API tools faq
paste
Advertisement
Guest User

zhp

a guest
Jul 18th, 2013
49
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 54.13 KB | None | 0 0
raw download clone embed print report
  1. Rapport de ZHPDiag v2013.7.16.29 par Nicolas Coolman, Update du 17/07/2013
  2. Run by Benoit at 18/07/2013 11:12:30
  3. WebSite: http://nicolascoolman.webs.com
  4. State : Version à jour.
  5. WhiteList : Enable
  6. High Elevated Privileges : OK
  7. UAC : Activate by user
  8.  
  9.  
  10. ---\\ Web Browser
  11. MSIE: Internet Explorer v10.0.9200.16635
  12. MFIE: Mozilla Firefox 22.0
  13. GCIE: Google Chrome v28.0.1500.72 (Defaut)
  14.  
  15. ---\\ Windows Product Information
  16. ~ Langage: Français
  17. Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
  18. Windows Server License Manager Script : OK
  19. ~ Windows(R) 7, OEM_COA_NSLP channel
  20. Windows ID Activation : OK
  21. ~ Windows Partial Key : YTWBR
  22. Windows License : OK
  23. ~ Windows Remaining Initializations Number : 0
  24. Software Protection Service (Protection logicielle) : OK
  25. Windows Automatic Updates : OK
  26. Windows Activation Technologies : OK
  27.  
  28. ---\\ System Protection
  29. Kaspersky Endpoint Security 10 for Windows v10.1.0.867
  30. Windows Defender W7
  31.  
  32. ---\\ System Optimizer
  33.  
  34. ---\\ Peer To Peer (P2P)
  35. µTorrent v3.3.0.29342 =>P2P.µTorrent
  36.  
  37. ---\\ Software Update
  38. Adobe Flash Player 11 Plugin
  39.  
  40. ---\\ System Information
  41. ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
  42. ~ Operating System: 64 Bits
  43. Boot mode: Normal (Normal boot)
  44. Total RAM: 8100 MB (50% free)
  45. System Restore: Activé (Enable)
  46. System drive C: has 682 GB (76%) free of 896 GB
  47.  
  48. ---\\ Logged in mode
  49. ~ Computer Name: BENOIT-PC
  50. ~ User Name: Benoit
  51. ~ All Users Names: ZendUser, Benoit, Administrateur,
  52. ~ Unselected Option: None
  53. Logged in as Administrator
  54.  
  55. ---\\ Environnement Variables
  56. ~ System Unit : C:\
  57. ~ %AppData% : C:\Users\Benoit\AppData\Roaming\
  58. ~ %Desktop% : C:\Users\Benoit\Desktop\
  59. ~ %Favorites% : C:\Users\Benoit\Favorites\
  60. ~ %LocalAppData% : C:\Users\Benoit\AppData\Local\
  61. ~ %StartMenu% : C:\Users\Benoit\AppData\Roaming\Microsoft\Windows\Start Menu\
  62. ~ %Windir% : C:\Windows\
  63. ~ %System% : C:\Windows\System32\
  64.  
  65. ---\\ DOS/Devices
  66. C:\ Hard drive, Flash drive, Thumb drive (Free 682 Go of 896 Go)
  67. D:\ CD-ROM drive (Not Inserted)
  68. E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
  69. F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
  70. G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
  71. H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
  72.  
  73.  
  74.  
  75. ---\\ Security Center & Tools Informations
  76. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
  77. ~ Security Center: 29 Legitimates Filtered in 00mn 00s
  78.  
  79.  
  80.  
  81. ---\\ Recherche particulière de fichiers génériques
  82. [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
  83. [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
  84. [MD5.FAF6EC2460AD5FBBD38D8E1AE28B0D77] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/06/2013 - 00:26:20.) -- C:\Windows\System32\wininet.dll [2241024]
  85. [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
  86. [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
  87. [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
  88. [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
  89. [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
  90. [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
  91. [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
  92. [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
  93. [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
  94. [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
  95. [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
  96. [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
  97. [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
  98. [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
  99. [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
  100. [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
  101. [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
  102. [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
  103. [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
  104. ~ Generic Processes: Scanned in 00mn 00s
  105.  
  106.  
  107.  
  108. ---\\ Etat des fichiers cachés (Caché/Total)
  109. ~ Mes images (My Pictures) : 1/32
  110. ~ Mes Favoris (My Favorites) : 1/12
  111. ~ Mes Documents (My Documents) : 2/52280
  112. ~ Menu demarrer (Programs) : 1/42
  113. ~ Hidden Files: Scanned in 01mn 18s
  114.  
  115.  
  116.  
  117. ---\\ Processus lancés
  118. [MD5.C066FF429B97CF645106A8CB38285A2F] - (...) -- C:\Users\Benoit\AppData\Roaming\Dashlane\Dashlane.exe [270520] [PID.2580] =>Toolbar.Dashlane
  119. [MD5.1F3A8448323CFA5E66AF02B1EDC2EEE4] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048] [PID.2596]
  120. [MD5.A005676B30AEB3C7703C317D992B193A] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648] [PID.2716]
  121. [MD5.7388DC5BCD229C8C5D27E41A19FB3F81] - (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [729744] [PID.2788]
  122. [MD5.B953D67F4CA1837EBB7D9D76BEC1C513] - (...) -- C:\Windows\SysWOW64\jmdp\stij.exe [15152] [PID.3616]
  123. [MD5.CB037F03178E31BA2985ADD15879CA56] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [846288] [PID.5132]
  124. [MD5.CD158AC3AF6F3EBC3B1051FF17A51BEB] - (.Oracle Corporation - MySQL Workbench.) -- C:\Program Files (x86)\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe [703488] [PID.5568]
  125. [MD5.FACD39D43A47292E6F1B9D664E9B49C9] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe [1672616] [PID.5088]
  126. [MD5.C2A840DD27970DE34E7DBF5494AE1CD1] - (.Jan Fiala - PSPad editor.) -- C:\Program Files (x86)\PSPad editor\PSPad.exe [4795216] [PID.1040]
  127. [MD5.9F419AD2EBFF9044CA845484CFBEAC48] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7719936] [PID.6740]
  128. ~ Processes Running: Scanned in 00mn 00s
  129.  
  130.  
  131.  
  132. ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
  133. C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Preferences
  134. G2 - GCE: Preference [User Data\Default] [demmlacpnijjgliknaehpamnnbncnodb] Smart Suggestor v.1.2.8.0 (Désactivé) =>Adware.SmartSuggestor
  135. ~ Google Browser: 14 Legitimates Filtered in 00mn 07s
  136.  
  137.  
  138.  
  139. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
  140. C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\2syh6h0r.default-1363680329649\prefs.js
  141. M3 - MFPP: Plugins - [Benoit] -- C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\2syh6h0r.default-1363680329649\searchplugins\MyStart Search.xml
  142. ~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s
  143.  
  144.  
  145.  
  146. ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
  147. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com =>Adware.IncrediBar
  148. ~ IE Browser: 14 Legitimates Filtered in 00mn 00s
  149.  
  150.  
  151.  
  152. ---\\ Internet Explorer, Proxy Management (R5)
  153. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
  154. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
  155. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
  156. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
  157. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
  158. ~ Proxy management: Scanned in 00mn 00s
  159.  
  160.  
  161.  
  162. ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
  163. F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
  164. F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
  165. F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
  166. ~ Keys: Scanned in 00mn 00s
  167.  
  168.  
  169.  
  170. ---\\ Redirection du fichier Hosts (O1)
  171. ~ Le fichier hosts est sain (The hosts file is clean).
  172. ~ Hosts File: Scanned in 00mn 00s
  173. ~ Nombre de lignes (Lines number): 26
  174.  
  175.  
  176.  
  177. ---\\ Browser Helper Objects de navigateur (O2)
  178. O2 - BHO: IB Updater Helper [64Bits] - {336D0C35-8A85-403a-B9D2-65C292C39087} . (...) -- C:\Program Files\IB Updater\Extension32.dll =>Adware.InstallBrain
  179. O2 - BHO: Dashlane BHO [64Bits] - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} . (.Dashlane - Dashlane Dll.) -- C:\Users\Benoit\AppData\Roaming\Dashlane\ie\Dashlanei.dll =>Toolbar.Dashlane
  180. O2 - BHO: Incredibar.com Helper Object [64Bits] - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} . (.Montera Technologeis LTD - Pas de description.) -- C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll =>Adware.IncrediBar
  181. O2 - BHO: Smart Suggestor [64Bits] - {DB536AF2-E422-402d-B7FD-887297F1A198} . (.Think Tank Labs, LLC - Smart Suggestor.) -- C:\Program Files (x86)\Smart Suggestor\SmartSuggestor.dll =>Adware.SmartSuggestor
  182. ~ BHO: 5 Legitimates Filtered in 00mn 00s
  183.  
  184.  
  185.  
  186. ---\\ Applications démarrées par registre & par dossier (O4)
  187. O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  188. O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
  189. O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
  190. O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
  191. O4 - HKCU\..\Run: [Dashlane] . (...) -- C:\Users\Benoit\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
  192. O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
  193. O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
  194. O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Pas de propriétaire - Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
  195. O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
  196. O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
  197. O4 - HKUS\S-1-5-21-944861538-3330491202-3906306590-1000\..\Run: [Dashlane] . (...) -- C:\Users\Benoit\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
  198. O4 - HKUS\S-1-5-21-944861538-3330491202-3906306590-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
  199. ~ Application: Scanned in 00mn 00s
  200.  
  201.  
  202.  
  203. ---\\ Autres liens utilisateurs (O4)
  204. O4 - GS\TaskBar: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe
  205. O4 - GS\TaskBar: FileZilla.lnk . (.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
  206. O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  207. O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  208. O4 - GS\TaskBar: mRemoteNG.lnk . (...) -- C:\Program Files (x86)\mRemoteNG\mRemoteNG.exe
  209. O4 - GS\TaskBar: MySQL Workbench 5.2 CE.lnk . (.Oracle Corporation - MySQL Workbench.) -- C:\Program Files (x86)\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe
  210. O4 - GS\TaskBar: NetBeans IDE 7.3.lnk . (...) -- C:\Program Files (x86)\NetBeans 7.3\bin\netbeans64.exe (.not file.)
  211. O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
  212. O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  213. O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Benoit\AppData\Roaming\Spotify\spotify.exe
  214. O4 - GS\QuickLaunch: Foxit Reader.lnk . (...) -- C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Reader.exe
  215. O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  216. O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  217. O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  218. O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
  219. O4 - GS\SendTo: Dropbox.lnk . (...) -- C:\Users\Benoit\Dropbox
  220. O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
  221. O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
  222. ~ Global Startup: Scanned in 00mn 00s
  223.  
  224.  
  225.  
  226. ---\\ Modification Domaine/Adresses DNS (O17)
  227. O17 - HKLM\System\CCS\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpNameServer = 192.168.35.253 192.168.35.252
  228. O17 - HKLM\System\CCS\Services\Tcpip\..\{BF75E952-7B59-4672-9F9C-0EAC55B68476}: DhcpNameServer = 10.36.15.254
  229. O17 - HKLM\System\CCS\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpDomain = netec.local
  230. O17 - HKLM\System\CS1\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpNameServer = 192.168.35.253 192.168.35.252
  231. O17 - HKLM\System\CS1\Services\Tcpip\..\{BF75E952-7B59-4672-9F9C-0EAC55B68476}: DhcpNameServer = 10.36.15.254
  232. O17 - HKLM\System\CS1\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpDomain = netec.local
  233. O17 - HKLM\System\CS2\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpNameServer = 192.168.35.253 192.168.35.252
  234. O17 - HKLM\System\CS2\Services\Tcpip\..\{BF75E952-7B59-4672-9F9C-0EAC55B68476}: DhcpNameServer = 10.36.15.254
  235. O17 - HKLM\System\CS2\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpDomain = netec.local
  236. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.35.253 192.168.35.252
  237. ~ Domain: Scanned in 00mn 00s
  238.  
  239.  
  240.  
  241. ---\\ Protocole additionnel (O18)
  242. O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
  243. O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
  244. ~ Protocole Additionnel: Scanned in 00mn 00s
  245.  
  246.  
  247.  
  248. ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
  249. O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
  250. ~ Winlogon: Scanned in 00mn 00s
  251.  
  252.  
  253.  
  254. ---\\ Liste des services NT non Microsoft et non désactivés (O23)
  255. O23 - Service: DisplayFusionService (DisplayFusionService) . (...) - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (.not file.)
  256. O23 - Service: IB Updater (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain
  257. O23 - Service: (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe =>Adware.InstallBrain
  258. O23 - Service: Zend Deployment (ZendDeployment) . (.Zend Technologies Ltd. - Zend Deployment Daemon.) - C:\Program Files (x86)\Zend\ZendServer\bin\zdd.exe
  259. O23 - Service: Zend Job Queue (ZendJobQueue) . (.Zend Technologies Ltd. - Zend Job Queue Extension.) - C:\Program Files (x86)\Zend\ZendServer\bin\jqd.exe
  260. O23 - Service: Zend Monitor (ZendMonitor) . (.Zend Technologies Ltd. - Zend Monitor Node.) - C:\Program Files (x86)\Zend\ZendServer\bin\MonitorNode.exe
  261. O23 - Service: Zend Server Daemon (ZendServerDaemon) . (.Zend Technologies Ltd. - Zend Server Daemon.) - C:\Program Files (x86)\Zend\ZendServer\bin\zsd.exe
  262. O23 - Service: Zend Session Clustering (ZendSessionClustering) . (.Zend Technologies Ltd. - Zend Session Clustering.) - C:\Program Files (x86)\Zend\ZendServer\bin\scd.exe
  263. ~ Services: 18 Legitimates Filtered in 00mn 06s
  264.  
  265.  
  266.  
  267. ---\\ Logiciels installés (O42)
  268. O42 - Logiciel: Cube World version 0.0.1 - (.Picroma.) [HKLM][64Bits] -- {D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1
  269. O42 - Logiciel: Dual Monitor 1.22 - (.Cristi Diaconu.) [HKLM][64Bits] -- {64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1
  270. O42 - Logiciel: Git version 1.8.1.2-preview20130201 - (.The Git Development Community.) [HKLM][64Bits] -- Git_is1
  271. O42 - Logiciel: IB Updater 2.0.0.578 - (.IncrediBar.) [HKLM][64Bits] -- {336D0C35-8A85-403a-B9D2-65C292C39087}_is1 =>Adware.InstallBrain
  272. O42 - Logiciel: IB Updater Service - (...) [HKLM][64Bits] -- WNLT =>Adware.IncrediBar
  273. O42 - Logiciel: Incredibar Toolbar on IE - (...) [HKLM][64Bits] -- incredibar =>Adware.IncrediBar
  274. O42 - Logiciel: QPST 2.7 - (.Qualcomm.) [HKLM][64Bits] -- {EDA714EC-11CC-41BC-A342-22C2F381D165}
  275. O42 - Logiciel: Smart Suggestor - (.Think Tank Labs, LLC.) [HKLM][64Bits] -- Smart Suggestor =>Adware.SmartSuggestor
  276. O42 - Logiciel: Zend Server - (.Zend Technologies.) [HKLM][64Bits] -- InstallShield_{C526D5A5-A59C-4D49-AB91-1F2EC80D8CC1}
  277. O42 - Logiciel: Zend Server - (.Zend Technologies.) [HKLM][64Bits] -- {C526D5A5-A59C-4D49-AB91-1F2EC80D8CC1}
  278. O42 - Logiciel: eSpeak version 1.46.02 - (...) [HKLM][64Bits] -- eSpeak_is1
  279. ~ Logic: 112 Legitimates Filtered in 00mn 00s
  280.  
  281.  
  282.  
  283. ---\\ HKCU & HKLM Software Keys
  284. [HKCU\Software\APN PIP]
  285. [HKCU\Software\AppDataLow\Software\Smart Suggestor] =>Adware.SmartSuggestor
  286. [HKCU\Software\IM]
  287. [HKCU\Software\ImInstaller]
  288. [HKCU\Software\IncrediMail]
  289. [HKCU\Software\LdapAdmin]
  290. [HKCU\Software\MultiMonTaskBar]
  291. [HKCU\Software\SMConverter]
  292. [HKCU\Software\WNLT] =>Adware.IncrediBar
  293. [HKLM\Software\IB Updater] =>Adware.InstallBrain
  294. [HKLM\Software\WNLT] =>Adware.IncrediBar
  295. [HKLM\Software\WireframeSketcher Studio]
  296. [HKLM\Software\Wow6432Node\IB Updater] =>Adware.InstallBrain
  297. [HKLM\Software\Wow6432Node\IncrediMail]
  298. [HKLM\Software\Wow6432Node\Incredibar.com] =>Adware.IncrediBar
  299. [HKLM\Software\Wow6432Node\PIP]
  300. [HKLM\Software\Wow6432Node\Zend Technologies]
  301. ~ Key Software: 219 Legitimates Filtered in 00mn 00s
  302.  
  303.  
  304.  
  305. ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
  306. O43 - CFD: 15/07/2013 - 13:31:09 - [72,992] ----D C:\Program Files (x86)\1-click run
  307. O43 - CFD: 11/07/2013 - 13:41:40 - [70,960] ----D C:\Program Files (x86)\Cube World
  308. O43 - CFD: 18/02/2013 - 10:07:45 - [2,540] ----D C:\Program Files (x86)\Dual Monitor
  309. O43 - CFD: 26/02/2013 - 13:35:39 - [5,903] ----D C:\Program Files (x86)\eSpeak
  310. O43 - CFD: 17/01/2013 - 15:06:02 - [1,825] ----D C:\Program Files (x86)\Incredibar.com =>Adware.IncrediBar
  311. O43 - CFD: 19/04/2013 - 15:48:27 - [11,119] ----D C:\Program Files (x86)\mRemoteNG
  312. O43 - CFD: 06/02/2013 - 12:34:00 - [0,741] ----D C:\Program Files (x86)\Smart Suggestor =>Adware.SmartSuggestor
  313. O43 - CFD: 21/03/2013 - 11:41:54 - [306,034] ----D C:\Program Files (x86)\Zend
  314. O43 - CFD: 17/05/2013 - 09:41:40 - [2,009] ----D C:\ProgramData\Composer
  315. O43 - CFD: 18/02/2013 - 10:13:02 - [0] ----D C:\ProgramData\DualMonitor
  316. O43 - CFD: 11/07/2013 - 13:35:08 - [0] ----D C:\ProgramData\Picroma
  317. O43 - CFD: 21/03/2013 - 11:41:18 - [0,041] ----D C:\ProgramData\Zend
  318. O43 - CFD: 17/05/2013 - 09:54:09 - [0,000] ----D C:\Users\Benoit\AppData\Roaming\Composer
  319. O43 - CFD: 18/02/2013 - 10:07:59 - [0,004] ----D C:\Users\Benoit\AppData\Roaming\Dual Monitor
  320. O43 - CFD: 17/07/2013 - 10:01:39 - [0,279] ----D C:\Users\Benoit\AppData\Roaming\mRemoteNG
  321. O43 - CFD: 17/05/2013 - 09:54:09 - [17,287] ----D C:\Users\Benoit\AppData\Local\Composer
  322. O43 - CFD: 18/01/2013 - 10:33:51 - [0,058] ----D C:\Users\Benoit\AppData\Local\mRemoteNG
  323. O43 - CFD: 15/07/2013 - 13:31:13 - [0,002] ----D C:\Users\Benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
  324. ~ Program Folder: 180 Legitimates Filtered in 00mn 58s
  325.  
  326.  
  327.  
  328. ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
  329. O44 - LFC:[MD5.E210EABF90293F035F29E8C8EFC83F85] - 11/07/2013 - 12:27:31 ---A- . (...) -- C:\Windows\DirectX.log [10047]
  330. ~ Files: 240 Legitimates Filtered in 00mn 50s
  331.  
  332.  
  333.  
  334. ---\\ MountPoints2 Shell Key (O51)
  335. O51 - MPSK:{999f23fd-7679-11e2-ad7a-3860772e8f51}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
  336. O51 - MPSK:{cce9ef50-d7e2-11e2-b0f4-3860772e8f51}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
  337. O51 - MPSK:{fcc362e3-bdf0-11e2-9554-3860772e8f51}\AutoRun\command. (...) -- C:\Windows\system32\http:\\www.ultimatebootcd.com\ (.not file.)
  338. ~ Keys: Scanned in 00mn 00s
  339.  
  340.  
  341.  
  342. ---\\ Microsoft Windows Policies System (O55)
  343. O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
  344. O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
  345. O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
  346. ~ MWPS: 16 Legitimates Filtered in 00mn 00s
  347.  
  348.  
  349.  
  350. ---\\ Microsoft Windows Policies Explorer (O56)
  351. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
  352. ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
  353.  
  354.  
  355.  
  356. ---\\ Liste des Drivers Système (O58)
  357. O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
  358. ~ Drivers: Scanned in 00mn 00s
  359.  
  360.  
  361.  
  362. ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
  363. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brrbtool.ex_ [53684]
  364. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brrbtool.ex_ [53684]
  365. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brrbtool.ex_ [53684]
  366. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brrbtool.ex_ [53684]
  367. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brrbtool.ex_ [53684]
  368. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brrbtool.ex_ [53684]
  369. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brrbtool.ex_ [53684]
  370. O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brrbtool.ex_ [53684]
  371. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9010cn.da_ [62]
  372. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9010mn.da_ [62]
  373. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9120cn.da_ [62]
  374. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9125cn.da_ [62]
  375. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9320cw.da_ [62]
  376. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9325cw.da_ [62]
  377. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9010cn.da_ [62]
  378. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9010mn.da_ [62]
  379. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9120cn.da_ [62]
  380. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9125cn.da_ [62]
  381. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9320cw.da_ [62]
  382. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9325cw.da_ [62]
  383. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9010cn.da_ [62]
  384. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9010mn.da_ [62]
  385. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9120cn.da_ [62]
  386. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9125cn.da_ [62]
  387. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9320cw.da_ [62]
  388. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9325cw.da_ [62]
  389. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9010cn.da_ [62]
  390. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9010mn.da_ [62]
  391. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9120cn.da_ [62]
  392. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9125cn.da_ [62]
  393. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9320cw.da_ [62]
  394. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9325cw.da_ [62]
  395. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9010cn.da_ [62]
  396. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9010mn.da_ [62]
  397. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9120cn.da_ [62]
  398. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9125cn.da_ [62]
  399. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9320cw.da_ [62]
  400. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9325cw.da_ [62]
  401. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9010cn.da_ [62]
  402. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9010mn.da_ [62]
  403. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9120cn.da_ [62]
  404. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9125cn.da_ [62]
  405. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9320cw.da_ [62]
  406. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9325cw.da_ [62]
  407. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9010cn.da_ [62]
  408. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9010mn.da_ [62]
  409. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9120cn.da_ [62]
  410. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9125cn.da_ [62]
  411. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9320cw.da_ [62]
  412. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9325cw.da_ [62]
  413. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9010cn.da_ [62]
  414. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9010mn.da_ [62]
  415. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9120cn.da_ [62]
  416. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9125cn.da_ [62]
  417. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9320cw.da_ [62]
  418. O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9325cw.da_ [62]
  419. O61 - LFC: 15/07/2013 - 08:39:06 ---A- C:\Users\Benoit\Documents\Base Psychos\scripts transfert sql.txt [2963]
  420. O61 - LFC: 15/07/2013 - 10:42:13 ---A- C:\Users\Benoit\Documents\Relevés d'heures\Relevé Heures 2013-08 Aout.xlsx [22442]
  421. O61 - LFC: 15/07/2013 - 10:42:13 ---A- C:\Users\Benoit\Downloads\Relevé d'heures Août 13.xlsx [22442]
  422. O61 - LFC: 15/07/2013 - 11:25:46 ---A- C:\Users\Benoit\Downloads\FernandaXXX_Schoolgirl_17102011.mp4 [234016190]
  423. O61 - LFC: 15/07/2013 - 12:30:32 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run)\My Wallpaper Gallery v1.3.torrent [12231]
  424. O61 - LFC: 15/07/2013 - 12:30:32 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run)\README.txt [200]
  425. O61 - LFC: 15/07/2013 - 12:30:38 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run)\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run).exe [33133446]
  426. O61 - LFC: 15/07/2013 - 13:22:41 ---A- C:\Users\Benoit\Downloads\RZ_5_thrash.m4a [927161]
  427. O61 - LFC: 15/07/2013 - 13:22:46 ---A- C:\Users\Benoit\Downloads\RZ_6_stoner.m4a [315650]
  428. O61 - LFC: 15/07/2013 - 13:36:30 ---A- C:\Users\Benoit\Downloads\groupes de musiques.docx [1935552]
  429. O61 - LFC: 15/07/2013 - 14:03:56 ---A- C:\Users\Benoit\Downloads\cv.pdf [44958]
  430. O61 - LFC: 16/07/2013 - 11:14:23 ---A- C:\Users\Benoit\Downloads\iNettutsDB.zip [51173]
  431. O61 - LFC: 16/07/2013 - 13:09:10 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run).zip [32935641]
  432. O61 - LFC: 16/07/2013 - 14:02:30 ---A- C:\Users\Benoit\Documents\Relevés d'heures\Relevé Heures 2013-07 Juillet.xlsx [15901]
  433. O61 - LFC: 16/07/2013 - 14:44:54 ---A- C:\Users\Benoit\Downloads\Cube World Updated 04-07-2013\server.cfg [5]
  434. O61 - LFC: 16/07/2013 - 14:45:08 ---A- C:\Users\Benoit\Downloads\Cube World Updated 04-07-2013\Save\world_server_26879.db [3072]
  435. O61 - LFC: 16/07/2013 - 16:00:40 ---A- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Local State~RF1699c17.TMP [33245]
  436. O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Local\mRemoteNG\mRemoteNG.exe_Url_2joposk0sdzloff54inwswvbs45ekktw\1.70.4814.21440\user.config [22730]
  437. O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Roaming\mRemoteNG\confCons.xml [23913]
  438. O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Roaming\mRemoteNG\extApps.xml [51]
  439. O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Roaming\mRemoteNG\pnlLayout.xml [5528]
  440. O61 - LFC: 17/07/2013 - 15:04:24 ---A- C:\Users\Benoit\Downloads\cakephp-cakephp-2.3.7-0-g06fc8db.zip [2091525]
  441. O61 - LFC: 17/07/2013 - 15:34:10 ---A- C:\Users\Benoit\AppData\Roaming\PSpad\Recent.INI [3692]
  442. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9015cn.da_ [62]
  443. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9015mn.da_ [62]
  444. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9015cn.da_ [62]
  445. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9015mn.da_ [62]
  446. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9015cn.da_ [62]
  447. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9015mn.da_ [62]
  448. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9015cn.da_ [62]
  449. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9015mn.da_ [62]
  450. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9015cn.da_ [62]
  451. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9015mn.da_ [62]
  452. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9015cn.da_ [62]
  453. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9015mn.da_ [62]
  454. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9015cn.da_ [62]
  455. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9015mn.da_ [62]
  456. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9015cn.da_ [62]
  457. O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9015mn.da_ [62]
  458. O61 - LFC: 18/07/2013 - 08:13:49 ---A- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [258723]
  459. O61 - LFC: 18/07/2013 - 08:22:11 ---A- C:\Users\Benoit\Downloads\wakeonlan.zip [19712]
  460. O61 - LFC: 18/07/2013 - 08:43:27 ---A- C:\Users\Benoit\Downloads\Xbox360 mapped.rar [63482]
  461. O61 - LFC: 18/07/2013 - 08:50:01 ---A- C:\Users\Benoit\Downloads\Xpadder-v2012.12.31-Multilingual-Retail-WaLMaRT\file_id.diz [1430]
  462. O61 - LFC: 18/07/2013 - 08:50:01 ---A- C:\Users\Benoit\Downloads\Xpadder-v2012.12.31-Multilingual-Retail-WaLMaRT\walmart.nfo [4624]
  463. O61 - LFC: 18/07/2013 - 08:50:09 ---A- C:\Users\Benoit\Downloads\Xpadder-v2012.12.31-Multilingual-Retail-WaLMaRT\Xpadder.exe [1166848]
  464. O61 - LFC: 18/07/2013 - 09:05:31 --HA- C:\Users\Benoit\Documents\Default.rdp [2240]
  465. O61 - LFC: 18/07/2013 - 09:49:49 ---A- C:\Users\Benoit\AppData\Roaming\PSpad\PSPad.INI [8021]
  466. O61 - LFC: 18/07/2013 - 09:56:27 ---A- C:\Users\Benoit\Downloads\roles.sql [1130]
  467. O61 - LFC: 18/07/2013 - 10:16:59 ---A- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Local State [33421]
  468. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brpsm080.ex_ [26810]
  469. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brpsm080.ex_ [26810]
  470. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brpsm080.ex_ [26810]
  471. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brpsm080.ex_ [26810]
  472. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brpsma80.ex_ [26927]
  473. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brpsma80.ex_ [26927]
  474. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brpsma80.ex_ [26927]
  475. O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brpsma80.ex_ [26927]
  476. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brmd080.ex_ [35020]
  477. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brmdw080.ex_ [32138]
  478. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brmd080.ex_ [35020]
  479. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brmdw080.ex_ [32138]
  480. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brmd080.ex_ [35020]
  481. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brmdw080.ex_ [32138]
  482. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brmd080.ex_ [35020]
  483. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brmdw080.ex_ [32138]
  484. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brmda80.ex_ [36592]
  485. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brmdwa80.ex_ [33034]
  486. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brmda80.ex_ [36592]
  487. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brmdwa80.ex_ [33034]
  488. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brmda80.ex_ [36592]
  489. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brmdwa80.ex_ [33034]
  490. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brmda80.ex_ [36592]
  491. O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brmdwa80.ex_ [33034]
  492. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\bradc08a.da_ [69]
  493. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\bradc08a.da_ [69]
  494. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\bradc08a.da_ [69]
  495. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\bradc08a.da_ [69]
  496. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\bradc08a.da_ [69]
  497. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\bradc08a.da_ [69]
  498. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\bradc08a.da_ [69]
  499. O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\bradc08a.da_ [69]
  500. ~ 16 Fichiers temporaires (Temporary files)
  501. ~ Files: 2870 Legitimates Filtered in 19mn 48s
  502.  
  503.  
  504.  
  505. ---\\ Liste des outils de nettoyage (O63)
  506. O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
  507. ~ ADS: Scanned in 00mn 00s
  508.  
  509.  
  510.  
  511. ---\\ File Associations Shell Spawning (O67)
  512. O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
  513. ~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
  514.  
  515.  
  516.  
  517. ---\\ Start Menu Internet (O68)
  518. O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  519. O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  520. O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
  521. ~ Keys: Scanned in 00mn 00s
  522.  
  523.  
  524.  
  525. ---\\ Search Browser Infection (O69)
  526. O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
  527. O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} [DefaultScope] - (MyStart Search) - http://mystart.incredibar.com =>Adware.IncrediBar
  528. ~ Keys: Scanned in 00mn 00s
  529.  
  530.  
  531.  
  532. ---\\ Crack & Keygen Files (O82)
  533. C:\Program Files (x86)\Git\bin\ssh-keygen.exe
  534. C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
  535. C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
  536. C:\Program Files (x86)\Git\bin\ssh-keygen.exe
  537. C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
  538. C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
  539. ~ Files: Scanned in 03mn 53s
  540.  
  541.  
  542.  
  543. ---\\ Recherche particuliere à la racine de certains dossiers (O84)
  544. [MD5.20A329C8B86D43A60153CEEC780D6A56] [SPRF][17/05/2013] (...) -- C:\ProgramData\hash.dat [32]
  545. [MD5.75DB5A0F9317A206E8CE59B0725F2984] [SPRF][15/11/2012] (.Think Tank Labs, LLC - Smart Suggestor Setup.) -- C:\Users\Benoit\AppData\Local\Temp\ap10013.exe [853184] =>Adware.SmartSuggestor
  546. [MD5.509842CCC1F9E1DCBE3A0E7A4D7D3CDF] [SPRF][11/07/2013] (.Microsoft Corporation - BingBarSetup-Partner.) -- C:\Users\Benoit\AppData\Local\Temp\BingBarSetup-Partner.exe [7850088]
  547. [MD5.B919F915239E373275D4836A019166C2] [SPRF][11/07/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\defaultCache.reg [1469030]
  548. [MD5.0A3B3936E54E4D0A995E03D16B6FFD60] [SPRF][15/05/2013] (.Foxit Corporation - Foxit Updater.) -- C:\Users\Benoit\AppData\Local\Temp\Foxit Reader Updater.exe [7672896]
  549. [MD5.5C8BF1592A4582BC4B4ADA1803646ADA] [SPRF][12/04/2013] (.Foxit Corporation - Foxit Updater.) -- C:\Users\Benoit\AppData\Local\Temp\Foxit Updater.exe [7672792]
  550. [MD5.A5F7B454773E2DC25D71550B76418C51] [SPRF][24/04/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\ICReinstall_vlmc-0-1-0-alpha-en-win-setup.exe [632856]
  551. [MD5.05FECA1B4B1F7F9D924191716AD3F0BA] [SPRF][17/01/2013] (.Pas de propriétaire - IncrediMail Installer.) -- C:\Users\Benoit\AppData\Local\Temp\incredibar_installer.exe [463184] =>Adware.IncrediBar
  552. [MD5.783B4B75CD1C249FFFE5D338CA3D33E6] [SPRF][17/01/2013] (.Pas de propriétaire - IZArc 4.1.7 Setup.) -- C:\Users\Benoit\AppData\Local\Temp\IZArcSetup.exe [5490568]
  553. [MD5.96AE974CEEA336A822272325811342ED] [SPRF][19/04/2013] (.Next Generation Software - mRemoteNG 1.70 Installer.) -- C:\Users\Benoit\AppData\Local\Temp\mRemote_Update.exe [2908917]
  554. [MD5.77DFB27D68CE46659A3D5E93410C0B75] [SPRF][17/01/2013] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Benoit\AppData\Local\Temp\MyBabylonTB_google_20120807.exe [899224] =>Toolbar.Babylon
  555. [MD5.01F3D76C7016A0D8BDDFF89C8B4F4D30] [SPRF][17/01/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\pricepeep_130001_0101.exe [456344] =>Adware.PricePeep
  556. [MD5.C5E74752E31CCB90AF310A694EEBF54F] [SPRF][24/04/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\Reg.reg [111958]
  557. [MD5.CF5AA645F19AAF02EFEE53C266B890E9] [SPRF][24/04/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\Reg2.reg [111958]
  558. [MD5.F10E9620F1D0EDEC56C0C1E1790CEAB9] [SPRF][19/06/2013] (.Skype Technologies S.A. - Skype.) -- C:\Users\Benoit\AppData\Local\Temp\SkypeSetup.exe [31668328]
  559. [MD5.B936F0F378B9A35489353E878154E899] [SPRF][07/11/2007] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Benoit\AppData\Local\Temp\smd_runtime.exe [1821192]
  560. [MD5.93898116ACDD3EF5F7B536FA60574128] [SPRF][26/02/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\temp_presets.dat [2666]
  561. [MD5.8067FB1E819EA64C9C659407837B6D6C] [SPRF][27/03/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\uninstall.bat [1018]
  562. [MD5.06D5E5E952C61923C9D24C83E7FE1F45] [SPRF][27/06/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\vlc-2.0.7-win32.exe [22937227]
  563. ~ Files: Scanned in 00mn 00s
  564.  
  565.  
  566.  
  567. ---\\ Firewall Active Exception List (FirewallRules) (O87)
  568. O87 - FAEL: "TCP Query User{D1B65A15-AB43-486C-B7E2-6C568298AE43}C:\program files\nodejs\node.exe" | In - Private - P6 - TRUE | .(.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\program files\nodejs\node.exe
  569. O87 - FAEL: "UDP Query User{1AD1EC90-E981-40E8-987E-D6E611C79BB8}C:\program files\nodejs\node.exe" | In - Private - P17 - TRUE | .(.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\program files\nodejs\node.exe
  570. O87 - FAEL: "{F20F13D9-F786-4DA0-8808-859B4F51549B}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
  571. O87 - FAEL: "{3E932DAB-0B38-411D-9CE4-42116302050E}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
  572. O87 - FAEL: "{C0C91E17-228B-477A-9F81-6924DF25547B}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
  573. O87 - FAEL: "{6ADF4FD5-31FB-4F80-9CAE-EAADA303FB3C}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
  574. ~ Firewall: 220 Legitimates Filtered in 00mn 00s
  575.  
  576.  
  577.  
  578. ---\\ Scan Additionnel (O88)
  579. Database Version : v2.12771 - (17/07/2013)
  580. Clés trouvées (Keys found) : 43
  581. Valeurs trouvées (Values found) : 1
  582. Dossiers trouvés (Folders found) : 3
  583. Fichiers trouvés (Files found) : 5
  584.  
  585. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
  586. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
  587. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
  588. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
  589. [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}] =>Adware.IncrediBar
  590. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
  591. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
  592. [HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] =>Adware.IncrediBar
  593. [HKCU\Software\APN PIP] =>Toolbar.Ask
  594. [HKCU\Software\WNLT] =>Adware.IncrediBar
  595. [HKLM\SYSTEM\CurrentControlSet\Services\IB Updater] =>Adware.IncrediBar
  596. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}] =>Adware.IncrediBar
  597. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}] =>Adware.IncrediBar
  598. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}] =>Toolbar.Dashlane
  599. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669695BC-A811-4A9D-8CDF-BA8C795F261C}] =>Toolbar.Dashlane
  600. [HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
  601. [HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
  602. [HKLM\Software\Classes\esrv.IncredibarESrvc] =>Adware.Incredibar
  603. [HKLM\Software\Classes\esrv.IncredibarESrvc.1] =>Adware.Incredibar
  604. [HKLM\Software\Classes\Incredibar.dskBnd] =>Adware.Incredibar
  605. [HKLM\Software\Classes\Incredibar.dskBnd.1] =>Adware.Incredibar
  606. [HKLM\Software\Classes\Incredibar.IncredibarHlpr] =>Adware.Incredibar
  607. [HKLM\Software\Classes\Incredibar.IncredibarHlpr.1] =>Adware.Incredibar
  608. [HKLM\Software\Classes\IncredibarApp.appCore] =>Adware.Incredibar
  609. [HKLM\Software\Classes\IncredibarApp.appCore.1] =>Adware.Incredibar
  610. [HKLM\Software\Classes\AppID\escort.DLL] =>PUP.Funmoods
  611. [HKLM\Software\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
  612. [HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
  613. [HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
  614. [HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
  615. [HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
  616. [HKLM\Software\Wow6432Node\Classes\esrv.IncredibarESrvc] =>Adware.Incredibar
  617. [HKLM\Software\Wow6432Node\Classes\esrv.IncredibarESrvc.1] =>Adware.Incredibar
  618. [HKLM\Software\Wow6432Node\Classes\Incredibar.dskBnd] =>Adware.Incredibar
  619. [HKLM\Software\Wow6432Node\Classes\Incredibar.dskBnd.1] =>Adware.Incredibar
  620. [HKLM\Software\Wow6432Node\Classes\Incredibar.IncredibarHlpr] =>Adware.Incredibar
  621. [HKLM\Software\Wow6432Node\Classes\Incredibar.IncredibarHlpr.1] =>Adware.Incredibar
  622. [HKLM\Software\Wow6432Node\Classes\IncredibarApp.appCore] =>Adware.Incredibar
  623. [HKLM\Software\Wow6432Node\Classes\IncredibarApp.appCore.1] =>Adware.Incredibar
  624. [HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
  625. [HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
  626. [HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
  627. [HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
  628. [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Dashlane =>Toolbar.Dashlane
  629. C:\Program Files (x86)\Incredibar.com =>Adware.IncrediBar
  630. C:\Program Files (x86)\Smart Suggestor =>Adware.SmartSuggestor
  631. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Suggestor =>Adware.SmartSuggestor
  632. C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\2syh6h0r.default-1363680329649\SearchPlugins\MyStart Search.xml =>Spyware.VMNToolbar
  633. C:\Users\Benoit\AppData\Local\Temp\incredibar_installer.exe =>Adware.IncrediBar
  634. C:\Users\Benoit\AppData\Local\Temp\MyBabylonTB_google_20120807.exe =>PUP.SweetIM
  635. C:\Users\Benoit\AppData\Local\Temp\pricepeep_130001_0101.exe =>Adware.PricePeep
  636. ~ Additionnel Scan: 244367 Items scanned in 00mn 12s
  637.  
  638.  
  639.  
  640. ---\\ Product Upgrade Codes (O90)
  641. O90 - PUC: "5923976166327F040A543A4EA21863E5" . (.Bing Bar.) -- C:\Windows\Installer\{16793295-2366-40F7-A045-A3E42A81365E}\icon_installer_ico
  642. O90 - PUC: "5A5D625CC95A94D4BA19F1E28CD0C81C" . (.Zend Server.) -- C:\Windows\Installer\{C526D5A5-A59C-4D49-AB91-1F2EC80D8CC1}\ARPPRODUCTICON.exe
  643. O90 - PUC: "CE417ADECC11CB143A24222C3F181D56" . (.QPST 2.7.) -- C:\Windows\Installer\{EDA714EC-11CC-41BC-A342-22C2F381D165}\_6FEFF9B68218417F98F549.exe
  644. ~ Update Products: 30 Legitimates Filtered in 00mn 00s
  645.  
  646.  
  647.  
  648. ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
  649. SR - | Demand 17/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  650. SR - | Auto 17/03/2013 27680 | (Apache2.2-Zend) . (.Apache Software Foundation.) - C:\Program Files (x86)\Zend\Apache2\bin\httpd.exe
  651. SR - | Auto 19/01/2013 729744 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
  652. SR - | Auto 13/02/2012 193816 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe
  653. SR - | Demand 13/02/2012 240408 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
  654. SR - | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
  655. SR - | Demand 26/06/2013 131912 | (Desura Install Service) . (.Desura Pty Ltd.) - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
  656. SR - | Auto 0 | (DisplayFusionService) . (...) - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
  657. SR - | Auto 17/01/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  658. SR - | Demand 17/01/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  659. SR - | Auto 188760 | (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain
  660. SR - | Auto 1455408 | (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe =>Adware.InstallBrain
  661. SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
  662. SR - | Auto 17/07/2012 128896 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
  663. SR - | Auto 27/07/2012 170824 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
  664. SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
  665. SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  666. SR - | Demand 10/07/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
  667. SR - | Demand 08/01/2013 34528 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
  668. SR - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
  669. SR - | Demand 10/07/2013 559016 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  670. SR - | Auto 14/12/2012 3467768 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
  671. SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  672. SR - | Demand 13/05/2012 22016 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
  673. SR - | Demand 9693696 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
  674. SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
  675. SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
  676. SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
  677. SR - | Auto 17/03/2013 782760 | (ZendDeployment) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\zdd.exe
  678. SR - | Auto 17/03/2013 998824 | (ZendJobQueue) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\jqd.exe
  679. SR - | Auto 17/03/2013 539048 | (ZendMonitor) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\MonitorNode.exe
  680. SR - | Auto 17/03/2013 1259432 | (ZendServerDaemon) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\zsd.exe
  681. SR - | Auto 17/03/2013 928680 | (ZendSessionClustering) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\scd.exe
  682. ~ Services: Scanned in 00mn 02s
  683.  
  684.  
  685.  
  686. ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
  687. Written by ad13, http://ad13.geekstog
  688. Run by Benoit at 18/07/2013 11:41:26
  689.  
  690. ********* Dump file Name *********
  691. C:\PhysicalDisk0_MBR.bin
  692. ~ MBR: Scanned in 00mn 04s
  693.  
  694.  
  695.  
  696. ---\\ Malicius Software Information
  697. ~ http://nicolascoolman.webs.com/apps/blog/show/29335895-adware-smartsuggestor =>Adware.SmartSuggestor
  698. ~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
  699. ~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
  700. ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
  701. ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
  702. ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
  703. ~ http://nicolascoolman.webs.com/apps/blog/show/27985391-spyware-vmntoolbar =>Spyware.VMNToolbar
  704. ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
  705. ~ MSI: 8 link(s) detected in 00mn 04s
  706.  
  707.  
  708.  
  709. ~ 4111 Legitimates filtered by white list
  710. End of the scan (709 lines in 28mn 56s)(6)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!