.9600.16518 (� Microsoft Corporation. Tous droits r�serv�s.)

���������� | Processus tu�s

316 | C:\WINDOWS\system32\atiesrxx.exe (.AMD - AMD External Events Service Module.) - (6.14.11.1164) -> C:\WINDOWS\system32\atiesrxx.exe
1036 | C:\WINDOWS\system32\atieclxx.exe (.AMD - AMD External Events Client Module.) - (6.14.11.1164) -> atieclxx
1388 | C:\WINDOWS\System32\spoolsv.exe (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.3.9600.16384) -> C:\WINDOWS\System32\spoolsv.exe
1624 | C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
1688 | C:\WINDOWS\system32\dashost.exe (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.16384) -> dashost.exe {1fc01193-bc17-4651-98aafe595fb1520d}
1828 | C:\WINDOWS\system32\taskhostex.exe (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.3.9600.16384) -> taskhostex.exe
1980 | C:\WINDOWS\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.3.9600.16441) -> C:\WINDOWS\Explorer.EXE
2564 | C:\Program Files\Intel\iCLS Client\HeciServer.exe (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
2588 | C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (. - ISCT Agent Application.) - (4.1.40.2143) -> "C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
2616 | C:\Program Files\ma-config.com\MaConfigAgent.exe (.CybelSoft - Service de d�tection mat�riel.) - (7.1.2.4) -> "C:\Program Files\ma-config.com\MaConfigAgent.exe"
2640 | C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (2.0.23.0) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
2856 | C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (.Microsoft Corporation - Machine Debug Manager.) - (7.0.9466.0) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
2980 | C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (.Sony Corporation - Device Information Provider.) - (8.1.1.3120) -> "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
3052 | C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.495) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
3076 | C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (.Sony Corporation - Sony Digital Media Server.) - (3.3.4.1170) -> "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
3192 | C:\WINDOWS\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.9600.16384) -> C:\WINDOWS\system32\SearchIndexer.exe /Embedding
3600 | E:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (.Sony Corporation - VAIO Entertainment Common Service.) - (1.3.0.9090) -> "E:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
3612 | C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.328) -> "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
4100 | C:\Program Files (x86)\RocketDock\RocketDock.exe (. - .) - (0.0.0.0) -> "C:\Program Files (x86)\RocketDock\RocketDock.exe"
4520 | C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe (. - HOSTS Anti-PUPs/Adwares.) - (0.3.0.0) -> "C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe"
4640 | C:\Program Files\Windows Sidebar\sidebar.exe (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.2.8400.0) -> "C:\Program Files\Windows Sidebar\sidebar.exe"
4924 | C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (.Sony Corporation - Media Check Tool.) - (8.1.1.3120) -> "C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
4296 | E:\Firefox 26\firefox.exe (.Mozilla Corporation - Firefox.) - (28.0.0.5186) -> "E:\Firefox 26\firefox.exe"
768 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
888 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
3176 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage r�seau du Lecteur Windows Media.) - (12.0.9600.16384) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"
3676 | C:\WINDOWS\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de t�ches.) - (6.3.9600.16384) -> taskeng.exe {46828164-E57F-4122-8257-D0C57D6F7FC8}
1012 | C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe (.Kaspersky Lab ZAO - WMI x64 Helper.) - (14.0.0.4651) -> "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe" "WAIT_REQUEST" "\\.\pipe\{819F497D-B9CD-43C5-A898-7E615841AD0E}"

���������� | Processus d�marr�s


[22/08/2013 03:48:05] - 840 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch [31552 Ko]
[22/08/2013 03:48:05] - 872 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k RPCSS [31552 Ko]
[22/08/2013 03:48:05] - 108 | C:\WINDOWS\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [31552 Ko]
[22/08/2013 03:48:05] - 412 | C:\WINDOWS\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [31552 Ko]
[22/08/2013 03:48:05] - 576 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k netsvcs [31552 Ko]
[22/08/2013 03:48:05] - 808 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k LocalService [31552 Ko]
[22/08/2013 03:48:05] - 1184 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k NetworkService [31552 Ko]
[22/08/2013 03:48:05] - 1412 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork [31552 Ko]
[12/10/2013 06:19:52] - 1640 | C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (14.0.0.4764) -> "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe" -r [214512 Ko]
[14/03/2014 17:41:23] - 2828 | C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (2.1.9.0) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [857912 Ko]
[22/08/2013 03:48:05] - 3024 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k imgsvc [31552 Ko]
[22/08/2013 03:48:05] - 3268 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation [31552 Ko]
[12/10/2013 06:19:52] - 3520 | C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (14.0.0.4880) -> "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe" -hidden /prefetch:1 [996544 Ko]
[22/08/2013 03:48:05] - 3712 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted [31552 Ko]
[22/08/2013 03:48:05] - 3940 | C:\WINDOWS\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet [31552 Ko]
[22/08/2013 03:47:24] - 4736 | C:\WINDOWS\system32\DllHost.exe (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.16384) -> C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} [17760 Ko]
[22/03/2014 09:50:27] - 5044 | E:\Firefox 26\Telechargements\Shortcut_Module.exe (. - Shortcut_Module.) - (21.3.2014.5) -> "E:\Firefox 26\Telechargements\Shortcut_Module.exe" [2192384 Ko]
[22/08/2013 05:17:05] - 5032 | C:\WINDOWS\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.16384) -> C:\WINDOWS\system32\wbem\wmiprvse.exe [374784 Ko]
[21/12/2013 23:11:33] - 2476 | C:\WINDOWS\explorer.exe (.Microsoft Corporation - Explorateur Windows.) - (6.3.9600.16441) -> explorer.exe [2328872 Ko]
[27/08/2013 14:32:14] - 5068 | C:\Program Files\Intel\iCLS Client\HeciServer.exe (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [747520 Ko]

���������� | Services

Supprim� avec succ�s : HKLM\..\ControlSet001\Services\HOSTS Anti-PUPs : C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update

���������� | Hosts

C:\WINDOWS\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s

���������� | Registre

Supprim� avec succ�s : [64]HKLM\Software\Classes\AVSAsyncBuffer.AVSVideoTimeShift
Supprim� avec succ�s : [64]HKLM\Software\Classes\AVSAsyncBuffer.AVSVideoTimeShift.1
Supprim� avec succ�s : [64]HKLM\Software\Classes\AVSAsyncBuffer.UVideoTimeShift.1
Supprim� avec succ�s : [64]HKLM\Software\Classes\SOHObj.SOHMrsCDSItem
Supprim� avec succ�s : [64]HKLM\Software\Classes\SOHObj.SOHMrsCDSItem.1
Supprim� avec succ�s : [64]HKLM\Software\Classes\SVRDownloadButton.DownloadSitesFilter
Supprim� avec succ�s : [64]HKLM\Software\Classes\AVSAsyncBuffer.UVideoTimeShift
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ebay.fr
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\signin.ebay.fr
Supprim� avec succ�s : [64]HKLM\Software\Classes\TypeLib\{04C567CB-A52F-41F4-9628-10CC965E7179} : Acrobat WebCapture IE Toolbar/Favorites 1.0 Type Library
Supprim� avec succ�s : [64]HKLM\Software\Classes\Interface\{2020D269-FD2D-4A08-89F5-62D78B2FEEEE} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [32]HKLM\Software\Classes\Interface\{2020D269-FD2D-4A08-89F5-62D78B2FEEEE} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [64]HKLM\Software\Classes\Interface\{3665DA61-9837-4F9E-90EF-BAF4E92F915C} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [32]HKLM\Software\Classes\Interface\{3665DA61-9837-4F9E-90EF-BAF4E92F915C} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [64]HKLM\Software\Classes\Interface\{7DC95B34-4FA5-40F4-85EB-0F0610B0A4AA} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [32]HKLM\Software\Classes\Interface\{7DC95B34-4FA5-40F4-85EB-0F0610B0A4AA} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [64]HKLM\Software\Classes\Interface\{7FA5509F-B1E3-4CB5-BD4A-749018A96C5E} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [32]HKLM\Software\Classes\Interface\{7FA5509F-B1E3-4CB5-BD4A-749018A96C5E} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [64]HKLM\Software\Classes\Interface\{8C1B5968-AEA0-4188-AC7E-A496C679BE4A} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [32]HKLM\Software\Classes\Interface\{8C1B5968-AEA0-4188-AC7E-A496C679BE4A} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [64]HKLM\Software\Classes\Interface\{B2B8AD57-E62B-415D-8215-2169F9C1B7AB} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [32]HKLM\Software\Classes\Interface\{B2B8AD57-E62B-415D-8215-2169F9C1B7AB} : {04C567CB-A52F-41F4-9628-10CC965E7179}
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]|[Plus-HD-4.9-bg.exe] : 8000
Supprim� avec succ�s : [64]HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Supprim� avec succ�s : [64]HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Tracing\OneClick_RASAPI32
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Tracing\PerformanceOptimizer_RASAPI32
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Tracing\StartupOptimizer_RASAPI32
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Tracing\OneClick_RASMANCS
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Tracing\StartupOptimizer_RASMANCS
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Beamrise
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\eBay
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\AppDataLow\Software\Re_markit
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{048890a7-38d2-4037-89c8-51c84bb49411} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{347C5DBD-712B-482F-ACE6-5E9C178A767B} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35b1674d-bc26-4be8-9583-a24b8323bd3c} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4806C21D-8F14-45BF-A55E-B00E3AEF552} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C429AC1-13D3-4B17-A4FF-723CBBE3E81} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9006747D-40C5-4989-B39F-B12933C5202B} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae895304-04ca-4878-9846-f6ecc713caee} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2D78D0A-98EA-4658-B76A-BCC81AA8E5EF} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4769116-BA54-4978-9041-32969AB59C98} : C:\Program Files (x86)\Plus-HD-4.9
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\0BB8F6CB7B54D0F408CB965145FCE9D4 : C:\Users\Mike\AppData\Local\Temp\IXP000.TMP\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\1af2a8da7e60d0b429d7e6453b3d0182 : E:\TEMP\IXP000.TMP\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\36F42FFC386A20245862F3A9773A0B8E : C:\WINDOWS\TEMP\testnsis\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\c1c4f01781cc94c4c8fb1542c0981a2a : E:\TEMP\IXP000.TMP\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\DBDB1253354DF9D5AA55447BD5126492 : E:\TEMP\flaAA90.tmp\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\F5660E02EE4EA2E4E868FE6C1592EF14 : E:\TEMP\IXP000.TMP\Download-Modules\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\FB5FE701608FF414A8D4AC377CE21AE2 : E:\TEMP\IXP000.TMP\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\3E3786F629C594045B1132A131D80D09 : E:\TEMP\E8A0C4D2-727F-11E3-8297-D43D7E30F8F8\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\C70E72987F7945A488BF9D675FD04DE6 : E:\TEMP\{5C15431A-FDB5-43B8-8B52-5A6A34800030}\
Supprim� avec succ�s : [32]HKLM\Software\Classes\Installer\Products\FB540C64F3B24CB4E8C4000EFCB89DBD : E:\TEMP\AIR990B.tmp\
Supprim� avec succ�s : [64]HKLM\Software\Classes\Installer\Features\3E3786F629C594045B1132A131D80D09 :
Supprim� avec succ�s : [64]HKLM\Software\Classes\Installer\Features\C040710900063D11C8EF10054038389C : AlwaysInstalled
Supprim� avec succ�s : [64]HKLM\Software\Classes\Installer\Features\C70E72987F7945A488BF9D675FD04DE6 :
Supprim� avec succ�s : [64]HKLM\Software\Classes\Installer\Features\FB540C64F3B24CB4E8C4000EFCB89DBD :
Supprim� avec succ�s : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC4102D4618E19E5899A794F8B4FD909 : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\self_defence.dll
Supprim� avec succ�s : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8927E07C-97F7-4A54-88FB-D976F50DD46E} : http://pages.ebay.fr/help/
Supprim� avec succ�s : [64][HKLM\Software\Microsoft\Windows\CurrentVersion\Run]|[HOSTS Anti-Adware_PUPs] : C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe

���������� | IFEO


���������� | Dossiers

Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Bubble Dock.installation.log
Supprim� avec succ�s : C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
Supprim� avec succ�s : E:\TEMP\namebench-1.2-Windows-extract
Supprim� avec succ�s : E:\TEMP\namebench
Supprim� avec succ�s : C:\Users\All Users\eBay
Supprim� avec succ�s : C:\Users\All Users\FLEXnet
Supprim� avec succ�s : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\eBay
Supprim� avec succ�s : C:\Users\Mike\daemonprocess.txt
Supprim� avec succ�s : C:\Users\Mike\AppData\Local\Microsoft\Windows Sidebar\Gadgets\tweetz.gadget\showuser.js
Supprim� avec succ�s : C:\Users\Mike\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\fr-FR\AAA_SettingsPageRestoreUpdate.settingcontent-ms
Supprim� avec succ�s : C:\Users\Mike\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\YTSTUPDF\signin.ebay[1].xml
Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW3ZGTH7\secureinclude.ebaystatic.com
Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#secureinclude.ebaystatic.com
Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay Turbo Lister 2.lnk
Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eBay Turbo Lister 2.lnk
Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\jinpoww2.default\extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi
Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\jinpoww2.default\firebug\annotations.json
Supprim� avec succ�s : C:\Users\surf\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\LocalState\Indexed\Settings\fr-FR\AAA_SettingsPageRestoreUpdate.settingcontent-ms

���������� | D�tournements de raccourcis


���������� | Proxy

R�par� : [HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

���������� | D�tournement internet Explorer

R�par� : [HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com -> http://www.google.com/
R�par� : [HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\WINDOWS\system32\blank.htm -> C:\WINDOWS\SysWOW64\blank.htm
R�par� : [HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R�par� : [HKU\S-1-5-21-3216670785-851752652-2642267936-1001\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=54896
R�par� : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=54896
R�par� : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\WINDOWS\SysWOW64\blank.htm
R�par� : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=54896
R�par� : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=69157
R�par� : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://www.google.com -> http://go.microsoft.com/fwlink/?LinkId=54896

���������� | D�tournement Google Chrome


���������� | D�tournement Firefox

[surf] Supprim� avec succ�s : C:\Users\surf\AppData\Roaming\Mozilla\Firefox\Profiles\uavbivi6.default\sessionstore.js
[Mike] Supprim� avec succ�s : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\jinpoww2.default\sessionstore.js
[Mike] Remplac� : user_pref("browser.newtab.url", "chrome://lightning/content/newtab.html"); -> user_pref("browser.newtab.url", "http://www.google.fr");
[Mike] Remplac� : user_pref("browser.startup.homepage", "about:home"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
[Mike] Supprim� avec succ�s : user_pref("capability.policy.maonoscript.sites", "1000-annonces.com 123rf.com 176.31.231.111 1and1.fr addons.mozilla.org adf.ly adnext.fr adobe.com afx.ms ajax.aspnetcdn.com akamaihd.net alexgorbatchev.com alibaba.com aspnetcdn.com banque-france.fr bernardaud.fr blogger.com bluekai.com ca-centrefrance.fr cachefly.net calameo.com ccm2.net ccmbg.com cdnjs.cloudflare.com cfrt.tv chatango.com clicmanager.fr clictune.com code.jquery.com commentcamarche.net credit-agricole.fr criteo.com crucial.fr d2cnb4m0nke2lh.cloudfront.net dailymotion.com deviantart.net dominocounter.net doubleclick.net ebay.com ebay.fr ebaystatic.com ensighten.com estat.com facebook.com facebook.net fbsbx.com firstdata.com firstdata.lv flashgot.net flickr.com forum-des-commerces.fr francetvinfo.fr getsysteminfo.com gfx.ms google-analytics.com google.com googleadservices.com googleapis.com googlesyndication.com googletagmanager.com googletagservices.com googleusercontent.com grotte-de-tourtoirac.fr gstatic.com hardware.fr hotmail.com hp.com info-info-info-info-info.info informaction.com intellitxt.com jacquespergay.com jacquespergay.fr jollywallet.com kaspersky.com kaspersky.fr lassuranceretraite.fr lebistrodemasgot.fr leboncoin.fr lefigaro.fr linkwithin.com live.com live.net loomji.fr ma-config.com maconvention.fr majax31isback.blogspot.fr malekal.com manjaro.fr maone.net masgot.fr maxymiser.net mega.co.nz memoclic.com microsoft.com microsofttranslator.com mootools.net mozilla.net mozilla.org msn.com mywot.com newrelic.com noblaccueil.fr noscript.net odexpo.com onlinehome.fr outlook.com pagefair.com panora-banques.com panorabanques.com paruvendu.fr passport.com passport.net passportimages.com pastebin.com patrimoine-de-france.com paypal.com paypalobjects.com pcastuces.com persona.org proantic.com prototypejs.org quantserve.com rocketdock.com s-sfr.fr saint-leonard-horizon2020.fr searchtweaker.com securecode.com securesuite.net service-public.fr sfr.fr sfx.ms shared-house.com smokenroll.eu sony.fr superfish.com supportduweb.com t411.me tabacbelgique.com thierrybuisson-site.fr tinymce.cachefly.net tomsguide.fr tourisme-hautevienne.com tourisme-noblat.fr touslesdrivers.com toutsofts.blogspot.fr toutypasse.com tuto.com twimg.com twitter.com txtsrving.info typepad.com viewat.org vimeo.com virustotal.com visualwebsiteoptimizer.com vjs.zendcdn.net weborama.fr wlxrs.com yahoo.com yahooapis.com yandex.st yimg.com youtube.com ytimg.com about: about:addons about:blank about:blocked about:certerror about:config about:crashes about:home about:memory about:neterror about:plugins about:privatebrowsing about:sessionrestore about:srcdoc about:support blob: chrome: file:// http://1000-annonces.com http://123rf.com http://192.168.1.1 http://1and1.fr http://adf.ly http://adnext.fr http://adobe.com http://afx.ms http://akamaihd.net http://alexgorbatchev.com http://alibaba.com http://aspnetcdn.com http://banque-france.fr http://bernardaud.fr http://blogger.com http://bluekai.com http://ca-centrefrance.fr http://cachefly.net http://calameo.com http://ccm2.net http://ccmbg.com http://cfrt.tv http://chatango.com http://clicmanager.fr http://clictune.com http://commentcamarche.net http://credit-agricole.fr http://criteo.com http://crucial.fr http://dailymotion.com http://deviantart.net http://dominocounter.net http://doubleclick.net http://ebay.com http://ebay.fr http://ebaystatic.com http://ensighten.com http://estat.com http://facebook.com http://facebook.net http://fbsbx.com http://firstdata.com http://firstdata.lv http://flashgot.net http://flickr.com http://forum-des-commerces.fr http://fr.msi.com http://francetvinfo.fr http://general-changelog-team.fr http://getsysteminfo.com http://gfx.ms http://google-analytics.com http://google.com http://googleadservices.com http://googleapis.com http://googlesyndication.com http://googletagmanager.com http://googletagservices.com http://googleusercontent.com http://grenier_des_bd.pagesperso-orange.fr http://grotte-de-tourtoirac.fr http://gstatic.com http://hardware.fr http://helper-formation.fr http://hotmail.com http://hp.com http://id-conception.fr http://info-info-info-info-info.info http://infomars.fr http://informaction.com http://intellitxt.com http://jacquespergay.com http://jacquespergay.fr http://jollywallet.com http://kaspersky.com http://kaspersky.fr http://lassuranceretraite.fr http://lebistrodemasgot.fr http://leboncoin.fr http://lefigaro.fr http://linkwithin.com http://live.com http://live.net http://loomji.fr http://ma-config.com http://maconvention.fr http://malekal.com http://manjaro.fr http://maone.net http://masgot.fr http://maxymiser.net http://memoclic.com http://microsoft.com http://microsofttranslator.com http://mootools.net http://mozilla.net http://mozilla.org http://msn.com http://musee-tuileries-puycheny.boonzai.com http://mywot.com http://newrelic.com http://noblaccueil.fr http://noscript.net http://notreuniversartsaventures.fr http://odexpo.com http://onlinehome.fr http://outils-pierre13.forumactif.org http://outlook.com http://pagefair.com http://panora-banques.com http://panorabanques.com http://paruvendu.fr http://passport.com http://passport.net http://passportimages.com http://pastebin.com http://patrimoine-de-france.com http://paypal.com http://paypalobjects.com http://pcastuces.com http://persona.org http://post.vivastreet.com http://pouyat.pagesperso-orange.fr http://proantic.com http://prototypejs.org http://quantserve.com http://rainmeter.deviantart.com http://rocketdock.com http://s-sfr.fr http://saint-leonard-horizon2020.fr http://searchtweaker.com http://securecode.com http://securesuite.net http://service-public.fr http://sfr.fr http://sfx.ms http://shared-house.com http://smokenroll.eu http://sony.fr http://superfish.com http://supportduweb.com http://t411.me http://t411.mysimplybox.com http://tabacbelgique.com http://thierrybuisson-site.fr http://tomsguide.fr http://tourisme-hautevienne.com http://tourisme-noblat.fr http://touslesdrivers.com http://toutypasse.com http://tuto.com http://twimg.com http://twitter.com http://txtsrving.info http://typepad.com http://viewat.org http://vimeo.com http://virustotal.com http://visualwebsiteoptimizer.com http://vpourchet.com http://weborama.fr http://wiki.manjaro.org http://wlxrs.com http://www.achat-vente-restaurant.fr http://www.achatcommerce.com http://www.astrosurf.com http://www.ca-centreouest.fr http://www.chantal11.com http://www.crystalxp.net http://www.cyrillefroissart.com http://www.delcam.com http://www.delcampe.net http://www.deviantart.com http://www.forum-entraide-informatique.com http://www.google.fr http://www.jevendsmoncommerce.fr http://www.linternaute.com http://www.manuelbelleli.com http://www.microsoft-desktop.com http://www.programme-tv.net http://www.toutypasse.com http://www.trouverunechambredhote.com http://www.truffaut.com http://www.vendre-son-restaurant.com http://www.vente-restaurants.fr http://yahoo.com http://yahooapis.com http://yandex.st http://yimg.com http://youtube.com http://ytimg.com https://1000-annonces.com https://123rf.com https://1and1.fr https://adf.ly https://admin.1and1.fr https://adnext.fr https://adobe.com https://afx.ms https://akamaihd.net https://alexgorbatchev.com https://alibaba.com https://aspnetcdn.com https://banque-france.fr https://bernardaud.fr https://blogger.com https://bluekai.com https://ca-centrefrance.fr https://cachefly.net https://calameo.com https://ccm2.net https://ccmbg.com https://cfrt.tv https://chatango.com https://clicmanager.fr https://clictune.com https://commentcamarche.net https://credit-agricole.fr https://criteo.com https://crucial.fr https://dailymotion.com https://deviantart.net https://dominocounter.net https://doubleclick.net https://ebay.com https://ebay.fr https://ebaystatic.com https://ensighten.com https://espace-client.sfr.fr https://estat.com https://facebook.com https://facebook.net https://fbsbx.com https://firstdata.com https://firstdata.lv https://flashgot.net https://flickr.com https://forum-des-commerces.fr https://francetvinfo.fr https://getsysteminfo.com https://gfx.ms https://google-analytics.com https://google.com https://googleadservices.com https://googleapis.com https://googlesyndication.com https://googletagmanager.com https://googletagservices.com https://googleusercontent.com https://grotte-de-tourtoirac.fr https://gstatic.com https://hardware.fr https://hotmail.com https://hp.com https://info-info-info-info-info.info https://informaction.com https://intellitxt.com https://jacquespergay.com https://jacquespergay.fr https://jollywallet.com https://kaspersky.com https://kaspersky.fr https://lassuranceretraite.fr https://lebistrodemasgot.fr https://leboncoin.fr https://lefigaro.fr https://linkwithin.com https://live.com https://live.net https://loomji.fr https://ma-config.com https://maconvention.fr https://malekal.com https://manjaro.fr https://maone.net https://masgot.fr https://maxymiser.net https://memoclic.com https://microsoft.com https://microsofttranslator.com https://mootools.net https://mozilla.net https://mozilla.org https://msn.com https://mywot.com https://newrelic.com https://noblaccueil.fr https://noscript.net https://odexpo.com https://onlinehome.fr https://outlook.com https://pagefair.com https://panora-banques.com https://panorabanques.com https://paruvendu.fr https://passport.com https://passport.net https://passportimages.com https://pastebin.com https://patrimoine-de-france.com https://paypal.com https://paypalobjects.com https://pcastuces.com https://persona.org https://proantic.com https://prototypejs.org https://quantserve.com https://rocketdock.com https://s-sfr.fr https://saint-leonard-horizon2020.fr https://searchtweaker.com https://securecode.com https://securesuite.net https://service-public.fr https://sfr.fr https://sfx.ms https://shared-house.com https://smokenroll.eu https://sony.fr https://superfish.com https://supportduweb.com https://t411.me https://tabacbelgique.com https://thierrybuisson-site.fr https://tomsguide.fr https://tourisme-hautevienne.com https://tourisme-noblat.fr https://touslesdrivers.com https://toutypasse.com https://tuto.com https://twimg.com https://twitter.com https://txtsrving.info https://typepad.com https://viewat.org https://vimeo.com https://virustotal.com https://visualwebsiteoptimizer.com https://weborama.fr https://wlxrs.com https://www.google.fr https://yahoo.com https://yahooapis.com https://yandex.st https://yimg.com https://youtube.com https://ytimg.com moz-safe-about: resource:");
[Mike] Supprim� avec succ�s : user_pref("extensions.bootstrappedAddons", "{\"elemhidehelper@adblockplus.org\":{\"version\":\"1.2.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\elemhidehelper@adblockplus.org.xpi\"},\"gmailnoads@mywebber.com\":{\"version\":\"4.24\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\gmailnoads@mywebber.com.xpi\"},\"jid1-0xtMKhXFEs4jIg@jetpack\":{\"version\":\"1.0.13\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\jid1-0xtMKhXFEs4jIg@jetpack.xpi\"},\"{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}\":{\"version\":\"1.7.18\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi\"},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.5.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\"},\"firebug@software.joehewitt.com\":{\"version\":\"1.12.7\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\firebug@software.joehewitt.com.xpi\"}}");
[Mike] Supprim� avec succ�s : user_pref("extensions.firebug.toolbarCustomizationDone", true);
[Mike] Supprim� avec succ�s : user_pref("extensions.googletranslatorforff.toolbarbuttonplaced", true);
[Mike] Supprim� avec succ�s : user_pref("extensions.https_everywhere.toolbar_hint_shown", true);
[Mike] Supprim� avec succ�s : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}\":{\"descriptor\":\"E:\\\\Video Converter Ultimate\\\\SVRFirefoxExt\",\"mtime\":1388011728114,\"rdfTime\":1366145828000},\"url_advisor@kaspersky.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 14.0.0\\\\FFExt\\\\url_advisor@kaspersky.com\",\"mtime\":1392735780967,\"rdfTime\":1392735756846},\"virtual_keyboard@kaspersky.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 14.0.0\\\\FFExt\\\\virtual_keyboard@kaspersky.com\",\"mtime\":1392735780979,\"rdfTime\":1392735757282},\"content_blocker@kaspersky.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 14.0.0\\\\FFExt\\\\content_blocker@kaspersky.com\",\"mtime\":1392735780951,\"rdfTime\":1392735755235},\"anti_banner@kaspersky.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 14.0.0\\\\FFExt\\\\anti_banner@kaspersky.com\",\"mtime\":1392735780928,\"rdfTime\":1392735755180},\"online_banking@kaspersky.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 14.0.0\\\\FFExt\\\\online_banking@kaspersky.com\",\"mtime\":1392735780960,\"rdfTime\":1392735756193},\"web2pdfextension@web2pdf.adobedotcom\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Adobe\\\\Acrobat 11.0\\\\Acrobat\\\\Browser\\\\WCFirefoxExtn\",\"mtime\":1393599659900,\"rdfTime\":1348429436000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"E:\\\\Firefox 26\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1395187631009,\"rdfTime\":1395187630994}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}\":{\"descriptor\":\"E:\\\\Video Converter Ultimate\\\\SVRFirefoxExt\",\"mtime\":1388011728114,\"rdfTime\":1366145828000}}},{\"name\":\"app-profile\",\"addons\":{\"elemhidehelper@adblockplus.org\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\elemhidehelper@adblockplus.org.xpi\",\"mtime\":1387664783635},\"firebug@software.joehewitt.com\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\firebug@software.joehewitt.com.xpi\",\"mtime\":1394039700530},\"gmailnoads@mywebber.com\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\gmailnoads@mywebber.com.xpi\",\"mtime\":1392332185044},\"https-everywhere@eff.org\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\https-everywhere@eff.org\",\"mtime\":1394730029240,\"rdfTime\":1394730025299},\"isadmin@vdtsoftware.ffext\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\isadmin@vdtsoftware.ffext.xpi\",\"mtime\":1388284684847},\"jid1-0xtMKhXFEs4jIg@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\jid1-0xtMKhXFEs4jIg@jetpack.xpi\",\"mtime\":1392905731049},\"YoutubeDownloader@PeterOlayev.com\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\YoutubeDownloader@PeterOlayev.com.xpi\",\"mtime\":1395186841776},\"zoompage@DW-dev\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\zoompage@DW-dev.xpi\",\"mtime\":1394288274863},\"{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi\",\"mtime\":1394445176316},\"{73a6fe31-595d-460b-a920-fcc0f8843232}\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi\",\"mtime\":1394152699962},\"{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\",\"mtime\":1388284684841,\"rdfTime\":1384786919000},\"{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi\",\"mtime\":1392910234981},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Mike\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\jinpoww2.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1393373017343}}}]");
[Mike] Supprim� avec succ�s : user_pref("extensions.jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.install-event-fired", true);
[Mike] Supprim� avec succ�s : user_pref("extensions.jid1-0xtMKhXFEs4jIg@jetpack.install-event-fired", true);
[Mike] Supprim� avec succ�s : user_pref("web2pdf.pref_create_toolbar_button_in_nav-bar", false);
[Mike] Supprim� avec succ�s : user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
[Mike] Supprim� avec succ�s : user_pref("weboftrust.search.dogpile.prestyle", ".paidSearchResult [ATTR] { display: none ! important; } .searchResultsPane { max-width: 44.08em; } [ATTR] { position: absolute; visibility: hidden; }");
[Mike] Supprim� avec succ�s : user_pref("weboftrust.search.google.urlign", "^http(s)?\\:\\/\\/((www|encrypted)\\.)?google\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/(\\+|a\\/|accounts|ad(s|manager|planner|sense|words)|alerts|analytics|apps|appserve|base|calendar|chrome(frame)?|codesearch|comparisonads|corporate|crisisresponse|datacenter|dfp|dictionary|doodle|educators|enterprise|events|experimental|familysafety|finance|flutrends|friendconnect|goog411|googlebooks|googlenotebook|googlevoice|gwt|help|history|hostednews|images|imgres|ime|insights|landing|local|logos|mapmaker|maps|mobile|moon|music|newproducts|news|notebook|patents|phone|postini|powermeter|press|profiles|publicdata|puzzles|onlinechallenge|racing|reader|recaptcha|relief|services|s2|sitesearch|sky|smallbusinessnetwork|squared|submit|support|sync|talk|toolbar|ventures|voice|wallet|web(masters|elements)|intl\\/[^\\/]+\\/.+|search\\\\?.*tbm=isch)");

���������� | D�tournement des cl�s StartMenuInternet

R�par� : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\safemode\command] : "D:\Firefox 26\firefox.exe" -safe-mode -> "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" -safe-mode
R�par� : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

���������� | AppInit_DLLs



[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

���������� | D�tournement Javascript


���������� | Firewall

R�par� : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
R�par� : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
R�par� : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0

Supprim� avec succ�s : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]|[{753888C6-57DD-4EC5-A208-EA444013B035}] : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\GoforFiles\goforfilesdl.exe|Name=GoforFiles|
Supprim� avec succ�s : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]|[{573827CB-EB42-44E3-83EA-E8278157E248}] : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\GoforFiles\GoforFiles.exe|Name=GoforFiles|

���������� | Fichiers temporaires

[All Users] Fichiers temporaires Supprim�s : 0 Ko
[Default User] Fichiers temporaires Supprim�s : 0 Ko
[Public] Fichiers temporaires Supprim�s : 0 Ko
[Default] Fichiers temporaires Supprim�s : 0 Ko
[surf] Fichiers temporaires Supprim�s : 13756 Ko
[Mike] Fichiers temporaires Supprim�s : 32222 Ko

Autre rapport


���������� |EOF| ���������� | 10:00:00 | [45158]

Publicité


Signaler le contenu de ce document

Publicité