Bonjour,
pouvez vous m'aider j'accede en mode sans echec sinon en normal j'ai un bloquage sur tout et un message me cit ne répond pas
voici le rapport zhpdiag
Rapport de ZHPDiag v2013.5.25.152 par Nicolas Coolman, Update du 25/05/2013
Run by matteo at 28/05/2013 00:11:53
WebSite:
https://nicolascoolman.webs.com/
State :
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ System Optimizer
CCleaner v3.12 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader X
---\\ System Information
~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3818 MB (67% free)
System Restore: Activé (Enable)
System drive C: has 124 GB (27%) free of 451 GB
---\\ Logged in mode
~ Computer Name: FLAVIO-PC
~ User Name: matteo
~ All Users Names: matteo, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\matteo\AppData\Roaming\
~ %Desktop% : C:\Users\matteo\Desktop\
~ %Favorites% : C:\Users\matteo\Favorites\
~ %LocalAppData% : C:\Users\matteo\AppData\Local\
~ %StartMenu% : C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 124 Go of 451 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 29 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DE03C917EDED2A999C942A4F943D3068] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/02/2012 - 07:39:37.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2036
~ Mes musiques (My Musics) : 24/292
~ Mes Videos (My Videos) : 2/144
~ Mes Favoris (My Favorites) : 1/47
~ Mes Documents (My Documents) : 2/1337
~ Mon Bureau (My Desktop) : 4/22
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 16s
---\\ Processus lancés
[MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.1964]
[MD5.C613E69C3B191BB02C7A191741A1D024] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040] [PID.768]
[MD5.F72DD84DD69DF001CF4D1B909685A136] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7402496] [PID.3996]
[MD5.1CD51AE9BCEAC9F0CEE159821A1817B8] - (...) -- C:\Users\matteo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E7KQS29K\RogueKiller[1].exe [816128] [PID.2032]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.delta-search.com =>Toolbar.DeltaSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs =
http://www.delta-search.com =>Toolbar.DeltaSearch
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG SafeGuard toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: delta Helper Object [64Bits] - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll =>Toolbar.DeltaSearch
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKCU\..\Run: [OrangeInside] C:\Users\matteo\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\matteo\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [offerbox] . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBox.exe =>PUP.OfferBox
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Packard Bell MyBackup.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.AVG Secure Search - VProtect Application.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe =>Toolbar.AVGSearch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [OrangeInside] C:\Users\matteo\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe (.not file.)
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\matteo\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Adobe Photoshop Elements 8.0.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 8.0.) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\Photoshop Elements 8.0.exe
O4 - GS\TaskBar: avast! Free Antivirus.lnk . (...) -- C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe (.not file.)
O4 - GS\TaskBar: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe
O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\TaskBar: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe
O4 - GS\TaskBar: Video Web Camera.lnk . (.CyberLink Corp. - WebCam.) -- C:\Program Files (x86)\Video Web Camera\WebCam.exe
O4 - GS\TaskBar: VLC media player.lnk . (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: ijji REACTOR.lnk . (.NHN Corporation - Reactor Application.) -- C:\Program Files (x86)\REACTOR\REACTOR.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: WildTangent Games App - packardbell.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop: 77zip.lnk . (.Igor Pavlov - 77Zip File Manager.) -- C:\Program Files (x86)\77zip\77zip.exe
O4 - GS\Desktop: EDEN 41.lnk . (...) -- C:\Users\matteo\Documents\EDEN 41
O4 - GS\Desktop: IMPRIMANTE.lnk - Clé orpheline
O4 - GS\Desktop: Mon Carnet d'Adresses.lnk . (.db2p - Mon Carnet d'Adresses.) -- C:\Program Files (x86)\Mon Carnet d'Adresses\adresses.exe
O4 - GS\Desktop: SpeedAnalysis.lnk - Clé orpheline =>PUP.SpeedAnalysis
O4 - GS\Desktop: suivi comptes 2013.lnk . (...) -- C:\Users\matteo\Documents\suivi comptes 2013.xlsx
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC3B451E-92A7-48B1-AEB1-CA88CF7269D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC3B451E-92A7-48B1-AEB1-CA88CF7269D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC3B451E-92A7-48B1-AEB1-CA88CF7269D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AMD Reservation Manager (AMD Reservation Manager) . (.Advanced Micro Devices - RM Application.) - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
O23 - Service: (vToolbarUpdater15.2.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 19 Legitimates Filtered in 00mn 10s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPUpdater.job [284]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\OfferBoxUpdate.job [262] =>PUP.OfferBox
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PC Performer.job [284] =>Rogue.PCPerformer
~ Scheduled Task: 8 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 77zip - (...) [HKLM][64Bits] -- 77zip
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Toolbar.Babylon
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta
O42 - Logiciel: Fissa - (.Aedge Performance BCN.) [HKLM][64Bits] -- {4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
O42 - Logiciel: IMinent Toolbar - (.IMinent.) [HKLM][64Bits] -- {A76AA284-E52D-47E6-9E4F-B85DBF8E35C3} =>Adware.IMBooster
~ Logic: 159 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\80dfdeb43bbd47]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\FissaSearch]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\PerformerSoft]
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\Softonic]
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\USyndication]
[HKCU\Software\usyndication.com]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DomaIQ] =>Toolbar.DomaIQ
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\80dfdeb43bbd47]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\FissaSearch]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\PerformerSoft]
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\Supreme Savings] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
~ Key Software: 278 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/05/2013 - 23:54:49 - [3,592] ----D C:\Program Files (x86)\77zip
O43 - CFD: 27/05/2013 - 23:54:29 - [2,342] ----D C:\Program Files (x86)\Delta
O43 - CFD: 02/04/2013 - 17:01:42 - [4,634] ----D C:\Program Files (x86)\GUM1A53.tmp
O43 - CFD: 14/11/2011 - 20:54:14 - [3,374] ----D C:\Program Files (x86)\OfferBox =>PUP.OfferBox
O43 - CFD: 27/05/2013 - 23:54:54 - [11,876] ----D C:\Program Files (x86)\PC Performer =>Rogue.PCPerformer
O43 - CFD: 31/05/2012 - 08:59:14 - [4,604] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 25/05/2013 - 11:28:44 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 27/05/2013 - 23:54:39 - [7,805] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 27/05/2013 - 23:54:11 - [0,681] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 19/05/2013 - 16:48:28 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 24/05/2013 - 14:58:25 - [0,280] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 27/05/2013 - 23:54:36 - [1,573] ----D C:\Users\matteo\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 19/05/2012 - 18:28:17 - [0,059] ----D C:\Users\matteo\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 27/05/2013 - 23:54:28 - [0,259] ----D C:\Users\matteo\AppData\Roaming\Delta
O43 - CFD: 24/05/2013 - 14:53:52 - [0,059] ----D C:\Users\matteo\AppData\Roaming\ErrorTeck
O43 - CFD: 08/04/2013 - 10:07:47 - [0,308] ----D C:\Users\matteo\AppData\Roaming\File Scout
O43 - CFD: 27/11/2012 - 15:53:40 - [0,024] ----D C:\Users\matteo\AppData\Roaming\FissaSearch
O43 - CFD: 17/05/2013 - 09:15:50 - [0,335] ----D C:\Users\matteo\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 27/05/2013 - 23:55:00 - [0,463] ----D C:\Users\matteo\AppData\Roaming\PerformerSoft
O43 - CFD: 16/02/2012 - 17:55:44 - [0,108] ----D C:\Users\matteo\AppData\Roaming\Shareaza
O43 - CFD: 27/05/2013 - 23:54:10 - [0,066] ----D C:\Users\matteo\AppData\Roaming\SpecialSavings =>PUP.SpecialSavings
O43 - CFD: 08/04/2013 - 10:08:39 - [0,076] ----D C:\Users\matteo\AppData\Roaming\SpeedanAlysis =>PUP.SpeedAnalysis
O43 - CFD: 27/05/2013 - 23:54:10 - [0,079] ----D C:\Users\matteo\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 19/05/2013 - 15:15:13 - [0] ----D C:\Users\matteo\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 26/03/2013 - 22:41:03 - [0,039] ----D C:\Users\matteo\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
O43 - CFD: 20/05/2012 - 12:50:25 - [0,014] ----D C:\Users\matteo\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 27/03/2013 - 00:58:56 - [0] ----D C:\Users\matteo\AppData\Local\Services x86 =>PUP.CrossRider
O43 - CFD: 11/02/2012 - 23:19:18 - [2023,732] ----D C:\Users\matteo\AppData\Local\Shareaza
O43 - CFD: 27/05/2013 - 23:54:49 - [0,003] ----D C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\77zip
O43 - CFD: 27/05/2013 - 23:54:43 - [0,001] ----D C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect =>Toolbar.Babylon
~ 173 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 409 Legitimates Filtered in 01mn 15s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.83965B2C3553D11B10081B55E3692DEF] - 27/05/2013 - 19:30:47 ---A- . (...) -- C:\Windows\ntbtlog.txt [1012902]
O44 - LFC:[MD5.DCD82CE8C772F08A518907ECB3D29E38] - 24/05/2013 - 21:33:05 ---A- . (...) -- C:\Windows\Reimage.ini [135] =>Rogue.ReimageRepair
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
~ Files: 27 Legitimates Filtered in 00mn 10s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5A1A0518723204B63D5D573074C042A3] - 03/05/2013 - 20:57:53 ---A- - C:\Windows\Prefetch\COFIRE.EXE-C2A69CED.pf
O45 - LFCP:[MD5.1BFFEABE92917E79599038399C434B91] - 23/05/2013 - 15:23:00 ---A- - C:\Windows\Prefetch\SNS.EXE-CE6A762A.pf
O45 - LFCP:[MD5.D3552DF6AB02D7ECDDAF22095C1732D8] - 23/05/2013 - 18:54:47 ---A- - C:\Windows\Prefetch\OFFERBOX.EXE-97842474.pf =>PUP.OfferBox
O45 - LFCP:[MD5.4807A6DCD9BC58F00BD82D15691294E6] - 24/05/2013 - 14:54:30 ---A- - C:\Windows\Prefetch\UPDATERSERVICE.EXE-EC463760.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 01s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{3c15a9e4-90f9-11e0-afc2-806e6f6e6963}\AutoRun\command. (...) -- D:\.\AutorunX\AutorunX.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.F87FBE8B104DF9C35CD52909B8D28A4A] - 21/05/2012 - 14:39:35 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [33408]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 27/05/2013 - 17:05:47 ---A- C:\Users\matteo\AppData\Roaming\OfferBox\config.xml [3720] =>PUP.OfferBox
O61 - LFC: 27/05/2013 - 19:52:00 ---A- C:\Users\matteo\Documents\XAVIER BTS AEA\CV Xavier 2.docx [67322]
O61 - LFC: 27/05/2013 - 22:53:34 ---A- C:\Users\matteo\AppData\Roaming\speedanalysis.ico [30894] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:08 ---A- C:\Users\matteo\AppData\Roaming\File Scout\uninst.exe [62902]
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome.manifest [328] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\background.html [118] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\button.xml [1582] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\config.js [242] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\content.js [66] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\framework.js [19068] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\framework.xul [1921] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\jquery-1.6.2.min.js [91731] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz\background.js [2162] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz\content.js [1926] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\options.xul [1583] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\settings.json [230] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\skin\framework.css [1326] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\install.rdf [1028] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest [332] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html [118] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js [469] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml [1582] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js [241] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js [66] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js [19068] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul [2010] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico [2862] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico [2862] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico [10134] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.6.2.min.js [91731] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js [2162] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js [1837] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul [1586] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json [200] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css [1327] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf [1000] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:44 ---A- C:\Users\matteo\AppData\Roaming\Babylon\log_file.txt [62248] =>Toolbar.Babylon
O61 - LFC: 27/05/2013 - 22:58:59 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups\00000001.rmx [192] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:58:59 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups\00000001.rxb [5293] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\ExcludeList.rcp [6] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\French_rcp.dat [54648] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\TempHLList.rcp [6] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\results.rcp [111282] =>Rogue.PCPerformer
~ 19 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 103 Legitimates Filtered in 00mn 43s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) -
http://www.delta-search.com =>Toolbar.DeltaSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.272B568DEF99F39B1FB5F15025878A1A] [SPRF][27/05/2013] (...) -- C:\Users\matteo\AppData\Local\Temp\dump.dat [1908736]
[MD5.1F8AE2FA2C80F8BEA89DEEE1ADACFABE] [SPRF][24/05/2013] (.AVG Secure Search - AVG Installer.) -- C:\Users\matteo\AppData\Local\Temp\oi_{5DC9A215-B24C-41FF-B745-D8245FFBF6A4}.exe [3238936] =>Toolbar.AVGSearch
[MD5.4D5EE039DF40AF36B8643A1388D287A8] [SPRF][24/05/2013] (.Reimage® - Reimage Repair.) -- C:\Users\matteo\AppData\Local\Temp\ReimagePackage.exe [11871520] =>Rogue.ReimageRepair
[MD5.68DCFF2A1F56D0A01056E3AFE0BA5055] [SPRF][24/05/2013] (...) -- C:\Users\matteo\AppData\Local\Temp\SkypeSetup.exe [24860672]
[MD5.DA607F815683537CB66B955FFE645DA9] [SPRF][24/03/2010] (.NHN USA - ijjiSetup Module.) -- C:\Windows\Downloaded Program Files\ijjiSetup1010.dll [143968]
[MD5.0855BE0B05AA4A4F2F7B412EB4F09E02] [SPRF][11/05/2010] (.NHN Corporation - Purple Plugin.) -- C:\Windows\Downloaded Program Files\PubPlugin.dll [173232]
~ Files: Scanned in 00mn 06s
---\\ Scan Additionnel (O88)
Database Version : v2.12362 - (25/05/2013)
Clés trouvées (Keys found) : 338
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 33
Fichiers trouvés (Files found) : 2
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware. BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware. BullseyeToolbar
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.Agent
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco] =>PUP.1ClickDownloader
[HKLM\Software\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Features
Afficher la suite
29 mai 2013 à 00:48
voici le rapport
# AdwCleaner v2.301 - Rapport créé le 29/05/2013 à 00:47:33
# Mis à jour le 16/05/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : matteo - FLAVIO-PC
# Mode de démarrage : Mode sans échec avec prise en charge réseau
# Exécuté depuis : C:\Users\matteo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OJFQKV\adwcleaner[1].exe
# Option [Recherche]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Dossier Présent : C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [1146 octets] - [29/05/2013 00:47:34]
AdwCleaner[S1].txt - [29832 octets] - [29/05/2013 00:35:03]
########## EOF - C:\AdwCleaner[R1].txt - [1267 octets] ##########
29 mai 2013 à 01:04