~ Report of ZHPDiag v2015.6.16.57 - Nicolas Coolman (16/06/2015) ~ Launched by Administrateur (25/06/2015 22:37:54) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Web forum address : http://www.forum.nicolascoolman.fr ~ Translated by ~ Version State : Updated version. ~ White List : Activate by program ~ Elevation of privilege : OK ~ User Account Control : Not Found ---\\ Internet browsers MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 20.0 (Defaut) ---\\ Windows product information ~ Langage: Anglais Windows Automatic Updates : OK Windows Genuine Advantage : KO Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ System protection software Malwarebytes Anti-Malware version 1.61.0.1400 ---\\ System optimization software CCleaner v3.01 ---\\ Sharing software PeerToPeer ---\\ Surveillance software Adobe Flash Player 17 NPAPI ---\\ Information on the system ~ Processor: x86 Family 6 Model 13 Stepping 8, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2039 MB (47% free) System Restore: Activé (Enable) System drive C: has 7 GB (18%) free of 37 GB ---\\ Connection to the system mode ~ Computer Name: DELL-CA4D6126A3 ~ User Name: Administrateur ~ All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environment variables ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Administrateur\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\ ~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\ ~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumeration of the disk units C: Hard drive, Flash drive, Thumb drive (Free 7 Go of 37 Go) D: CD-ROM drive (Not Inserted) E: Floppy drive, Flash card reader, USB Key (Free 0 Go of 29 Go) F: Hard drive, Flash drive, Thumb drive (Free 415 Go of 466 Go) G: CD-ROM drive (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Free 4 Go of 15 Go) ---\\ State of the Windows Security Center [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 42 Legitimates Filtered in 00mn 00s ---\\ Search Generic System Files [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 02:34:03.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.2988BFF8257A55EA8AFD038F49F81A34] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/02/2014 - 23:20:01.) -- C:\WINDOWS\system32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 02:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 13:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 18:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 19:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 18:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 01:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 16:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 02:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 18:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 18:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 19:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 13:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 19:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 19:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 02:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 19:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 18:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 01:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 01:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/758 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Videos) : 1/16 ~ Mes Favoris (My Favorites) : 1/12 ~ Mes Documents (My Documents) : 1/17236 ~ Mon Bureau (My Desktop) : 1/332 ~ Menu demarrer (Programs) : 1/113 ~ Hidden Files: Scanned in 00mn 51s ---\\ Process running [MD5.283B2E82C8D860104B55870F174C60D8] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [75496] [PID.808] [MD5.788C72B145C75A7EE5F5D6A32542D912] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176] [PID.952] [MD5.C17C3A529CE14012F9731A6E264C1911] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [946176] [PID.1260] [MD5.22516ED8E0D89323D4E0D9CCC2848819] - (.Intel(R) Corporation - WLANKEEPER.) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [290816] [PID.1288] [MD5.60714B1C15F815F55798C0B3D4819BEB] - (...) -- C:\WINDOWS\System32\WLTRYSVC.exe [20480] [PID.1528] [MD5.7C19764A2EC7AC4AE8DB4BBF0B7F20C5] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Co.) -- C:\WINDOWS\System32\bcmwltry.exe [1253376] [PID.1540] [MD5.5AC144F03B31AFAB6717AD3622D1680D] - (.Atheros - ACS.) -- C:\WINDOWS\system32\acs.exe [499796] [PID.1676] [MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [238888] [PID.1700] [MD5.1B9100ACCFC9FD8B1D991F4BB80EC401] - (.Giraffic - Giraffic Video Accelerator Watchdog.) -- C:\Program Files\Giraffic\GirafficWatchdog.exe [2245232] [PID.1748] [MD5.BDAFA4CF221E4A44B439D91863DF7C67] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2117968] [PID.1796] [MD5.BA400ED640BCA1EAE5C727AE17C10207] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [654408] [PID.1868] [MD5.F502A4B72524D21C5CA7183E61FB522E] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe [375872] [PID.1944] [MD5.D8894ACEFE1A607DE7D0E628285BFFF4] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680] [PID.1960] [MD5.6EC042A004268B3EA2FB96D939303095] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe [5419792] [PID.248] [MD5.F45B518771A2A1482C2D7BD4F0704904] - (.Microsoft Corporation - User Dump Service/Command-Line App.) -- C:\WINDOWS\system32\kktools\userdump.exe [90496] [PID.344] [MD5.BF45D1E087B701D5215EBE57E2EDCA47] - (.Giraffic - Giraffic Video Accelerator.) -- C:\Program Files\Giraffic\Giraffic.exe [4001376] [PID.448] [MD5.4BC7807553A3C0786BBC4DFDCF27B222] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3903056] [PID.2356] [MD5.312FC312F84305E10828FDBF92CE4300] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.1556] [MD5.4DAB37E8BEDA1F286F0C40B8AAB0D65C] - (.No owner - Everything.) -- C:\Documents and Settings\Administrateur\Mes documents\Desktop\search for files Everything\search for files Everything -1.2.1.371.exe [602624] [PID.1484] [MD5.DC190B838569B8B7E7517F89BF552E8A] - (.Microsoft Corporation - Commande TCP/IP Ping.) -- C:\WINDOWS\system32\ping.exe [19456] [PID.688] [MD5.E7B58CE9BD61BF575E2880088F4E5447] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8218112] [PID.3160] ~ Processes Running: Scanned in 00mn 03s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\prefs.js M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\----------------1.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\---------------.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\-----------.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\-------1.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\------.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\------mp3--.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\-----.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\-----bluray-720p--dallas-buyers-club-2013-18-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\----.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\---.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\---051.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\---3--------.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\--.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\--1.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\--2014-----.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\--ypanime-tv-------anime-2-tv.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\-3----.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\300mb-links--the-smallest-size-ever-for-your-movies.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\300mbfilms-300mb-movies-high-qulaity-small-size-in-resumeabl.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\300mbmovies4ucom---hollywood-movie-archives---300mbmovies4uc.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\acronymfinder-index-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\addic7edcom---the-source-of-latest-tv-subtitles.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\allocin--cinma-sries-tv-stars-vidos-dvd-et-vod.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\alluc-free-video-and-download-link-search-engine.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\annabelle-2014-bluray-720p-51ch--downloadfilmbarucom.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\annonces-gratuites-au-maroc-avitoma--rabat-sal-zemmour-zar--.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\arabdict-online-dictionaries-----.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\asianwiki.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\ask-me-anything-official-motion-picture-soundtrack--collecti.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\beemp3.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\bingp.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\bioskopkitacom--download-film-gratis--subtitle-indonesia.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\cake-boss-next-great-baker-s02e01-its-go-time.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\californication-music---season-1---tunefind.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\celebrity-photo-gallery.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\dailymotion---watch-publish-share-videos.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\datalife-engine-96-final.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\dictionarycom--find-the-meanings-and-definitions-of-words-at-1.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\dictionarycom--find-the-meanings-and-definitions-of-words-at.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\dictionnaires-en-ligne-babla---loving-languages.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\direct-download-movies--games--download-free-movies-and-game.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\download-music-movies-games-software-the-pirate-bay---the-ga.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\download-verified-torrents-movies-music-games-software--1337.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\egyup.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\emp3worldso---free-mp3-download.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\english--hdmovie24com.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\english-films------------------------.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\ergororg.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\eurostreaming---serie-tv-e-film-in-streaming.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\extratorrentcom-torrent-search.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\eztv---tv-torrents-online.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\falling-skies-s03e01e02-720p-hdtv-575mb--mediafire-movies.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\fiestar--my-lovely-girl-ost-part-7--mymusics-blog.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\filestubecom-software.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\find-ip-address---lookup-and-locate-an-ip-address.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\ganoolcom--free-download-movie-and-game.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\get-free-mp3-without-registration.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\goofram-search.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\google-img-basic.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\google-maroc.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\greasy-fork---scripts-utilisateurs-srs-et-utiles.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\grooveshark---listen-to-free-music-online---internet-radio--.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\hawtcelebs---latest-celebrities-pictures---hawtcelebs.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\hd-movies-point---download-free-hd-movies.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\heardontvcom.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\hollywood-movie-archives--movies360info.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\hollywood-movies-archives---mkvcage.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\holy-quran-search.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\icefilmsinfo---quality-divx-tv--movies-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\icefilmsinfo---quality-divx-tv--movies.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\imdb---movies-tv-and-celebrities.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\isohunt---bittorrent--p2p-torrent-search-engine.xml =>P2P.BitTorrent M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\kickassso.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\latest-movies-and-tv-shows.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\limetorrentscc-search.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\lyricscom---your-music-community-with-the-largest-searchable.xml =>Hijacker.Searchab M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\main--open-pirate-bay.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mazika2day.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mediafire-movies-high-quality-small-size-mediafire-links.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mediafirehbo.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\megauploadagoracombr.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\minirlss---1-source-for-encoded-mkv-tv-shows.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mkvcage---download-free-movies.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mkvitunescom--free-latest-mkv-movies-fast-and-direct-downloa.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\movies-archives---scenesource.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mp3-download--free-download--music-search-engine.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mp3juicescom---free-mp3-downloads--top-music-search-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mp3raidcom---free-mp3-downloads-free-music-downloads.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mp3skullcom---free-mp3-download.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\mrtzcch--best-free-mp3-download-on-world-wide-web.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\okanime--005.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\openuserjs.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\paroles-de-chansons-et-traductions-sur-lacoccinellenet-parol.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\posts-tagged-mexico---sawfirst--hot-celebrity-pictures.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\project-free-tv---watch-all-your-favorite-tv-shows-and-movie.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\publichd--torrents.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\quickspell.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\r4downloadsco--download-apps-movies--full-version.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\rapidmoviez.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\rarbgcom-torrents--filmi--download.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\referencecom---a-free-online-encyclopedia--information-refer.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\release-bb---daily-source-of-awesome-stuff-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\releasebb--rlsbb-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\releasebb--rlsbb.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\rotten-tomatoes-movies--tv-shows--movie-trailers--reviews.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\search-in-7223212-subtitles--subtitleseekercom--seek--find-s.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\search-results---forum.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\secure-torrentz-search.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\shaanig--hq-movies--tv-shows-at-smallest-size.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\site-de-tlchargement-gratuit---telecharger-films.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\site-pour-tlcharger-series-gratuitement--.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\sites-like---find-and-share-similar-websites.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\sous-titres.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\startpage-web-recherche.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\subscene---passionate-about-good-commentaries.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\subscene.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\subtitles-for-movies-and-tv-series-subsmaxcom.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\subtitlesat.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\superiorpics-celebrity-forums---forums-powered-by-ubbthreads.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\the-good-wife-saison-2--series-ddl-v2---part-2.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\the-online-slang-dictionary--real-definitions-for-real-slang.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\thesauruscom--find-synonyms-and-antonyms-of-words-at-thesaur.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\tlchargez-gratuitement-vos-sries-prfres-sur-multi-hbergeurs-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\travelling-salesman-2012-720p-web-dl--tempatdownloadfilmcom.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\truedetectives01e03hdtvx264-killers--truedetectives01e03720p.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\tuseriecom---descargar-series-y-ver-series-online.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\tv-shows---wrzko---putlocker-uploaded-and-netload-links.xml =>Spyware.PutLocker M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\tvshow--free-direct-downloads---downha.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\tvsubtitlesnet---download-latest-tv-show-and-tv-series-subti.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\twitter--home.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\twoddl---firedrive-putlocker--zippyshare-and-uploaded-links.xml =>Spyware.PutLocker M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\urban-dictionary-june-16-facebook-philosopher.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\userscriptsorg-power-ups-for-your-browser-.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\virustotal-hash.xml =>PUP.CrossRider M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\vt-movie--free-download-bluray-hd-3d-dvdrip-movies.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-justified-online---watch-movies-online-full-movies-dow.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-movies-and-tv-shows-online-for-free---solarmovie.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-movies-online---mediabang.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-movies-watch-series-online-filmovi-sa-prevodom.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-online-the-shield-season-4-episode-5---tar-baby---watc.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-series-online-for-free-full-episodes---watch-series.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-star-trek-into-darkness-online-for-free--download-star.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-the-riches-season-1---episode-6---virgin-territory-onl.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-the-shield-online-tv-show---download-theshield---on-pr.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-the-shield-season-4---episode-5---tar-baby-online---do.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-tv-shows-online-for-free-on-1channelmovie.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-veep---season-1-episode-2---frozen-yoghurt-online-s1e2.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-youre-the-worst-2014-s01e02---watch-series-online-free.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\watch-youre-the-worst-s1-e1-online-stream.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\webextender.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\what-is-this-exe-file-is-this-file-safe-check-the-directory.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\wolframalpha.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\yahoo-answers---home.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\yts---search-and-browse-yify-movie-torrent-downloads.xml M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\searchplugins\zone-telechargement---site-de-tlchargement-gratuit.xml M2 - MFEP: prefs.js [Administrateur - 77254oub.default\custombuttons@xsms.org] [] Custom Buttons v0.0.5.8 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\isreaditlater@ideashower.com] [] Pocket v3.0.4 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\LDshowpicture_plashcor@gmail.com] [] Show Picture v3.0 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\mozilla_cc@internetdownloadmanager.com] [] IDM CC v7.3.82 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\redirector@einaregilsson.com] [] Redirector v2.8.4 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\tabgroupshelper@kevinallasso.org] [] Tab Groups Helper v0.1.8 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\xthunder@lshai.com] [] xThunder v1.3.4 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\{767a0048-69da-4392-b458-55b7a96b66f7}] [] Scrollbar Anywhere v0.14.2 (..) M2 - MFEP: prefs.js [Administrateur - 77254oub.default\{98449521-9320-4257-aa35-9e1a39c8cbe0}] [] CacheIt! v2.0.3 (..) M2 - MFEP: Extension [Administrateur - 77254oub.default] adblockpopups@jessehakanen.net.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] add-to-searchbox@maltekraus.de.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] appbuttonremove@mozilla.org.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] autocopy2@teo.pl.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] bartap@philikon.de.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] better_url@sdrocking.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] bug489729@alice0775 M2 - MFEP: Extension [Administrateur - 77254oub.default] check-compatibility@dactyl.googlecode.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] cookiekeeper@cookiekeeper.mozdev.org.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] CookiesIE@yahoo.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] cookieSwap@cookieSwap.mozdev.org.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] copyplaintext@teo.pl.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] custombuttons@xsms.org M2 - MFEP: Extension [Administrateur - 77254oub.default] firebug@software.joehewitt.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] GBE@fess16.blogspot.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] imglikeopera@imfo.ru.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] isreaditlater@ideashower.com M2 - MFEP: Extension [Administrateur - 77254oub.default] LDshowpicture_plashcor@gmail.com M2 - MFEP: Extension [Administrateur - 77254oub.default] LDSI_plashcor@gmail.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] mozilla_cc@internetdownloadmanager.com M2 - MFEP: Extension [Administrateur - 77254oub.default] multilinks@plugin.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] noverflow@sdrocking.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] openinbrowser@www.spasche.net.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] organize-search-engines@maltekraus.de.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] personaltitlebar@moztw.org.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] pig1717@gmail.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] premiumproxyswitcher@freeproxylist.org.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] redirector@einaregilsson.com M2 - MFEP: Extension [Administrateur - 77254oub.default] requestpolicy@requestpolicy.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] secureLogin@blueimp.net.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] showtheimage@brunwin.net.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] sumeetkpatel@gmail.com.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] tabgroupshelper@kevinallasso.org M2 - MFEP: Extension [Administrateur - 77254oub.default] undoclosedtabsbutton@supernova00.biz.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] xthunder@lshai.com M2 - MFEP: Extension [Administrateur - 77254oub.default] zoompage@DW-dev.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {02450914-cdd9-410f-b1da-db004e18c671}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {097d3191-e6fa-4728-9826-b533d755359d}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {39952c40-5197-11da-8cd6-0800200c9a66}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {4BBDD651-70CF-4821-84F8-2B918CF89CA3} M2 - MFEP: Extension [Administrateur - 77254oub.default] {53A03D43-5363-4669-8190-99061B2DEBA5}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {5C655500-E712-41e7-9349-CE462F844B19}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {73a6fe31-595d-460b-a920-fcc0f8843232}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {767a0048-69da-4392-b458-55b7a96b66f7} M2 - MFEP: Extension [Administrateur - 77254oub.default] {902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {97604a30-ef7f-11e0-be50-0800200c9a66}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {98449521-9320-4257-aa35-9e1a39c8cbe0} M2 - MFEP: Extension [Administrateur - 77254oub.default] {A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {aede9b05-c23c-479b-a90e-9146ed62d377}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {d2a46ca0-999d-11da-a72b-0800200c9a66}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi =>PUP.ScorpionSaver M2 - MFEP: Extension [Administrateur - 77254oub.default] {f01f4cbe-b8a8-4c37-94b3-119d8779e7e0}.xpi M2 - MFEP: Extension [Administrateur - 77254oub.default] {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi ~ Firefox Browser: 241 Legitimates Filtered in 00mn 01s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wana.ma ~ IE Browser: 13 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=; R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ~ Proxy management: Scanned in 00mn 00s ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (0) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects (O2) O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ~ BHO: 6 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key ~ Toolbar: Scanned in 00mn 00s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-484763869-776561741-839522115-500\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ~ Application: Scanned in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} . (.Apple Inc. - Bonjour Resource Module.) -- C:\Program Files\Bonjour\ExplorerPlugin.Resources\ExplorerPluginResources.dll O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Site in Trusted Zone (O15) O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com O15 - Trusted Zone: [HKCU\...\Domains] http.windowsupdate.com ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ ActiveX Objects (Downloaded Program Files) (O16) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271868618453 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} ((no name)) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} ((no name)) - http://xserv.dell.com/DellDriverScanner/DellSystem.CAB =>PUP.DriverScanner O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} ((no name)) - http://support.dell.com/systemprofiler/DellSystemLite.CAB ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{49AB6165-3ECB-4869-A546-0827C9522B40}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{49AB6165-3ECB-4869-A546-0827C9522B40}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{6E9B9206-16CA-406B-9EC3-B75BAAA18234}: NameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{49AB6165-3ECB-4869-A546-0827C9522B40}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{49AB6165-3ECB-4869-A546-0827C9522B40}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Giraffic Video Accelerator (Giraffic) . (.Giraffic - Giraffic Video Accelerator Watchdog.) - C:\Program Files\Giraffic\GirafficWatchdog.exe ~ Services: 13 Legitimates Filtered in 00mn 06s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ Task Planned Automatically (039) O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [240] O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [234] ~ Scheduled Task: 3 Legitimates Filtered in 00mn 00s ---\\ Drivers launched at startup (O41) O41 - Driver: (CSN5PDTS82) . (. - .) - C:\WINDOWS\system32\Drivers\CSN5PDTS82.sys (.not file.) O41 - Driver: (CSN5PDTS82x64) . (. - .) - C:\WINDOWS\system32\Drivers\CSN5PDTS82x64.sys (.not file.) O41 - Driver: (oreans32) . (...) - C:\WINDOWS\system32\drivers\oreans32.sys O41 - Driver: (ehdrv) . (. - .) - C:\WINDOWS\system32\DRIVERS\ehdrv.sys (.not file.) O41 - Driver: (epfwtdi) . (. - .) - C:\WINDOWS\system32\DRIVERS\epfwtdi.sys (.not file.) ~ Drivers: 101 Legitimates Filtered in 00mn 00s ---\\ Software installed (O42) O42 - Logiciel: AirDroid 3.1.2.0 - (.Sand Studio.) [HKLM] -- AirDroid O42 - Logiciel: AirStream-Suite - (. .) [HKLM] -- {0EE26615-9058-4132-8544-2708F237F170} O42 - Logiciel: Autorun Virus Remover 2.3 - (.Autorun Remover.) [HKLM] -- Autorun Virus Remover_is1 O42 - Logiciel: DustBuster 2.9.5.1 - (.Casper & McAlba.) [HKLM] -- {8EBE2C4F-E10F-4F35-99D8-111D84C76721}_is1 O42 - Logiciel: Osmo4/GPAC (remove only) - (...) [HKLM] -- Osmo4 O42 - Logiciel: URL Helper - (...) [HKLM] -- URL Helper_is1 O42 - Logiciel: User Mode Process Dumper - (...) [HKLM] -- UserDump ~ Logic: 33 Legitimates Filtered in 00mn 03s ---\\ HKCU & HKLM Software Keys [HKCU\Software\2tox] [HKCU\Software\4kdownload.com] [HKCU\Software\ALSEDI] [HKCU\Software\AdaptX] [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\Dusty] [HKCU\Software\Gui4Cli] [HKCU\Software\Hex VPN+] [HKCU\Software\HiDownload] [HKCU\Software\IRCProxySearch] [HKCU\Software\KLC] [HKCU\Software\Kid3] [HKCU\Software\Magellass] [HKCU\Software\Msan] [HKCU\Software\ProxyShell] [HKCU\Software\ReplSoft] [HKCU\Software\SVP-Team] [HKCU\Software\Svchost Fix Wizard] [HKCU\Software\Texture Maker] [HKCU\Software\TubeDigger] [HKCU\Software\URLHelper] [HKCU\Software\YOU WA SHOCK !] [HKCU\Software\voodoo] [HKCU\Software\wbiff!] [HKLM\Software\2tox] [HKLM\Software\Acidspunk] [HKLM\Software\GPAC] [HKLM\Software\Gui4Cli] [HKLM\Software\KLC] [HKLM\Software\M Products] [HKLM\Software\Magellass] [HKLM\Software\ReplSoft] [HKLM\Software\T96Pk0Px4ALJoXfi0l_v7CWW] [HKLM\Software\TsunamiVPN-GUI] [HKLM\Software\TubeDigger] [HKLM\Software\USBStorage] [HKLM\Software\Virustotal] ~ Key Software: 487 Legitimates Filtered in 00mn 03s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 26/05/2015 - 06:43:23 - [] ----D C:\Program Files\AirDroid O43 - CFD: 26/05/2015 - 05:26:28 - [] ----D C:\Program Files\AirStream-Suite O43 - CFD: 21/12/2012 - 05:05:21 - [] ----D C:\Program Files\DustBuster O43 - CFD: 15/05/2014 - 12:15:23 - [] ----D C:\Program Files\GPAC O43 - CFD: 02/09/2014 - 11:52:30 - [] ----D C:\Program Files\M File Anti-Copy 5.5 O43 - CFD: 29/04/2013 - 19:56:41 - [] ----D C:\Program Files\MKV Converter O43 - CFD: 03/08/2014 - 19:17:23 - [] ----D C:\Program Files\Ruiware O43 - CFD: 11/03/2014 - 14:51:24 - [] ----D C:\Program Files\StreamingStar O43 - CFD: 12/06/2015 - 21:10:00 - [] ----D C:\Program Files\SubtitleEdit O43 - CFD: 16/01/2015 - 06:21:52 - [] ----D C:\Program Files\XMPlayPortable O43 - CFD: 21/12/2012 - 05:11:11 - [] ----D C:\Program Files\youtube-viewer O43 - CFD: 03/08/2014 - 19:17:23 - [] ----D C:\Documents and Settings\All Users\Application Data\InstallMate O43 - CFD: 26/05/2015 - 05:35:19 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AirDroid O43 - CFD: 03/10/2009 - 19:05:01 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux O43 - CFD: 15/08/2014 - 04:46:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nouveau dossier O43 - CFD: 11/03/2014 - 14:51:23 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\StreamingStar O43 - CFD: 02/03/2014 - 00:11:24 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\USB Storage O43 - CFD: 17/03/2015 - 19:35:58 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Gui4Cli O43 - CFD: 29/12/2013 - 18:32:44 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Ivan Bochko O43 - CFD: 07/10/2014 - 22:08:39 - [] ----D C:\Documents and Settings\Administrateur\Application Data\mps-youtube O43 - CFD: 19/07/2014 - 13:55:09 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\MyTotalTV O43 - CFD: 02/10/2014 - 07:02:05 - [] ----D C:\Documents and Settings\Administrateur\Application Data\StCon O43 - CFD: 25/06/2015 - 18:56:36 - [] ----D C:\Documents and Settings\Administrateur\Application Data\XMPlay O43 - CFD: 23/03/2015 - 01:31:50 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\4kdownload.com O43 - CFD: 15/05/2014 - 12:13:36 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\click.to O43 - CFD: 09/01/2015 - 20:41:35 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\DvdSubExtractor O43 - CFD: 29/04/2013 - 18:47:20 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\LoRd_MuldeR O43 - CFD: 05/09/2012 - 11:56:24 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Maxters_Inc O43 - CFD: 24/04/2014 - 00:10:18 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\SubtitlePlayer O43 - CFD: 25/12/2014 - 22:50:11 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\SuchSofts O43 - CFD: 01/12/2014 - 22:23:12 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\SvchostViewer O43 - CFD: 16/01/2015 - 00:26:05 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Two Notes O43 - CFD: 13/03/2012 - 09:57:48 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\DTaskManager O43 - CFD: 15/04/2010 - 04:32:25 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Free Registry Cleaner O43 - CFD: 02/09/2014 - 11:52:36 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\M File Anti-Copy 5.5 O43 - CFD: 21/05/2015 - 18:26:28 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Nouveau dossier O43 - CFD: 09/03/2012 - 16:12:23 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\programmes ~ Program Folder: 352 Legitimates Filtered in 00mn 02s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.684A8CDB13FC4BD44167E93AA506DD50] - 25/06/2015 - 14:26:06 ---A- . (...) -- C:\ESETSirefefCleaner.exe_20150625.152601.3724.log [36484] O44 - LFC:[MD5.3AB5CC916129A8A65B3E27FEBF900DE0] - 25/06/2015 - 17:03:40 ---A- . (...) -- C:\ESETSirefefCleaner.exe_20150625.180340.3324.log [36784] O44 - LFC:[MD5.FFB97BB499764C1FE8D4D2AF692A2AA1] - 25/06/2015 - 17:04:18 ---A- . (...) -- C:\ESETSirefefCleaner.exe_20150625.180418.2792.log [36826] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/06/2015 - 18:28:36 ----- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.9B840762A3EBC7F8AFB9194DF8232E38] - 25/06/2015 - 19:56:47 ---A- . (...) -- C:\Everything.db [516490] O44 - LFC:[MD5.8435C304377EA05656DF8D13EDE305D4] - 25/06/2015 - 20:18:32 ----- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.AA5354A14FD1B741ABEBF3EB82DCA47F] - 25/06/2015 - 20:18:36 ----- . (...) -- C:\WINDOWS\wiadebug.log [159] ~ Files: 20 Legitimates Filtered in 00mn 05s ---\\ Operations and functions at Windows Explorer startup (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - shell32.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export authorized application key (O47) O47 - AAKE:Key Export SP - "C:\Program Files\www.cproxy.com\CPROXY.exe" [Enabled] .(...) -- C:\Program Files\www.cproxy.com\CPROXY.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\www.cproxy.com\CPROXY.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\www.cproxy.com\CPROXY.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Kebrum VPN\Kebrum.exe" [Enabled] .(...) -- C:\Program Files\Kebrum VPN\Kebrum.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\Hypernet_2Trial_Server\Hypernet_2Trial_Server\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\Hypernet_2Trial_Server\Hypernet_2Trial_Server\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\OpenVPN\bin\openvpn.exe" [Enabled] .(...) -- C:\Program Files\OpenVPN\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Wi-Free\wi-free.exe" [Enabled] .(...) -- C:\Program Files\Wi-Free\wi-free.exe (.not file.) O47 - AAKE:Key Export SP - "C:\FreeMyNet\openvpn.exe" [Enabled] .(...) -- C:\FreeMyNet\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\by Moad fajri\by Moad fajri\Shield VPN\data\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\by Moad fajri\by Moad fajri\Shield VPN\data\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\by Moad fajri\Shield VPN\data\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\by Moad fajri\Shield VPN\data\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\openvpn\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\openvpn\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Bureau\Freemynet 2.2 Setup\Freemynet\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Bureau\Freemynet 2.2 Setup\Freemynet\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\By 7assavitch\data\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\By 7assavitch\data\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\WinHTTrack\WinHTTrack.exe" [Enabled] .(.HTTrack.) -- C:\Program Files\WinHTTrack\WinHTTrack.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Hex VPN+\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Hex VPN+\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe" [Enabled] .(...) -- C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\iShotsVPN\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\iShotsVPN\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\iShotsVPN\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Program Files\iShotsVPN\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\FM\Freemynet\Data\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\FM\Freemynet\Data\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\EXS 2.25+Portable Openvpn FEB 28, 2012-GLOBE\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\EXS 2.25+Portable Openvpn FEB 28, 2012-GLOBE\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\OpenVPNPortable\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\OpenVPNPortable\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\OpenVPNPortable\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\OpenVPNPortable\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\By 7assavitch\data\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\By 7assavitch\data\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\openvpn\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\openvpn\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\by Moad fajri\Shield VPN\data\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\by Moad fajri\Shield VPN\data\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\Nouveau dossier\EXS 2.25+Portable Openvpn FEB 28, 2012-GLOBE\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\Nouveau dossier\EXS 2.25+Portable Openvpn FEB 28, 2012-GLOBE\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\Nouveau dossier\EXS 2.25+Portable Openvpn FEB 28, 2012-SMART\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\Nouveau dossier\EXS 2.25+Portable Openvpn FEB 28, 2012-SMART\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\EXS 2.25+Portable Openvpn FEB 28, 2012-GLOBE\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\EXS 2.25+Portable Openvpn FEB 28, 2012-GLOBE\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\Hex VPN+\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\Hex VPN+\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\VPN\ProMisr.Com-Hotspot Shield powered by Portable Openvpn 2.1 (GLOBE-SMART UDP) SEPT 19, 2011-dikart7\app\bin\openvpn.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\VPN\ProMisr.Com-Hotspot Shield powered by Portable Openvpn 2.1 (GLOBE-SMART UDP) SEPT 19, 2011-dikart7\app\bin\openvpn.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Desktop\search for files Everything\search for files Everything -1.2.1.371.exe" [Disabled] .(..) -- C:\Documents and Settings\Administrateur\Mes documents\Desktop\search for files Everything\search for files Everything -1.2.1.371.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\rtmpdumphelper\rtmpsuck.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\rtmpdumphelper\rtmpsuck.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\Downloads\dcc296\DCC.exe" [Enabled] .(.BernyR.) -- C:\Documents and Settings\Administrateur\Mes documents\Downloads\dcc296\DCC.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\dcc296\DCC.exe" [Enabled] .(.BernyR.) -- C:\Documents and Settings\Administrateur\Mes documents\dcc296\DCC.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Mes documents\DREAMSET\Dreamset.exe" [Enabled] .(.John V..) -- C:\Documents and Settings\Administrateur\Mes documents\DREAMSET\Dreamset.exe O47 - AAKE:Key Export SP - "C:\Program Files\Giraffic\Giraffic.exe" [Enabled] .(.Giraffic.) -- C:\Program Files\Giraffic\Giraffic.exe O47 - AAKE:Key Export SP - "C:\Program Files\Giraffic\GirafficWatchdog.exe" [Enabled] .(.Giraffic.) -- C:\Program Files\Giraffic\GirafficWatchdog.exe ~ Keys Export: 47 Legitimates Filtered in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{3bb709c4-a038-11e2-8426-0014a53464f3}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{3bb709c6-a038-11e2-8426-0014a53464f3}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{3bb709c8-a038-11e2-8426-0014a53464f3}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{3bb709cd-a038-11e2-8426-0014a53464f3}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{3bb709d1-a038-11e2-8426-0014a53464f3}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{3cf8b51f-f358-11e0-9a1c-f99e5062db1a}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{a8a455dc-f39b-11e0-9a1d-9d175d563f1b}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{ef52aa40-ac5f-11e4-a54a-0014a53464f3}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{feff3ec3-c5cf-11e4-a713-0014a53464f3}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\AirDroid 3 [Key] . (.Sand Studio - AirDroid 3.) -- C:\Program Files\AirDroid\AirDroid.exe O53 - SMSR:HKLM\...\startupreg\Everything [Key] . (.No owner - Everything.) -- C:\Program Files\Everything\Everything.exe O53 - SMSR:HKLM\...\startupreg\USBDetector [Key] . (.ali - usb1.) -- C:\USBStorage\USBDetector.exe O53 - SMSR:HKLM\...\startupreg\WinPatrol [Key] . (.Ruiware LLC - WinPatrol Background Change Monitor.) -- C:\Program Files\Ruiware\WinPatrol\winpatrol.exe ~ SMSR Keys: 13 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "aa"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "a8"=0 ~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:02/03/2004 - 06:56:58 R--A- . (.Analog Deivces - USB Firmware loader.) -- C:\WINDOWS\system32\Drivers\adildr.sys [50007] O58 - SDL:19/09/2005 - 11:58:08 R--A- . (.Analog Devices Inc. - ADSL USB Driver.) -- C:\WINDOWS\system32\Drivers\adiusbaw.sys [126489] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528] O58 - SDL:09/08/2007 - 04:13:04 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\system32\Drivers\ewdcsc.sys [24448] O58 - SDL:13/04/2008 - 16:36:05 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384] O58 - SDL:07/01/2005 - 17:07:16 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys [145920] O58 - SDL:09/06/2014 - 08:40:58 ---A- . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\system32\Drivers\idmtdi.sys [121440] O58 - SDL:03/08/2004 - 22:41:40 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686] O58 - SDL:03/08/2004 - 22:41:38 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184] O58 - SDL:03/08/2004 - 22:29:38 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736] O58 - SDL:01/03/2013 - 01:48:42 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\Drivers\npf.sys [36600] O58 - SDL:03/08/2004 - 22:41:40 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360] O58 - SDL:09/10/2011 - 13:41:11 ---A- . (...) -- C:\WINDOWS\system32\Drivers\oreans32.sys [33824] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792] O58 - SDL:03/08/2004 - 22:41:40 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776] O58 - SDL:03/08/2004 - 22:41:42 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535] O58 - SDL:03/08/2004 - 22:41:44 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990] O58 - SDL:03/08/2004 - 22:41:46 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424] O58 - SDL:03/08/2004 - 22:41:46 ----- . (.Smart Link - No Comment.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240] O58 - SDL:23/08/2001 - 17:21:42 ---A- . (.SMC - Pilote de périphérique infrarouge SMC IrCC NDIS 5.0 IrDA FIR.) -- C:\WINDOWS\system32\Drivers\smcirda.sys [36937] O58 - SDL:19/10/2012 - 23:32:05 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\WINDOWS\system32\Drivers\sptd.sys [477240] O58 - SDL:24/06/2004 - 01:54:12 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\system32\Drivers\tap0801.sys [23552] O58 - SDL:01/07/2011 - 17:46:40 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\system32\Drivers\tap0901.sys [26624] O58 - SDL:11/02/2008 - 17:07:00 ---A- . (.Bytemobile, Inc. - Bytemobile Kernel Network Provider.) -- C:\WINDOWS\system32\Drivers\tcpipBM.sys [18816] O58 - SDL:03/04/2003 - 18:57:00 ---A- . (.USB Compliance - WDM filter driver.) -- C:\WINDOWS\system32\Drivers\usbu2a.sys [5183] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:29/07/2011 - 13:54:56 ---A- . (...) -- C:\WINDOWS\system32\epmntdrv.sys [13192] O58 - SDL:29/07/2011 - 13:54:56 ---A- . (...) -- C:\WINDOWS\system32\EuGdiDrv.sys [8456] O58 - SDL:03/04/1996 - 19:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:05/08/2004 - 10:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:20/08/2012 - 15:48:44 ----- . (...) -- C:\WINDOWS\system32\pwdrvio.sys [15576] O58 - SDL:20/08/2012 - 15:48:44 ----- . (...) -- C:\WINDOWS\system32\pwdspio.sys [10200] ~ Drivers: 118 Legitimates Filtered in 00mn 07s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ List all legacy services(LALS) (O64) O64 - Services: CurCS - 14/02/2012 - C:\WINDOWS\system32\acs.exe (acs) .(.Atheros - ACS.) - LEGACY_ACS O64 - Services: CurCS - 13/05/2013 - C:\Program Files\Giraffic\GirafficWatchdog.exe (Giraffic) .(.Giraffic - Giraffic Video Accelerator Watchdog.) - LEGACY_GIRAFFIC O64 - Services: CurCS - 29/01/2010 - C:\Program Files\UltraISO\drivers\ISODrive.sys (ISODrive) .(.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - LEGACY_ISODRIVE O64 - Services: CurCS - 09/10/2011 - C:\WINDOWS\system32\drivers\oreans32.sys (oreans32) .(...) - LEGACY_OREANS32 O64 - Services: CurCS - 19/10/2012 - C:\WINDOWS\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD ~ Legacy: 158 Legitimates Filtered in 00mn 01s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: prefs.js [Administrateur - 77254oub.default] user_pref("extensions.greasemonkey.scriptvals.http://userscripts.org/scripts/show/101707/W.A.R. Links Checker.Check_divshare_dot_c[...] O69 - SBI: prefs.js [Administrateur - 77254oub.default] user_pref("extensions.greasemonkey.scriptvals.http://userscripts.org/sscripts/show/101707/W.A.R. Links Checker.Check_movshare_dot_[...] =>PUP.VShareRedir O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {C58E2381-44D9-4DB3-B56A-0A17EC03C86C} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - http://search.live.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - http://search.live.com ~ Keys: Scanned in 00mn 10s ---\\ Search Svchost Services (SSS) (O83) O83 - Search Svchost Services: helpsvc (helpsvc) . (...) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [0] ~ Services: 41 Legitimates Filtered in 00mn 00s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.865BD5093626164C66D66FE8E58F6B25] [SPRF][15/11/2013] (...) -- C:\Documents and Settings\Administrateur\Bureau\pingthis.bat [40] ~ Files: 2 Legitimates Filtered in 00mn 00s ---\\ Search CLSID Registry Key (O101) [HKCR\CLSID\{46B5EE7F-3B6B-4079-A756-5EFC10B1F50B}] (WmpLyrics Class) =>Adware.AddLyrics ~ BCK: 4045 Legitimates Filtered in 00mn 20s ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SS - | Demand 13/02/2015 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Disabled 12/01/2012 161664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe SS - | Demand 14/02/2012 360529 | (jswpsapi) . (.wireless.) - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe SS - | Disabled 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe SS - | Demand 01/03/2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files\WinPcap\rpcapd.exe SR - | Auto 14/02/2012 499796 | (acs) . (.Atheros.) - C:\WINDOWS\system32\acs.exe SR - | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 18/10/2006 434176 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe SR - | Auto 13/05/2013 2245232 | (Giraffic) . (.Giraffic.) - C:\Program Files\Giraffic\GirafficWatchdog.exe SR - | Auto 20/01/2014 2117968 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SR - | Auto 04/04/2012 654408 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 14/02/2012 375872 | (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe SR - | Auto 18/10/2006 327680 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe SR - | Auto 18/10/2006 946176 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe SR - | Auto 04/07/2010 75496 | (SbieSvc) . (.tzuk.) - C:\Program Files\Sandboxie\SbieSvc.exe SR - | Auto 28/11/2014 5419792 | (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe SR - | Auto 18/10/2006 290816 | (WLANKEEPER) . (.Intel(R) Corporation.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe SR - | Auto 16/03/2007 20480 | (wltrysvc) . (...) - C:\WINDOWS\system32\WLTRYSVC.exe ~ Services: Scanned in 00mn 21s ---\\ List of CD/DVD Emulators (MBR Hook) O58 - SDL:19/10/2012 - 23:32:05 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\WINDOWS\system32\Drivers\sptd.sys [477240] ~ Emulateurs: Scanned in 00mn 21s ---\\ Scan Additionnel (O88) Database Version : 13008 - (16/06/2015) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 3 C:\Documents and Settings\All Users\Application Data\InstallMate =>PUP.Tarma C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\77254oub.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi =>PUP.ScorpionSaver^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKCR\CLSID\{46B5EE7F-3B6B-4079-A756-5EFC10B1F50B}] (WmpLyrics Class) =>Adware.AddLyrics^ ~ Additionnel Scan: 163301 Items scanned in 00mn 43s ---\\ Additional information about modules ~ http://www.nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://www.nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2) ~ http://www.nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer toolbars (O3) ~ http://www.nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4) ~ http://www.nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50) ~ http://www.nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51) ~ AMI: 6 Legitimates Filtered in 00mn 00s ---\\ Summary of the detections found on your workstation http://www.nicolascoolman.fr/30977618-hijacker-searchab =>Hijacker.Searchab http://www.nicolascoolman.fr/spyware-putlocker =>Spyware.PutLocker http://www.nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://www.nicolascoolman.fr/36718501-pup-scorpionsaver =>PUP.ScorpionSaver http://www.nicolascoolman.fr/blog/ =>PUP.DriverScanner http://www.nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit http://www.nicolascoolman.fr/pup-vshareredir =>PUP.VShareRedir http://www.nicolascoolman.fr/adware-addlyrics =>Adware.AddLyrics http://www.nicolascoolman.fr/pup-tarma =>PUP.Tarma ~ MSI: 9 link(s) detected in 00mn 00s ~ 1526 Legitimates filtered by white list End of the scan (883 lines in 03mn 06s)(0.4)