Sujet Précédent Sujet Suivant

Infection porn.exe

Eugénie76 Messages postés 23 Statut Membre -  
Eugénie76 Messages postés 23 Statut Membre -
Bonjour,

Bonjour à tous et toutes,

Je suis infecté par ce virus et après avoir visité votre forum, j'ai trouvé plusieurs utilitaires à utiliser mais étant novice en informatique je ne comprend rien du tout.

Pourriez-vous m'aider à les décoder et me dire ce que je dois faire d'autres

D'avance merci

3 réponses

Réponse 1 / 3
bambambigelow
 
Bonsoir,
https://forums.commentcamarche.net/forum/affich-24509437-virus-sexy-exe-porn-exe-coment-les-supprimer
1
Réponse 2 / 3
Eugénie76 Messages postés 23 Statut Membre 3
 
Rapport ADWCleaner :

# AdwCleaner v3.002 - Rapport créé le 04/09/2013 à 01:12:31
# Mis à jour le 01/09/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
# Nom d'utilisateur : Nikos - DEATH-AB5E7C82B
# Exécuté depuis : C:\Documents and Settings\Nikos\Mes documents\Téléchargements\adwcleaner.exe
# Option : Scanner

***** [ Services ] *****

Service Présent : WajamUpdater
Service Présent : WebCakeUpdater
Service Présent : winzipersvc

***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\Extensions\plugin@getwebcake.com
Dossier Présent : C:\Documents and Settings\Nikos\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Dossier Présent C:\DOCUME~1\Nikos\LOCALS~1\Temp\apn
Dossier Présent C:\DOCUME~1\Nikos\LOCALS~1\Temp\Desk365
Dossier Présent C:\DOCUME~1\Nikos\LOCALS~1\Temp\Smartbar
Dossier Présent C:\Documents and Settings\All Users\Application Data\apn
Dossier Présent C:\Documents and Settings\All Users\Application Data\Babylon
Dossier Présent C:\Documents and Settings\All Users\Application Data\eSafe
Dossier Présent C:\Documents and Settings\All Users\Application Data\Tarma Installer
Dossier Présent C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Media Finder
Dossier Présent C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Media Finder
Dossier Présent C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinZipper
Dossier Présent C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinZipper
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Babylon
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Desk 365
Dossier Présent C:\Documents and Settings\Nikos\Application Data\eIntaller
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Media Finder
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\jetpack
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Nosibay
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Omiga Plus
Dossier Présent C:\Documents and Settings\Nikos\Application Data\OpenCandy
Dossier Présent C:\Documents and Settings\Nikos\Application Data\SwvUpdater
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Systweak
Dossier Présent C:\Documents and Settings\Nikos\Application Data\Tepfel
Dossier Présent C:\Documents and Settings\Nikos\Application Data\WinZipper
Dossier Présent C:\Documents and Settings\Nikos\Application Data\yourfiledownloader
Dossier Présent C:\Documents and Settings\Nikos\Local Settings\Application Data\Bundled software uninstaller
Dossier Présent C:\Documents and Settings\Nikos\Local Settings\Application Data\lollipop
Dossier Présent C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar
Dossier Présent C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\TornTV.com
Dossier Présent C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\Wajam
Dossier Présent C:\Program Files\Desk 365
Dossier Présent C:\Program Files\Movdap
Dossier Présent C:\Program Files\MyPC Backup
Dossier Présent C:\Program Files\MyPC Backup
Dossier Présent C:\Program Files\Nosibay
Dossier Présent C:\Program Files\Omiga Plus
Dossier Présent C:\Program Files\optimizer pro
Dossier Présent C:\Program Files\RegClean Pro
Dossier Présent C:\Program Files\Tepfel
Dossier Présent C:\Program Files\TornTV.com
Dossier Présent C:\Program Files\Wajam
Dossier Présent C:\Program Files\WinZipper
Fichier Présent : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\\invalidprefs.js
Fichier Présent : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\ask-search.xml
Fichier Présent : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\Babylon.xml
Fichier Présent : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\search.xml
Fichier Présent : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\user.js
Fichier Présent : C:\END
Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
Fichier Présent : C:\WINDOWS\system32\roboot.exe
Fichier Présent : C:\WINDOWS\Tasks\AmiUpdXp.job

***** [ Raccourcis ] *****

Raccourci Présent : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM3250820A_9QE48L3KXXXX9QE48L3K&ts=1375656352 )
Raccourci Présent : C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM3250820A_9QE48L3KXXXX9QE48L3K&ts=1375656352 )
Raccourci Présent : C:\Documents and Settings\Nikos\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM3250820A_9QE48L3KXXXX9QE48L3K&ts=1375656352 )

***** [ Registre ] *****

Clé Présente : HKCU\Software\1ClickDownload
Clé Présente : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Présente : HKCU\Software\AppDataLow\Software\SmartBar
Clé Présente : HKCU\Software\BabSolution
Clé Présente : HKCU\Software\BI
Clé Présente : HKCU\Software\Conduit
Clé Présente : HKCU\Software\Crossrider
Clé Présente : HKCU\Software\DataMngr
Clé Présente : HKCU\Software\DataMngr_Toolbar
Clé Présente : HKCU\Software\Delta
Clé Présente : HKCU\Software\delta LTD
Clé Présente : HKCU\Software\InstallCore
Clé Présente : HKCU\Software\InstalledBrowserExtensions
Clé Présente : HKCU\Software\lollipop
Clé Présente : HKCU\Software\LyricsFan
Clé Présente : HKCU\Software\MediaFinder
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Clé Présente : HKCU\Software\Nosibay
Clé Présente : HKCU\Software\SmartBar
Clé Présente : HKCU\Software\SmartbarBackup
Clé Présente : HKCU\Software\SmartbarLog
Clé Présente : HKCU\Software\Wajam
Clé Présente : HKCU\Software\YourFileDownloader
Clé Présente : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Présente : HKLM\SOFTWARE\526dddeb569bd12
Clé Présente : HKLM\Software\Babylon
Clé Présente : HKLM\Software\BabylonToolbar
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551178}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1
Clé Présente : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Clé Présente : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Présente : HKLM\SOFTWARE\Classes\MF
Clé Présente : HKLM\SOFTWARE\Classes\Prod.cap
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Clé Présente : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Clé Présente : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Clé Présente : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Clé Présente : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Clé Présente : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Clé Présente : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Clé Présente : HKLM\Software\DataMngr
Clé Présente : HKLM\Software\Delta
Clé Présente : HKLM\Software\Desksvc
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Clé Présente : HKLM\Software\omigaplusSvc
Clé Présente : HKLM\Software\qvo6Software
Clé Présente : HKLM\Software\systweak
Clé Présente : HKLM\Software\Tarma Installer
Clé Présente : HKLM\Software\V9
Clé Présente : HKLM\Software\Wajam
Clé Présente : HKLM\Software\YourFileDownloader
Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Donnée Présente : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM3250820A_9QE48L3KXXXX9QE48L3K&ts=1375656352
Produit Présent : Google Update Helper
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Bubble Dock]
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Valeur Présente : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valeur Présente : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe]
Valeur Présente : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\YourFileDownloader\Downloader.exe]
Valeur Présente : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\YourFileDownloader\YourFile.exe]

***** [ Navigateurs ] *****

-\\ Internet Explorer v6.0.2900.2180

Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM3250820A_9QE48L3KXXXX9QE48L3K&ts=1375656353
Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=MAXTORXSTM3250820A_9QE48L3KXXXX9QE48L3K&ts=1375656353

-\\ Mozilla Firefox v23.0.1 (fr)

[ Fichier : C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\prefs.js ]

Ligne Trouvée : user_pref("extensions.crossrider.bic", "13ff918317e9fa0b1f6bd757eeb1d433");
Ligne Trouvée : user_pref("extensions.delta.admin", false);
Ligne Trouvée : user_pref("extensions.delta.aflt", "babsst");
Ligne Trouvée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Ligne Trouvée : user_pref("extensions.delta.autoRvrt", "false");
Ligne Trouvée : user_pref("extensions.delta.bbDpng", "12");
Ligne Trouvée : user_pref("extensions.delta.cntry", "FR");
Ligne Trouvée : user_pref("extensions.delta.dfltLng", "fr");
Ligne Trouvée : user_pref("extensions.delta.excTlbr", false);
Ligne Trouvée : user_pref("extensions.delta.ffxUnstlRst", true);
Ligne Trouvée : user_pref("extensions.delta.hdrMd5", "F04D680CA2C97B86742321AFC6A4A19F");
Ligne Trouvée : user_pref("extensions.delta.id", "90371eac00000000000000112fd96e48");
Ligne Trouvée : user_pref("extensions.delta.instlDay", "15943");
Ligne Trouvée : user_pref("extensions.delta.instlRef", "sst");
Ligne Trouvée : user_pref("extensions.delta.lastVrsnTs", "1.8.21.519:39:04");
Ligne Trouvée : user_pref("extensions.delta.newTab", false);
Ligne Trouvée : user_pref("extensions.delta.prdct", "delta");
Ligne Trouvée : user_pref("extensions.delta.prtnrId", "delta");
Ligne Trouvée : user_pref("extensions.delta.rvrt", "false");
Ligne Trouvée : user_pref("extensions.delta.sg", "azb");
Ligne Trouvée : user_pref("extensions.delta.smplGrp", "none");
Ligne Trouvée : user_pref("extensions.delta.tlbrId", "base");
Ligne Trouvée : user_pref("extensions.delta.tlbrSrchUrl", "");
Ligne Trouvée : user_pref("extensions.delta.vrsn", "1.8.24.6");
Ligne Trouvée : user_pref("extensions.delta.vrsnTs", "1.8.24.616:59:18");
Ligne Trouvée : user_pref("extensions.delta.vrsni", "1.8.24.6");
Ligne Trouvée : user_pref("extensions.delta_i.babExt", "");
Ligne Trouvée : user_pref("extensions.delta_i.babTrack", "affID=123884&tsp=4986");
Ligne Trouvée : user_pref("extensions.delta_i.srcExt", "ss");
Ligne Trouvée : user_pref("extensions.enabledAddons", "plugin%40getwebcake.com:1.00.01,%7B0cd99a8e-61bc-4eba-8d37-474d8b896bc8%7D:1.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1");
Ligne Trouvée : user_pref("extentions.webcake.defaultEnableAppsList", "layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc");
Ligne Trouvée : user_pref("extentions.webcake.installId", "77777b55-df6b-4361-b1be-50b6bae0afa6");

-\\ Google Chrome v29.0.1547.62

[ Fichier : C:\Documents and Settings\Nikos\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [20641 octets] - [04/09/2013 01:12:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20702 octets] ##########
0
Réponse 3 / 3
Eugénie76 Messages postés 23 Statut Membre 3
 
Rapport ZHPDiag :

~ Rapport de ZHPDiag v2013.9.2.3 - Nicolas Coolman (03/09/2013)
~ Lancé par Nikos (04/09/2013 01:17:42)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found

---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 23.0.1 (Defaut)
GCIE: Google Chrome v29.0.1547.62

---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Professional Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du système

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 7.0 - Français

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 12 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1279 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 98 GB (41%) free of 233 GB

---\\ Mode de connexion au système
~ Computer Name: DEATH-AB5E7C82B
~ User Name: Nikos
~ All Users Names: SUPPORT_388945a0, Nikos, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Nikos\Application Data\
~ %Desktop% : C:\Documents and Settings\Nikos\Bureau\
~ %Favorites% : C:\Documents and Settings\Nikos\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Nikos\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Nikos\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 98 Go of 233 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 56 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 4 Go)
I:\ CD-ROM drive (Not Inserted)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified
~ Security Center: 22 Legitimates Filtered in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.2A7BD330924252A2FD80344FC949BB72] - (.Microsoft Corporation - Explorateur Windows.) (.19/08/2004 - 14:09:54.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.4E958B97EFC3D801F49283D1820F48B7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/08/2004 - 14:09:48.) -- C:\WINDOWS\system32\wininet.dll [660480]
[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.19/08/2004 - 14:10:06.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/08/2004 - 21:14:16.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/08/2004 - 20:59:44.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/08/2004 - 21:14:12.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/08/2004 - 20:59:54.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.28/08/2001 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.19/08/2004 - 13:56:40.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/08/2004 - 21:00:16.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.03/08/2004 - 21:04:52.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.03/08/2004 - 21:14:30.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/08/2004 - 21:15:18.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.03/08/2004 - 21:14:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.03/08/2004 - 21:15:10.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.30/11/2006 - 12:56:11.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/08/2004 - 21:14:24.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/2004 - 22:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.19/08/2004 - 16:54:52.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/08/2004 - 13:59:14.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 2/2503
~ Mon Bureau (My Desktop) : 0/20
~ Menu demarrer (Programs) : 1/46
~ Hidden Files: Scanned in 00mn 05s

---\\ Processus lancés au démarrage du système
[MD5.10693CF427C529AB53F2580498F37850] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [430080] [PID.936]
[MD5.F720502AAA03FAB627A96E5EAADAA28D] - (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) -- C:\Program Files\WinZipper\winzipersvc.exe [424104] [PID.1716]
[MD5.BA84C5A64CAF073DD4F4C2D749E5E192] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe [577536] [PID.1964]
[MD5.E558CDE2913DAA077D4E25732D1AA176] - (.Hewlett-Packard Company - hpwuSchd.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152] [PID.1980]
[MD5.372EDDADA4CB024337932ECEA36BA7FD] - (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\WINDOWS\wisptis.exe [1134165] [PID.2016]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.648]
[MD5.928130E85250808BDB45694983AEDF65] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [147456] [PID.1104]
[MD5.918007C1311C833B58F50B59B454266D] - (.Bake Cake - Desktop.) -- C:\Documents and Settings\Nikos\Application Data\Tepfel\WebCakeDesktop.exe [52504] [PID.1120] =>Adware.WebCake
[MD5.19E3C87ED503A17CD873D32375C8D392] - (.Smartbar - Smartbar.) -- C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar\Application\QuickShare.exe [20248] [PID.1152] =>PUP.QuickShare
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688] [PID.1400]
[MD5.7AB558B9643DE6983F343A840B09B6C6] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe [1208320] [PID.1660]
[MD5.C519CEC624CF9BCBA3059F32266C8FFF] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [258048] [PID.1504]
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064] [PID.1992] =>Toolbar.Wajam
[MD5.7D66C7460240C5FA7DA4E775DF9FF328] - (.cake bake - Desktop.Updater.) -- C:\Program Files\Tepfel\WebCakeDesktop.Updater.exe [51992] [PID.2028] =>Adware.WebCake
[MD5.8DD0CDB0C700992D10169D8769EF5F43] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [266240] [PID.3472]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.3772]
[MD5.FC21787F32E3793A4C7C02D2BFAA5AE0] - (.Microsoft Corporation - Mises à jour automatiques.) -- C:\WINDOWS\system32\wuauclt.exe [112640] [PID.2584]
[MD5.72EF708552059546B1AAA82E7AA59439] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.2896]
[MD5.20CE553CFBA1BB098868285AB3E88999] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7865344] [PID.1444]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Nikos\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 1 Legitimates Filtered in 00mn 04s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\prefs.js
C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\user.js
M3 - MFPP: Plugins - [Nikos] -- C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [Nikos] -- C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [Nikos] -- C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\search.xml
M3 - MFPP: Plugins - [Nikos] -- C:\Program Files\Mozilla FireFox\searchplugins\qvo6.xml =>Hijacker.Qvo6
M2 - MFEP: prefs.js [Nikos - 144kn54p.default\plugin@getwebcake.com] [] WebCake v1.00.01 (..) =>Adware.WebCake
M2 - MFEP: prefs.js [Nikos - 144kn54p.default\{0cd99a8e-61bc-4eba-8d37-474d8b896bc8}] [] QuickShare Widget v1.00.01 (..) =>PUP.QuickShare
M2 - MFEP: prefs.js [Nikos - 144kn54p.default\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}_deleted] [] Webroot v2.0.0 (..)
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.qvo6.com =>Hijacker.Qvo6
~ IE Browser: 10 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0035578 - {11111111-1111-1111-1111-110311551178} . (.installdaddy - Torntv 2 BHO.) -- C:\Program Files\Torntv 2\Torntv 2-bho.dll =>PUP.CrossRider
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} . (.Let Them Eat Web-Cake LLC - Web-Cake Runtime.) -- C:\Program Files\Tepfel\WebCakeIEClient.dll =>Adware.WebCake
O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>PUP.QuickShare
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files\Wajam\IE\priam_bho.dll =>Toolbar.Wajam
O2 - BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} . (...) -- C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll (.not file.)
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} . (...) -- C:\Documents and Settings\Nikos\Application Data\Media Finder\Extensions\gencrawler_gc.dll =>PUP.MediaFinder
~ BHO: 14 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Webroot Toolbar - [HKLM]{97ab88ef-346b-4179-a0b1-7445896547a5} . (...) -- C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll
O3 - Toolbar: QuickShare Widget - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>PUP.QuickShare
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Company - hpwuSchd.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NetworkSaver] C:\WINDOWS\Temp\temp23.exe (.not file.)
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [MediaUpdater] C:\temp\HP_WebRelease\Setup\agent.exe (.not file.)
O4 - HKLM\..\Run: [TimeInformer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\MediaCoder\codecs\launch.exe
O4 - HKLM\..\Run: [VideoChecker] C:\Program Files\HP\Digital Imaging\bin\jucheck.exe (.not file.)
O4 - HKLM\..\Run: [FolderChecker] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\WINDOWS\wisptis.exe
O4 - HKLM\..\Run: [NetworkChecker] . (.Microsoft Corporation - ?????????? ????????.) -- C:\Program Files\THQ\Titan Quest Immortal Throne\convert.exe
O4 - HKLM\..\Run: [MediaInformer] C:\Program Files\Fichiers communs\Ahead\Lib\unpack.exe (.not file.)
O4 - HKLM\..\Run: [TrayVerifyer] C:\Program Files\MediaCoder\tools\extract.exe (.not file.)
O4 - HKLM\..\Run: [IconInformer] C:\temp\HP_WebRelease\Setup\em_exec.exe (.not file.)
O4 - HKLM\..\Run: [FolderUpdater] C:\DOCUME~1\Nikos\LOCALS~1\Temp\wmpnscfg.exe (.not file.)
O4 - HKLM\..\Run: [CrashReportUpdater] C:\DOCUME~1\Nikos\LOCALS~1\Temp\wmpnscfg.exe (.not file.)
O4 - HKLM\..\Run: [ConnectionVerifyer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\WINDOWS\launch.exe
O4 - HKLM\..\Run: [FolderInformer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Documents and Settings\Nikos\Mes documents\Téléchargements\hkcr.exe
O4 - HKLM\..\Run: [VideoUpdater] C:\DOCUME~1\Nikos\LOCALS~1\Temp\iexplore.exe (.not file.)
O4 - HKLM\..\Run: [ConnectionSaver] C:\DOCUME~1\Nikos\LOCALS~1\Temp\gearsec.exe (.not file.)
O4 - HKLM\..\Run: [FolderSaver] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Documents and Settings\Nikos\Mes documents\Downloads\klwtblfs.exe
O4 - HKLM\..\Run: [TimeVerifyer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\HP\Digital Imaging\bin\lucoms.exe
O4 - HKLM\..\Run: [ConnectionNotifyer] . (.Microsoft Corporation - ?????????? ????????.) -- C:\Program Files\THQ\Titan Quest Immortal Throne\winlogon.exe
O4 - HKLM\..\Run: [FolderNotifyer] C:\DOCUME~1\Nikos\LOCALS~1\Temp\hkcr.exe (.not file.)
O4 - HKLM\..\Run: [NetworkUpdater] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- G:\porn.exe
O4 - HKLM\..\Run: [TimeSaver] C:\DOCUME~1\Nikos\LOCALS~1\Temp\lucoms.exe (.not file.)
O4 - HKLM\..\Run: [MediaChecker] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\Fichiers communs\Ahead\Lib\winlogon.exe
O4 - HKLM\..\Run: [FolderVerifyer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\Alcohol Soft\Alcohol 120\run.exe
O4 - HKLM\..\Run: [DatabaseInformer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\agent.exe
O4 - HKLM\..\Run: [VideoVerifyer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\THQ\Titan Quest Immortal Throne\jucheck.exe
O4 - HKLM\..\Run: [CrashReportNotifyer] C:\DOCUME~1\Nikos\LOCALS~1\Temp\hkcr.exe (.not file.)
O4 - HKLM\..\Run: [VideoSaver] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Documents and Settings\Nikos\Mes documents\Downloads\jucheck.exe
O4 - HKLM\..\Run: [DatabaseVerifyer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\ElcomSoft\Advanced Archive Password Recovery\unpack.exe
O4 - HKLM\..\Run: [ConnectionUpdater] C:\WINDOWS\winlogon.exe (.not file.)
O4 - HKLM\..\Run: [VideoNotifyer] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\WINDOWS\jucheck.exe
O4 - HKLM\..\Run: [ConnectionChecker] . (.Pas de propriétaire - ??????????-???????? dvdplay.) -- C:\Program Files\THQ\Titan Quest Immortal Throne\wisptis.exe
O4 - HKLM\..\Run: [CrashReportChecker] C:\DOCUME~1\Nikos\LOCALS~1\Temp\klwtblfs.exe (.not file.)
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [Hoolapp Android] C:\DOCUME~1\Nikos\APPLIC~1\HOOLAP~1\Hoolapp.exe (.not file.)
O4 - HKCU\..\Run: [Bubble Dock] C:\Documents and Settings\Nikos\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>Toolbar.BubbleDock
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Media Finder] C:\Program Files\Media Finder\Media Finder.exe (.not file.) =>PUP.MediaFinder
O4 - HKCU\..\Run: [WebCake Desktop] . (.Bake Cake - Desktop.) -- C:\Documents and Settings\Nikos\Application Data\Tepfel\WebCakeDesktop.exe =>Adware.WebCake
O4 - HKCU\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar\Application\QuickShare.exe =>PUP.QuickShare
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [Hoolapp Android] C:\DOCUME~1\Nikos\APPLIC~1\HOOLAP~1\Hoolapp.exe (.not file.)
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [Bubble Dock] C:\Documents and Settings\Nikos\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>Toolbar.BubbleDock
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [Media Finder] C:\Program Files\Media Finder\Media Finder.exe (.not file.) =>PUP.MediaFinder
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [WebCake Desktop] . (.Bake Cake - Desktop.) -- C:\Documents and Settings\Nikos\Application Data\Tepfel\WebCakeDesktop.exe =>Adware.WebCake
O4 - HKUS\S-1-5-21-1659004503-179605362-725345543-1003\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar\Application\QuickShare.exe =>PUP.QuickShare
~ Application: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader 7.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7646-A70000000000}\SC_Reader_PM.ico
O4 - GS\Programs: Microsoft Office Excel Viewer.lnk . (...) -- C:\WINDOWS\Installer\{95120000-003F-040C-0000-0000000FF1CE}\xlvwicon.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\Programs: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
~ Global Startup: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} -- C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9C8832E-A64E-4AD0-9405-650D8BAD3E9F}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{E9C8832E-A64E-4AD0-9405-650D8BAD3E9F}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{E9C8832E-A64E-4AD0-9405-650D8BAD3E9F}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s

---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
O23 - Service: (WebCakeUpdater) . (.cake bake - Desktop.Updater.) - C:\Program Files\Tepfel\WebCakeDesktop.Updater.exe =>Adware.WebCake
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - C:\Program Files\WinZipper\winzipersvc.exe
~ Services: 8 Legitimates Filtered in 00mn 02s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AmiUpdXp.job [396] =>PUP.Software.Updater
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Torntv 2-codedownloader.job [1158] =>PUP.SoftwareEngine
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Torntv 2-enabler.job [1068] =>Hijacker.TornTV
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Torntv 2-updater.job [1164] =>Hijacker.TornTV
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\YourFile DownloaderUpdate.job [324] =>PUP.YourFileDownloader
~ Scheduled Task: 8 Legitimates Filtered in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM] -- {81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F} =>PUP.QuickShare
O42 - Logiciel: Torntv 2 - (.installdaddy.) [HKLM] -- Torntv 2 =>Hijacker.TornTV
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam =>Toolbar.Wajam
O42 - Logiciel: Web-Cake 3.00 - (.Web Cake LLC.) [HKLM] -- {C4ED781C-7394-4906-AAFF-D6AB64FF7C38} =>Adware.WebCake
~ Logic: 61 Legitimates Filtered in 00mn 01s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\Hoolapp]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\LyricsFan] =>Adware.AddLyrics
[HKCU\Software\MediaFinder] =>PUP.MediaFinder
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Torntv 2] =>Hijacker.TornTV
[HKCU\Software\Wajam] =>Toolbar.Wajam
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader
[HKCU\Software\delta LTD]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\526dddeb569bd12]
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\V9]
[HKLM\Software\YourFileDownloader] =>PUP.YourFileDownloader
[HKLM\Software\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\deskSvc]
[HKLM\Software\omigaplusSvc] =>Hijacker.OmigaPlus
~ Key Software: 192 Legitimates Filtered in 00mn 01s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/09/2013 - 16:21:47 - [0,971] ----D C:\Program Files\BearShare Applications =>PUP.BearShare
O43 - CFD: 03/09/2013 - 16:21:47 - [0,008] ----D C:\Program Files\Desk 365 =>Hijacker.22Find
O43 - CFD: 03/09/2013 - 16:21:47 - [0,003] ----D C:\Program Files\Movdap
O43 - CFD: 03/09/2013 - 16:21:47 - [0,015] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 03/09/2013 - 16:21:47 - [0,000] ----D C:\Program Files\Omiga Plus =>Hijacker.OmigaPlus
O43 - CFD: 03/09/2013 - 16:21:47 - [0,653] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 03/09/2013 - 16:21:47 - [5,272] ----D C:\Program Files\Torntv 2 =>Hijacker.TornTV
O43 - CFD: 03/09/2013 - 16:21:47 - [0,010] ----D C:\Program Files\TornTV.com =>Hijacker.TornTV
O43 - CFD: 03/09/2013 - 16:21:47 - [0,589] ----D C:\Program Files\Wajam =>Toolbar.Wajam
O43 - CFD: 12/08/2013 - 00:59:22 - [0] ----D C:\Documents and Settings\All Users\Application Data\APN
O43 - CFD: 12/06/2013 - 19:37:48 - [0] ----D C:\Documents and Settings\All Users\Application Data\Babylon =>Toolbar.Babylon
O43 - CFD: 05/08/2013 - 21:10:37 - [0,857] ----D C:\Documents and Settings\All Users\Application Data\eSafe
O43 - CFD: 26/08/2013 - 17:00:05 - [2,737] ----D C:\Documents and Settings\All Users\Application Data\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 12/06/2013 - 19:37:47 - [0,023] ----D C:\Documents and Settings\Nikos\Application Data\Babylon =>Toolbar.Babylon
O43 - CFD: 05/08/2013 - 00:46:38 - [6,934] ----D C:\Documents and Settings\Nikos\Application Data\Desk 365 =>Hijacker.22Find
O43 - CFD: 05/08/2013 - 00:44:51 - [5,776] ----D C:\Documents and Settings\Nikos\Application Data\eIntaller
O43 - CFD: 05/08/2013 - 00:47:33 - [0,430] ----D C:\Documents and Settings\Nikos\Application Data\Media Finder =>PUP.MediaFinder
O43 - CFD: 05/08/2013 - 20:59:54 - [6,748] ----D C:\Documents and Settings\Nikos\Application Data\Omiga Plus =>Hijacker.OmigaPlus
O43 - CFD: 12/06/2013 - 19:37:27 - [1,216] ----D C:\Documents and Settings\Nikos\Application Data\OpenCandy =>Adware.OpenCandy
O43 - CFD: 12/08/2013 - 00:59:28 - [0] ----D C:\Documents and Settings\Nikos\Application Data\Shareaza
O43 - CFD: 05/08/2013 - 00:44:05 - [0,293] ----D C:\Documents and Settings\Nikos\Application Data\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 05/08/2013 - 20:53:59 - [0] ----D C:\Documents and Settings\Nikos\Application Data\YourFileDownloader =>PUP.YourFileDownloader
O43 - CFD: 05/08/2013 - 21:12:00 - [0] ----D C:\Documents and Settings\Nikos\Local Settings\Application Data\Lollipop =>Adware.Lollipop
O43 - CFD: 05/08/2013 - 14:52:22 - [0] ----D C:\Documents and Settings\Nikos\Local Settings\Application Data\Shareaza
O43 - CFD: 26/08/2013 - 17:01:09 - [20,193] ----D C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar =>Hijacker.SmartBar
O43 - CFD: 01/09/2013 - 16:54:11 - [0,001] ----D C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\TornTV.com =>Hijacker.TornTV
O43 - CFD: 01/09/2013 - 16:54:11 - [0,001] ----D C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\Wajam =>Toolbar.Wajam
~ Program Folder: 118 Legitimates Filtered in 00mn 04s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0908843F183F495523235E461859D0E5] - 04/09/2013 - 00:09:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.7C2B5BE83E0B512E98127E09A986E036] - 04/09/2013 - 00:09:24 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.69D625AD9CEDD77C82F219619C7E2010] - 03/09/2013 - 23:47:22 ---A- . (...) -- C:\UsbFix [Clean 6] DEATH-AB5E7C82B.txt [11235]
O44 - LFC:[MD5.FC540618658C627A45FB24E909C30D68] - 03/09/2013 - 22:51:11 ----- . (...) -- C:\UsbFix [Clean 5] DEATH-AB5E7C82B.txt [12232]
O44 - LFC:[MD5.0D49128D21906FC2DEFF38F027C70783] - 03/09/2013 - 22:40:51 ----- . (...) -- C:\UsbFix [Clean 1] DEATH-AB5E7C82B.txt [9127]
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 03/09/2013 - 22:37:08 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/08/2013 - 18:32:25 ----- . (...) -- C:\end [0]
~ Files: 17 Legitimates Filtered in 00mn 01s

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe" [Enabled] .(.Wsys Co., Ltd..) -- C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\Downloader.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.) =>PUP.YourFileDownloader
O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\YourFile.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.) =>PUP.YourFileDownloader
O47 - AAKE:Key Export SP - "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" [Enabled] .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O47 - AAKE:Key Export DP - "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" [Enabled] .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
~ Keys Export: 11 Legitimates Filtered in 00mn 00s

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.6E9D3A8D1F6157962A4C16FB32D3D924] - 12/03/2005 - 09:11:55 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\Drivers\aswRdr.sys [14704]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 5 Legitimates Filtered in 00mn 00s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - SosVirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s

---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (5689) .(...) - LEGACY_5689
O64 - Services: CurCS - 05/01/2012 - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (AxAutoMntSrv) .(.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) - LEGACY_AXAUTOMNTSRV
O64 - Services: CurCS - 23/12/2009 - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWindServiceAE) .(.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - LEGACY_STARWINDSERVICEAE
O64 - Services: CurCS - 28/03/2013 - C:\Program Files\Wajam\Updater\WajamUpdater.exe (WajamUpdater) .(.Wajam - Auto-updater.) - LEGACY_WAJAMUPDATER =>Toolbar.Wajam
O64 - Services: CurCS - 10/08/2013 - C:\Program Files\Tepfel\WebCakeDesktop.Updater.exe (WebCakeUpdater) .(.cake bake - Desktop.Updater.) - LEGACY_WEBCAKEUPDATER =>Adware.WebCake
O64 - Services: CurCS - 05/08/2013 - C:\Program Files\WinZipper\winzipersvc.exe (winzipersvc) .(.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - LEGACY_WINZIPERSVC
~ Legacy: 115 Legitimates Filtered in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe" http://www.qvo6.com =>Hijacker.Qvo6
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.crossrider.bic", "13ff918317e9fa0b1f6bd757eeb1d433"); =>PUP.CrossRider
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.bbDpng", "12");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.dfltLng", "fr");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.hdrMd5", "F04D680CA2C97B86742321AFC6A4A19F");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.id", "90371eac00000000000000112fd96e48");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.instlDay", "15943");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.lastVrsnTs", "1.8.21.519:39:04");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.vrsn", "1.8.24.6");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.vrsnTs", "1.8.24.616:59:18");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta.vrsni", "1.8.24.6");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta_i.babExt", "");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta_i.babTrack", "affID=123884&tsp=4986");
O69 - SBI: prefs.js [Nikos - 144kn54p.default] user_pref("extensions.delta_i.srcExt", "ss");
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
~ Keys: Scanned in 00mn 00s

---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\526dddeb569bd12] => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.263BA7CF4B7970CE18FB54E0C4A05DD9] [WIS][26/08/2013] (.Linkury Inc. - QuickShare Widget.) -- C:\Windows\Installer\49c7f6a.msi [1643520] =>PUP.QuickShare
[MD5.F6BAB67F9BBDCA1C1C1615E66EFCA850] [WIS][19/07/2013] (.Google - Google Earth.) -- C:\Windows\Installer\627f78.msi [1317888]
~ WIS: 31 Legitimates Filtered in 00mn 02s

---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 25/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 30/11/2006 430080 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 05/01/2012 75624 | (AxAutoMntSrv) . (.Alcohol Soft Development Team.) - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
SS - | Demand 19/08/2004 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 27/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 27/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 26/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 15/01/2007 774144 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SR - | Demand 15/01/2007 266240 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
SR - | Auto 29/09/2004 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
SR - | Auto 28/03/2013 109064 | (WajamUpdater) . (.Wajam.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
SR - | Auto 10/08/2013 51992 | (WebCakeUpdater) . (.cake bake.) - C:\Program Files\Tepfel\WebCakeDesktop.Updater.exe =>Adware.WebCake
SR - | Auto 05/08/2013 424104 | (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite.) - C:\Program Files\WinZipper\winzipersvc.exe
~ Services: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : v2.12874 - (03/09/2013)
Clés trouvées (Keys found) : 95
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 27
Fichiers trouvés (Files found) : 28

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}] =>Adware.WebCake^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>PUP.QuickShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}] =>PUP.MediaFinder^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\WebCakeUpdater] =>Adware.WebCake^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}] =>PUP.QuickShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Torntv 2] =>Hijacker.TornTV^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>Toolbar.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}] =>Adware.WebCake^
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}] =>PUP.iMesh
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc] =>Hijacker.OmigaPlus
[HKLM\Software\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}] =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}] =>PUP.Software.Updater
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}] =>Trojan.Agent
[HKLM\Software\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}] =>Trojan.Agent
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\MediaFinder] =>PUP.MediaFinder
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder] =>PUP.MediaFinder
[HKLM\Software\Classes\gencrawler_gc.GenCrawler] =>PUP.MediaFinder
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\Software\Classes\MF] =>PUP.MediaFinder
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\qvo6Software] =>Hijacker.Qvo6
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\LyricsFan] =>Adware.AddLyrics
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity
[HKLM\Software\omigaplusSvc] =>Hijacker.OmigaPlus
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}] =>Adware.WebCake
[HKLM\Software\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}] =>Adware.WebCake
[HKLM\Software\Classes\WebCakeIEClient.Api] =>
[HKLM\Software\Classes\WebCakeIEClient.Api.1] =>
[HKLM\Software\Classes\AppID\WebCakeIEClient.DLL] =>
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CrossriderApp0035578.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035578.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035578.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0035578.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311551178}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322552278}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Wajam] =>Toolbar.Wajam
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{ae07101b-46d4-4a98-af68-0333ea26e113} =>PUP.QuickShare^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Bubble Dock =>Toolbar.BubbleDock^
C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\plugin@getwebcake.com =>Adware.WebCake^
C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\{0cd99a8e-61bc-4eba-8d37-474d8b896bc8} =>PUP.QuickShare^
C:\Program Files\BearShare Applications =>PUP.BearShare^
C:\Program Files\Desk 365 =>Hijacker.22Find^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\Omiga Plus =>Hijacker.OmigaPlus^
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\Program Files\Torntv 2 =>Hijacker.TornTV^
C:\Program Files\TornTV.com =>Hijacker.TornTV^
C:\Program Files\Wajam =>Toolbar.Wajam^
C:\Documents and Settings\All Users\Application Data\Babylon =>Toolbar.Babylon^
C:\Documents and Settings\All Users\Application Data\Tarma Installer =>Toolbar.Tarma^
C:\Documents and Settings\Nikos\Application Data\Babylon =>Toolbar.Babylon^
C:\Documents and Settings\Nikos\Application Data\Desk 365 =>Hijacker.22Find^
C:\Documents and Settings\Nikos\Application Data\Media Finder =>PUP.MediaFinder^
C:\Documents and Settings\Nikos\Application Data\Omiga Plus =>Hijacker.OmigaPlus^
C:\Documents and Settings\Nikos\Application Data\OpenCandy =>Adware.OpenCandy^
C:\Documents and Settings\Nikos\Application Data\SwvUpdater =>PUP.Software.Updater^
C:\Documents and Settings\Nikos\Application Data\YourFileDownloader =>PUP.YourFileDownloader^
C:\Documents and Settings\Nikos\Local Settings\Application Data\Lollipop =>Adware.Lollipop^
C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar =>Hijacker.SmartBar^
C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\TornTV.com =>Hijacker.TornTV^
C:\Documents and Settings\Nikos\Menu Démarrer\Programmes\Wajam =>Toolbar.Wajam^
C:\Program Files\Optimizer Pro =>PUP.OptimizerPro
C:\Documents and Settings\Nikos\Application Data\eIntaller =>PUP.eSafeSecurity
C:\Documents and Settings\Nikos\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com =>PUP.MediaFinder
C:\Documents and Settings\Nikos\Local Settings\Application Data\Bundled software uninstaller =>Adware.MegaSearch
C:\Documents and Settings\Nikos\Application Data\Tepfel\WebCakeDesktop.exe =>Adware.WebCake^
C:\Documents and Settings\Nikos\Local Settings\Application Data\Smartbar\Application\QuickShare.exe =>PUP.QuickShare^
C:\Program Files\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam^
C:\Program Files\Tepfel\WebCakeDesktop.Updater.exe =>Adware.WebCake^
C:\Documents and Settings\Nikos\Application Data\Mozilla\Firefox\Profiles\144kn54p.default\searchplugins\babylon.xml =>Toolbar.Babylon^
C:\Program Files\Mozilla FireFox\searchplugins\qvo6.xml =>Hijacker.Qvo6^
C:\Program Files\Torntv 2\Torntv 2-bho.dll =>PUP.CrossRider^
C:\Program Files\Tepfel\WebCakeIEClient.dll =>Adware.WebCake^
C:\Program Files\Wajam\IE\priam_bho.dll =>Toolbar.Wajam^
C:\Documents and Settings\Nikos\Application Data\Media Finder\Extensions\gencrawler_gc.dll =>PUP.MediaFinder^
C:\WINDOWS\system32\mscoree.dll =>PUP.QuickShare^
C:\WINDOWS\Tasks\AmiUpdXp.job =>PUP.Software.Updater^
C:\WINDOWS\Tasks\Torntv 2-codedownloader.job =>PUP.SoftwareEngine^
C:\WINDOWS\Tasks\Torntv 2-enabler.job =>Hijacker.TornTV^
C:\WINDOWS\Tasks\Torntv 2-updater.job =>Hijacker.TornTV^
C:\WINDOWS\Tasks\YourFile DownloaderUpdate.job =>PUP.YourFileDownloader^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\BearShare] =>PUP.BearShare^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\Torntv 2] =>Hijacker.TornTV^
[HKCU\Software\Wajam] =>Toolbar.Wajam^
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader^
[HKLM\Software\Babylon] =>Toolbar.Babylon^
[HKLM\Software\YourFileDownloader] =>PUP.YourFileDownloader^
[HKLM\Software\babylontoolbar] =>Toolbar.Babylon^
C:\Windows\Installer\49c7f6a.msi =>PUP.QuickShare^
~ Additionnel Scan: 134236 Items scanned in 00mn 15s

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27285539-adware-webcake =>Adware.WebCake
~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ ht
0

Discussions similaires

infection
gladiator1952 -
gladiator1952 -

6 réponses
Infection pc
Nanie24 -
Nanie24 -

22 réponses
[pnkbstra]infection
swazolie -
billou631 -

9 réponses
infection virus
Utilisateur anonyme -
Utilisateur anonyme -

3 réponses
infection winrmsrv
Connie -
Connie -

10 réponses