Rapport virus
bbidouff
Messages postés
1
Date d'inscription
Statut
Membre
Dernière intervention
-
lilidurhone Messages postés 43355 Date d'inscription Statut Contributeur sécurité Dernière intervention -
lilidurhone Messages postés 43355 Date d'inscription Statut Contributeur sécurité Dernière intervention -
bonjour tout le monde,
je soupçonne la présence de plusieurs virus sur mon ordi...je vous pose donc un rapport deZHPdiag .Si quelqu'un peux m aider ça serait super cool merci d avance.
~ Rapport de ZHPDiag v2014.4.3.2 - Nicolas Coolman (03/04/2014)
~ Lancé par bbidouf (04/04/2014 16:42:05)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):
---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 28.0
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1483.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.0 - Français
Java 7 Update 21
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 119 GB (80%) free of 149 GB
---\\ Mode de connexion au système
~ Computer Name: FRANCK-TSMU0D63
~ User Name: bbidouf
~ All Users Names: SUPPORT_388945a0, HelpAssistant, bbidouf, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\bbidouf\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\bbidouf\Application Data\
~ %Desktop% : C:\Documents and Settings\bbidouf\Bureau\
~ %Favorites% : C:\Documents and Settings\bbidouf\Favoris\
~ %LocalAppData% : C:\Documents and Settings\bbidouf\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\bbidouf\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 119 Go of 149 Go)
D: CD-ROM drive (Free 0 Go of 1 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.2A7BD330924252A2FD80344FC949BB72] - (.Microsoft Corporation - Explorateur Windows.) (.19/08/2004 - 16:09:54.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.4E958B97EFC3D801F49283D1820F48B7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/08/2004 - 16:09:48.) -- C:\WINDOWS\system32\wininet.dll [660480]
[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.19/08/2004 - 16:10:06.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/08/2004 - 23:14:16.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/08/2004 - 22:59:44.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/08/2004 - 23:14:12.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/08/2004 - 22:59:54.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.24/04/2003 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.19/08/2004 - 15:56:40.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/08/2004 - 23:00:16.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.03/08/2004 - 23:04:52.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.03/08/2004 - 23:14:30.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/08/2004 - 23:15:18.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.03/08/2004 - 23:14:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.03/08/2004 - 23:15:10.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/08/2004 - 15:51:44.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/08/2004 - 23:14:24.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/2004 - 23:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.19/08/2004 - 15:54:52.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/08/2004 - 15:59:14.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/32
~ Mes musiques (My Musics) : 1/87
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/168
~ Mon Bureau (My Desktop) : 0/929
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lancés
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1500]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.160]
[MD5.C849445FF9F85A2A58E38E105518B64A] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe [1074736] [PID.180] =>Adware.IMBooster
[MD5.CC3FDEF742497F1F019B9B852980570D] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe [884784] [PID.204] =>Adware.IMBooster
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.272]
[MD5.B8562FB84999DAA567055D299175D3DD] - (.Boxore OU - Boxore Client.) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe [970016] [PID.308] =>Adware.Boxore
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [859976] [PID.1052]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1564]
[MD5.95A008C9FE479F0F8238992CCA075AAD] - (.Iminent - Iminent Protection.) -- C:\Program Files\Fichiers communs\Umbrella\umbrella.exe [2931008] [PID.2124] =>Adware.IMBooster
[MD5.24FB8DB6D1D55E2C5D0A53DFE48E6AF8] - (.Microsoft - Y2Desktop.Updater.) -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe [23552] [PID.2352] =>Adware.Yontoo
[MD5.A2CB714DCF8F0E134F2429AF673C7C08] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [506744] [PID.2776]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.3668]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.732]
[MD5.E75DA1FAAFC9B69CCD0940F95C9D1CF7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8182272] [PID.3832]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.iminent.com =>Adware.IMBooster
G0 - GCSP: Preference [User Data\Default][HomePage] http://start.iminent.com =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [aemeppengemohiobmmjhfddbhcgkomhm] My World v.2.0.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] TV v.1.0.12 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fjkkongamjdfggeifeicejegagbhhjlf] Cinémur v.2.1 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ghmngbmfdgknokcefmkbjlcjabdklnlk] Magisto v.1.2.11471 (Activé)
G2 - GCE: Preference [User Data\Default] [glnghjdmpccckjmannckgnilnbgfdllm] Acupoints v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.8.0.1483, (Désactivé)
G2 - GCE: Preference [User Data\Default] [ioekoebejdcmnlefjiknokhhafglcjdl] Dropbox v.3.0.8 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Activé) =>Adware.Yontoo
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbchiajonfncphfgplcmdojihhlbffbd] TV France - Regarder Télévision v.2.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pbkenipghomdoldhjladnjlcfimnblif] Cours d'anglais Rich Morning Show v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.7, (Activé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [pbpohilckhbcljgoabiecdoinkaedlca] Smart Display v.1.6 (Activé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.14, (Activé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pgjchkcfmigkkhedgjedmffdepgmpfil] Psykopaint v.0.0.0.10 (Activé)
G2 - GCE: Preference [User Data\Default] [pnplklchpamcgolcbcpkfemgjldojdib] Play TV v.1.0 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aemeppengemohiobmmjhfddbhcgkomhm [My World]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Documents Google]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [TV]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [Facebook]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjkkongamjdfggeifeicejegagbhhjlf [Cinémur]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [Magisto]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\glnghjdmpccckjmannckgnilnbgfdllm [Acupoints]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [avast! WebRep]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [Dropbox]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [Yontoo] =>Adware.Yontoo
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbchiajonfncphfgplcmdojihhlbffbd [TV France - Regarder Télévision]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbkenipghomdoldhjladnjlcfimnblif [Cours d'anglais Rich Morning Show]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa [Smart Display] =>Spyware.SmartDisplay
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [MySearchDial] =>Adware.MyWebSearch
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [Psykopaint]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pnplklchpamcgolcbcpkfemgjldojdib [Play TV]
~ Google Lines Browser: 49 Scanned in 00mn 24s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\prefs.js
C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\user.js
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\BrowserProtect.xml =>Hijacker.Eazel
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch
M0 - MFSP: prefs.js [bbidouf - eg3l7wbx.default] http://search.iminent.com =>Adware.IMBooster
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\ffxtlbr@babylon.com] [] Babylon Toolbar v1.5.0 (..) =>PUP.Babylon
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..) =>Toolbar.DeltaSearch
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\ffxtlbr@mysearchdial.com] [] mysearchdial.com v1.6.0 (..) =>Adware.MyWebSearch
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\jid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\plugin@yontoo.com] [] Yontoo v1.20.02 (..) =>Adware.Yontoo
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}] [] BitComet ????? v1.35 (..) =>P2P.BitComet
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\{C9B68337-E93A-44EA-94DC-CB300EC06444}] [] IMinent Toolbar v5.30.4 (..) =>Adware.IMBooster
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.0.2.122.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\WINDOWS\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@www.dlmanager.net/omaha/tools//Software Update;version=8] - (.Boxore OU. - Software Update.) -- C:\Program Files\Software\Update\1.2.201.0\npSoftwareOneClick8.dll =>Adware.Boxore
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll
~ Firefox Browser: 30 Scanned in 00mn 04s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com =>Adware.IMBooster
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com =>Adware.MyWebSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 10 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll =>P2P.BitComet
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} . (.APC - Browser Helper Object.) -- C:\Program Files\Internet Explorer\IEAddon.dll
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\IMinent Toolbar\tbcore3.dll =>Adware.IMBooster
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.SIEN - Minibar.) -- C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll =>PUP.Minibar
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll =>Toolbar.DeltaSearch
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.Ironsource Israel (2011) LTD - Pas de description.) -- C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll =>Adware.MyWebSearch
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} . (.PricePeep - PricePeep.) -- C:\Program Files\PricePeep\pricepeep.dll =>Adware.PricePeep
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 22 Scanned in 00mn 04s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: IMinent Toolbar - [HKLM]{977AE9CC-AF83-45E8-9E03-E2798216E2D5} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\IMinent Toolbar\tbcore3.dll =>Adware.IMBooster
O3 - Toolbar: Delta Toolbar - [HKLM]{82E1477C-B154-48D3-9891-33D83C26BCD3} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll =>Toolbar.DeltaSearch
O3 - Toolbar: mysearchdial Toolbar - [HKLM]{3004627E-F8E9-4E8B-909D-316753CBA923} . (.Ironsource Israel (2011) LTD - Pas de description.) -- C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll =>Adware.MyWebSearch
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Adobe Photoshop Lightroom 3.6.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 3.6\lightroom.exe =>.Adobe Systems Incorporated
O4 - GS\Program [AllUsers]: Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O4 - GS\Program [AllUsers]: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [bbidouf]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation
O4 - GS\Program [bbidouf]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 6 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ATICustomerCare] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (.not file.)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [Boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Documents and Settings\bbidouf\Application Data\Yontoo\YontooDesktop.exe =>Adware.Yontoo
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_82E57CE069F0F14BB998EF42E72ABB17] . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (.not file.)
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Documents and Settings\bbidouf\Application Data\Yontoo\YontooDesktop.exe =>Adware.Yontoo
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [GoogleChromeAutoLaunch_82E57CE069F0F14BB998EF42E72ABB17] . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 02s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll =>P2P.BitComet
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6D5AA79-AA51-4A9B-8179-D79C9C5BB8FA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6D5AA79-AA51-4A9B-8179-D79C9C5BB8FA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{A6D5AA79-AA51-4A9B-8179-D79C9C5BB8FA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files\Fichiers communs\Umbrella\umbrella.exe =>Adware.IMBooster
O23 - Service: Software Update Service (supdate) (supdate) . (.Boxore OU. - Programme d'installation de Software.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
~ Services: 4 Scanned in 00mn 28s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\bbidouf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\bbidouf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\avast! Emergency Update.job [366]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003Core.job [1104]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003UA.job [1156]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore.job [1072]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job [1076]
[MD5.9D96B0D5855FD1B98023B3EEC9F06786] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.AB3C4A3667AEAD147F175721D8719B78] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [250248]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003Core] (.Google Inc..) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003UA] (.Google Inc..) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648]
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineCore] (.Boxore OU..) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineUA] (.Boxore OU..) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
~ Scheduled Task: 17 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\System32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_12_0_0_77.ocx
O40 - ASIC: Installed Component - S-1-5-21-1844237615-2052111302-839522115-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 17 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 63 Scanned in 00mn 02s
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
O42 - Logiciel: ATI Stream SDK v2 Developer - (.ATI Technologies Inc..) [HKLM] -- {0ED98038-0885-F902-C419-669ADE471A46}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Lightroom 3.6 - (.Adobe.) [HKLM] -- {D0ACE207-0F90-402C-8CFA-2CB3D44CE689} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.5.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Babylon toolbar - (.BabylonToolbar.) [HKLM] -- BabylonToolbar =>PUP.Babylon
O42 - Logiciel: BitComet 1.35 - (.CometNetwork.) [HKLM] -- BitComet =>P2P.BitComet
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM] -- {4C6F4EE5-F42F-4288-B970-2B5FAD1D85BD} =>Adware.Boxore
O42 - Logiciel: Browser Helper Object - (.APC Soft.) [HKLM] -- Browser Helper Object1.4
O42 - Logiciel: Delta Chrome Toolbar - (.Delta.) [HKLM] -- Delta Chrome Toolbar =>Toolbar.DeltaSearch
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM] -- delta =>Toolbar.DeltaSearch
O42 - Logiciel: FreeMind - (...) [HKLM] -- B991B020-2968-11D8-AF23-444553540000_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- IMBoosterARP =>Adware.IMBooster
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00} =>Adware.IMBooster
O42 - Logiciel: Iminent Toolbar For Internet Explorer - (.Iminent.) [HKLM] -- {A76AA284-E52D-47E6-9E4F-B85DBF8E35C3} =>Adware.IMBooster
O42 - Logiciel: InterActual Player - (...) [HKLM] -- InterActual Player
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Lexicon Alpha ASIO(remove only) - (...) [HKLM] -- Alpha ASIO driver
O42 - Logiciel: Lexicon Alpha Driver - (.Lexicon.) [HKLM] -- Lexicon Alpha Driver
O42 - Logiciel: Lexicon Alpha Driver - (.Lexicon.) [HKLM] -- {AAFA253A-08A9-46A8-AB30-B4C26E578424}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB954459) - (.Microsoft Corporation.) [HKLM] -- {97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
O42 - Logiciel: Magic Photo Recovery 3.3 - (...) [HKLM] -- Magic Photo Recovery
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100
O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 28.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: PDF Reader - (...) [HKCU] -- PDF Reader
O42 - Logiciel: PricePeep - (.betwikx LLC.) [HKLM] -- PricePeep =>Adware.PricePeep
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: Software Update Helper - (.Boxore OU..) [HKLM] -- {006E6A46-8D55-4F10-BBA8-2C9653B4278B} =>Adware.Boxore
O42 - Logiciel: Software Version Updater - (...) [HKLM] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Software.Updater
O42 - Logiciel: Sony Vegas Movie Studio 8.0 - (.Sony.) [HKLM] -- {62892E81-E6D4-4550-AA61-183839FEF370}
O42 - Logiciel: The Lord of the Rings FREE Trial - (.ATI Technologies Inc..) [HKLM] -- {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
O42 - Logiciel: Update for MySearchDial - (.Update for MySearchDial.) [HKCU] -- MySearchDial =>Adware.MyWebSearch
O42 - Logiciel: Update for PDF Reader - (...) [HKCU] -- DSite =>Hijacker.DSite
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: Yontoo 2.053 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 62 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5ce8b8cb16aef49] =>Hijacker.Eazel
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\ChicaLogic, Inc.]
[HKCU\Software\ChicaLogic]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DSiteProducts] =>Hijacker.DSite
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\DirectShow]
[HKCU\Software\East Imperial Soft]
[HKCU\Software\Google]
[HKCU\Software\IADirectShow]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opendisc]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Sony Media Software]
[HKCU\Software\TBSB01620]
[HKCU\Software\TeleCharger]
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\mozilla]
[HKCU\Software\mysearchdial.com] =>Adware.MyWebSearch
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\5ce8b8cb16aef49] =>Hijacker.Eazel
[HKLM\Software\5e3]
[HKLM\Software\781]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\ChicaLogic, Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HighCriteria]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Lexicon]
[HKLM\Software\Licenses]
[HKLM\Software\Loader]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Rocket Division Software]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SoftShape]
[HKLM\Software\Software]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Sony Media Software]
[HKLM\Software\Symantec]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Umbrella]
[HKLM\Software\VST]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\dotNetInstaller]
[HKLM\Software\mozilla.org]
~ Key Software: 215 Scanned in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/04/2013 - 00:58:38 - [168,343] ----D C:\Program Files\Adobe
O43 - CFD: 12/11/2013 - 21:40:23 - [2,316] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 26/03/2013 - 19:04:38 - [0,584] ----D C:\Program Files\ATI
O43 - CFD: 26/03/2013 - 19:04:35 - [20,043] ----D C:\Program Files\ATI Stream
O43 - CFD: 26/03/2013 - 19:04:13 - [0] ----D C:\Program Files\ATI Technologies
O43 - CFD: 26/03/2013 - 19:52:44 - [418,671] ----D C:\Program Files\AVAST Software
O43 - CFD: 01/04/2013 - 19:21:35 - [1,486] ----D C:\Program Files\BabylonToolbar =>PUP.Babylon
O43 - CFD: 06/04/2013 - 18:26:51 - [24,522] ----D C:\Program Files\BitComet =>P2P.BitComet
O43 - CFD: 26/03/2014 - 14:04:46 - [2,877] ----D C:\Program Files\Boxore =>Adware.Boxore
O43 - CFD: 01/04/2013 - 19:20:51 - [2,261] ----D C:\Program Files\Browser Helper Object
O43 - CFD: 21/03/2013 - 16:10:09 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 14/05/2013 - 20:21:34 - [2,787] ----D C:\Program Files\Delta
O43 - CFD: 29/05/2013 - 18:17:52 - [7,967] ----D C:\Program Files\East Imperial Soft
O43 - CFD: 12/11/2013 - 21:42:07 - [314,494] ----D C:\Program Files\Fichiers communs
O43 - CFD: 30/05/2013 - 13:36:26 - [16,071] ----D C:\Program Files\FreeMind
O43 - CFD: 21/02/2014 - 22:27:58 - [17,344] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 04/04/2013 - 21:55:20 - [3,373] ----D C:\Program Files\IMinent Toolbar =>Adware.IMBooster
O43 - CFD: 25/03/2014 - 21:51:59 - [6,966] ----D C:\Program Files\InterActual
O43 - CFD: 12/11/2013 - 19:34:06 - [2,596] ----D C:\Program Files\Internet Explorer
O43 - CFD: 03/05/2013 - 12:46:32 - [123,356] ----D C:\Program Files\Java
O43 - CFD: 26/03/2013 - 19:35:08 - [11,019] ----D C:\Program Files\Lexicon
O43 - CFD: 26/03/2013 - 18:54:37 - [2,088] ----D C:\Program Files\Messenger
O43 - CFD: 21/03/2013 - 16:13:22 - [0] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 17/05/2013 - 19:18:30 - [328,340] ----D C:\Program Files\Microsoft Office
O43 - CFD: 24/05/2013 - 14:01:01 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 17/05/2013 - 19:18:59 - [3,032] ----D C:\Program Files\Microsoft Works
O43 - CFD: 04/04/2013 - 22:01:38 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 26/03/2013 - 18:54:30 - [10,822] ----D C:\Program Files\Movie Maker
O43 - CFD: 03/04/2014 - 23:58:37 - [56,255] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 04/04/2014 - 12:46:10 - [0,330] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 21/03/2013 - 16:09:56 - [8,341] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 14/05/2013 - 17:37:28 - [0,017] ----D C:\Program Files\MSXML 6.0
O43 - CFD: 12/11/2013 - 20:13:36 - [2,952] ----D C:\Program Files\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 26/03/2013 - 18:53:34 - [3,133] ----D C:\Program Files\NetMeeting
O43 - CFD: 26/03/2013 - 18:53:32 - [4,173] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 18/05/2013 - 18:50:05 - [4,982] ----D C:\Program Files\PDFReader
O43 - CFD: 01/04/2013 - 19:21:02 - [0,769] ----D C:\Program Files\PricePeep =>Adware.PricePeep
O43 - CFD: 12/11/2013 - 21:43:45 - [73,545] ----D C:\Program Files\QuickTime
O43 - CFD: 23/09/2013 - 12:54:46 - [4,486] ----D C:\Program Files\Recuva
O43 - CFD: 21/03/2013 - 16:10:06 - [0,003] ----D C:\Program Files\Services en ligne
O43 - CFD: 14/05/2013 - 20:22:13 - [2,991] ----D C:\Program Files\Software
O43 - CFD: 12/11/2013 - 19:41:31 - [137,913] ----D C:\Program Files\Sony
O43 - CFD: 12/11/2013 - 19:31:06 - [80,814] ----D C:\Program Files\Sony Setup
O43 - CFD: 21/03/2013 - 16:18:45 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 04/04/2013 - 21:59:15 - [95,075] ----D C:\Program Files\VideoLAN
O43 - CFD: 12/11/2013 - 19:42:01 - [0] ----D C:\Program Files\Vstplugins
O43 - CFD: 26/03/2013 - 18:55:11 - [6,255] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/03/2013 - 18:53:32 - [3,754] ----D C:\Program Files\Windows NT
O43 - CFD: 26/03/2013 - 18:28:58 - [0,001] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 21/03/2013 - 16:13:22 - [0] ----D C:\Program Files\xerox
O43 - CFD: 18/05/2013 - 18:52:22 - [0,871] ----D C:\Program Files\Yontoo =>Adware.Yontoo
O43 - CFD: 04/04/2014 - 16:42:07 - [17,117] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 19/09/2013 - 18:08:53 - [1,727] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 12/11/2013 - 21:42:07 - [63,895] ----D C:\Program Files\Fichiers communs\Apple
O43 - CFD: 17/05/2013 - 19:18:22 - [0,089] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 03/05/2013 - 12:47:47 - [1,189] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/05/2013 - 19:18:49 - [201,710] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 21/03/2013 - 16:11:00 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 21/03/2013 - 15:59:59 - [0] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 21/03/2013 - 16:11:08 - [0,008] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 21/03/2013 - 15:59:55 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 26/03/2013 - 18:53:31 - [39,198] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 03/04/2014 - 22:03:57 - [2,795] ----D C:\Program Files\Fichiers communs\Umbrella
O43 - CFD: 05/10/2013 - 14:48:35 - [4,786] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 12/11/2013 - 21:40:20 - [22,757] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 12/11/2013 - 21:42:52 - [26,332] ----D C:\Docum
je soupçonne la présence de plusieurs virus sur mon ordi...je vous pose donc un rapport deZHPdiag .Si quelqu'un peux m aider ça serait super cool merci d avance.
~ Rapport de ZHPDiag v2014.4.3.2 - Nicolas Coolman (03/04/2014)
~ Lancé par bbidouf (04/04/2014 16:42:05)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):
---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 28.0
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1483.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.0 - Français
Java 7 Update 21
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 119 GB (80%) free of 149 GB
---\\ Mode de connexion au système
~ Computer Name: FRANCK-TSMU0D63
~ User Name: bbidouf
~ All Users Names: SUPPORT_388945a0, HelpAssistant, bbidouf, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\bbidouf\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\bbidouf\Application Data\
~ %Desktop% : C:\Documents and Settings\bbidouf\Bureau\
~ %Favorites% : C:\Documents and Settings\bbidouf\Favoris\
~ %LocalAppData% : C:\Documents and Settings\bbidouf\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\bbidouf\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 119 Go of 149 Go)
D: CD-ROM drive (Free 0 Go of 1 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.2A7BD330924252A2FD80344FC949BB72] - (.Microsoft Corporation - Explorateur Windows.) (.19/08/2004 - 16:09:54.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.4E958B97EFC3D801F49283D1820F48B7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/08/2004 - 16:09:48.) -- C:\WINDOWS\system32\wininet.dll [660480]
[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.19/08/2004 - 16:10:06.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/08/2004 - 23:14:16.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/08/2004 - 22:59:44.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/08/2004 - 23:14:12.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/08/2004 - 22:59:54.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.24/04/2003 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.19/08/2004 - 15:56:40.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/08/2004 - 23:00:16.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.03/08/2004 - 23:04:52.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.03/08/2004 - 23:14:30.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/08/2004 - 23:15:18.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.03/08/2004 - 23:14:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.03/08/2004 - 23:15:10.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/08/2004 - 15:51:44.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/08/2004 - 23:14:24.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/2004 - 23:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.19/08/2004 - 15:54:52.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/08/2004 - 15:59:14.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/32
~ Mes musiques (My Musics) : 1/87
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/168
~ Mon Bureau (My Desktop) : 0/929
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lancés
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1500]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.160]
[MD5.C849445FF9F85A2A58E38E105518B64A] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe [1074736] [PID.180] =>Adware.IMBooster
[MD5.CC3FDEF742497F1F019B9B852980570D] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe [884784] [PID.204] =>Adware.IMBooster
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.272]
[MD5.B8562FB84999DAA567055D299175D3DD] - (.Boxore OU - Boxore Client.) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe [970016] [PID.308] =>Adware.Boxore
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [859976] [PID.1052]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1564]
[MD5.95A008C9FE479F0F8238992CCA075AAD] - (.Iminent - Iminent Protection.) -- C:\Program Files\Fichiers communs\Umbrella\umbrella.exe [2931008] [PID.2124] =>Adware.IMBooster
[MD5.24FB8DB6D1D55E2C5D0A53DFE48E6AF8] - (.Microsoft - Y2Desktop.Updater.) -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe [23552] [PID.2352] =>Adware.Yontoo
[MD5.A2CB714DCF8F0E134F2429AF673C7C08] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [506744] [PID.2776]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.3668]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.732]
[MD5.E75DA1FAAFC9B69CCD0940F95C9D1CF7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8182272] [PID.3832]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.iminent.com =>Adware.IMBooster
G0 - GCSP: Preference [User Data\Default][HomePage] http://start.iminent.com =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [aemeppengemohiobmmjhfddbhcgkomhm] My World v.2.0.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] TV v.1.0.12 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fjkkongamjdfggeifeicejegagbhhjlf] Cinémur v.2.1 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ghmngbmfdgknokcefmkbjlcjabdklnlk] Magisto v.1.2.11471 (Activé)
G2 - GCE: Preference [User Data\Default] [glnghjdmpccckjmannckgnilnbgfdllm] Acupoints v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.8.0.1483, (Désactivé)
G2 - GCE: Preference [User Data\Default] [ioekoebejdcmnlefjiknokhhafglcjdl] Dropbox v.3.0.8 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Activé) =>Adware.Yontoo
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbchiajonfncphfgplcmdojihhlbffbd] TV France - Regarder Télévision v.2.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pbkenipghomdoldhjladnjlcfimnblif] Cours d'anglais Rich Morning Show v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.7, (Activé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [pbpohilckhbcljgoabiecdoinkaedlca] Smart Display v.1.6 (Activé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.14, (Activé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pgjchkcfmigkkhedgjedmffdepgmpfil] Psykopaint v.0.0.0.10 (Activé)
G2 - GCE: Preference [User Data\Default] [pnplklchpamcgolcbcpkfemgjldojdib] Play TV v.1.0 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aemeppengemohiobmmjhfddbhcgkomhm [My World]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Documents Google]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [TV]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [Facebook]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjkkongamjdfggeifeicejegagbhhjlf [Cinémur]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [Magisto]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\glnghjdmpccckjmannckgnilnbgfdllm [Acupoints]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [avast! WebRep]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [Dropbox]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [Yontoo] =>Adware.Yontoo
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbchiajonfncphfgplcmdojihhlbffbd [TV France - Regarder Télévision]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbkenipghomdoldhjladnjlcfimnblif [Cours d'anglais Rich Morning Show]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa [Smart Display] =>Spyware.SmartDisplay
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [MySearchDial] =>Adware.MyWebSearch
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [Psykopaint]
G2 - EXT: C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pnplklchpamcgolcbcpkfemgjldojdib [Play TV]
~ Google Lines Browser: 49 Scanned in 00mn 24s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\prefs.js
C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\user.js
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\BrowserProtect.xml =>Hijacker.Eazel
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [bbidouf] -- C:\Documents and Settings\bbidouf\Application Data\Mozilla\Firefox\Profiles\eg3l7wbx.default\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch
M0 - MFSP: prefs.js [bbidouf - eg3l7wbx.default] http://search.iminent.com =>Adware.IMBooster
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\ffxtlbr@babylon.com] [] Babylon Toolbar v1.5.0 (..) =>PUP.Babylon
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..) =>Toolbar.DeltaSearch
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\ffxtlbr@mysearchdial.com] [] mysearchdial.com v1.6.0 (..) =>Adware.MyWebSearch
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\jid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\plugin@yontoo.com] [] Yontoo v1.20.02 (..) =>Adware.Yontoo
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}] [] BitComet ????? v1.35 (..) =>P2P.BitComet
M2 - MFEP: prefs.js [bbidouf - eg3l7wbx.default\{C9B68337-E93A-44EA-94DC-CB300EC06444}] [] IMinent Toolbar v5.30.4 (..) =>Adware.IMBooster
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.0.2.122.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\WINDOWS\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@www.dlmanager.net/omaha/tools//Software Update;version=8] - (.Boxore OU. - Software Update.) -- C:\Program Files\Software\Update\1.2.201.0\npSoftwareOneClick8.dll =>Adware.Boxore
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll
~ Firefox Browser: 30 Scanned in 00mn 04s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com =>Adware.IMBooster
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com =>Adware.MyWebSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 10 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll =>P2P.BitComet
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} . (.APC - Browser Helper Object.) -- C:\Program Files\Internet Explorer\IEAddon.dll
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\IMinent Toolbar\tbcore3.dll =>Adware.IMBooster
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.SIEN - Minibar.) -- C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll =>PUP.Minibar
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll =>Toolbar.DeltaSearch
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.Ironsource Israel (2011) LTD - Pas de description.) -- C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll =>Adware.MyWebSearch
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} . (.PricePeep - PricePeep.) -- C:\Program Files\PricePeep\pricepeep.dll =>Adware.PricePeep
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 22 Scanned in 00mn 04s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: IMinent Toolbar - [HKLM]{977AE9CC-AF83-45E8-9E03-E2798216E2D5} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\IMinent Toolbar\tbcore3.dll =>Adware.IMBooster
O3 - Toolbar: Delta Toolbar - [HKLM]{82E1477C-B154-48D3-9891-33D83C26BCD3} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll =>Toolbar.DeltaSearch
O3 - Toolbar: mysearchdial Toolbar - [HKLM]{3004627E-F8E9-4E8B-909D-316753CBA923} . (.Ironsource Israel (2011) LTD - Pas de description.) -- C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll =>Adware.MyWebSearch
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Adobe Photoshop Lightroom 3.6.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 3.6\lightroom.exe =>.Adobe Systems Incorporated
O4 - GS\Program [AllUsers]: Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O4 - GS\Program [AllUsers]: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [bbidouf]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation
O4 - GS\Program [bbidouf]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 6 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ATICustomerCare] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (.not file.)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [Boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Documents and Settings\bbidouf\Application Data\Yontoo\YontooDesktop.exe =>Adware.Yontoo
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_82E57CE069F0F14BB998EF42E72ABB17] . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (.not file.)
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Documents and Settings\bbidouf\Application Data\Yontoo\YontooDesktop.exe =>Adware.Yontoo
O4 - HKUS\S-1-5-21-1844237615-2052111302-839522115-1003\..\Run: [GoogleChromeAutoLaunch_82E57CE069F0F14BB998EF42E72ABB17] . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 02s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll =>P2P.BitComet
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6D5AA79-AA51-4A9B-8179-D79C9C5BB8FA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6D5AA79-AA51-4A9B-8179-D79C9C5BB8FA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{A6D5AA79-AA51-4A9B-8179-D79C9C5BB8FA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files\Fichiers communs\Umbrella\umbrella.exe =>Adware.IMBooster
O23 - Service: Software Update Service (supdate) (supdate) . (.Boxore OU. - Programme d'installation de Software.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
~ Services: 4 Scanned in 00mn 28s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\bbidouf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\bbidouf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\avast! Emergency Update.job [366]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003Core.job [1104]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003UA.job [1156]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore.job [1072]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job [1076]
[MD5.9D96B0D5855FD1B98023B3EEC9F06786] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.AB3C4A3667AEAD147F175721D8719B78] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [250248]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003Core] (.Google Inc..) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1844237615-2052111302-839522115-1003UA] (.Google Inc..) -- C:\Documents and Settings\bbidouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648]
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineCore] (.Boxore OU..) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineUA] (.Boxore OU..) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
~ Scheduled Task: 17 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\System32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_12_0_0_77.ocx
O40 - ASIC: Installed Component - S-1-5-21-1844237615-2052111302-839522115-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 17 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 63 Scanned in 00mn 02s
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
O42 - Logiciel: ATI Stream SDK v2 Developer - (.ATI Technologies Inc..) [HKLM] -- {0ED98038-0885-F902-C419-669ADE471A46}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Lightroom 3.6 - (.Adobe.) [HKLM] -- {D0ACE207-0F90-402C-8CFA-2CB3D44CE689} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.5.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Babylon toolbar - (.BabylonToolbar.) [HKLM] -- BabylonToolbar =>PUP.Babylon
O42 - Logiciel: BitComet 1.35 - (.CometNetwork.) [HKLM] -- BitComet =>P2P.BitComet
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM] -- {4C6F4EE5-F42F-4288-B970-2B5FAD1D85BD} =>Adware.Boxore
O42 - Logiciel: Browser Helper Object - (.APC Soft.) [HKLM] -- Browser Helper Object1.4
O42 - Logiciel: Delta Chrome Toolbar - (.Delta.) [HKLM] -- Delta Chrome Toolbar =>Toolbar.DeltaSearch
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM] -- delta =>Toolbar.DeltaSearch
O42 - Logiciel: FreeMind - (...) [HKLM] -- B991B020-2968-11D8-AF23-444553540000_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- IMBoosterARP =>Adware.IMBooster
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00} =>Adware.IMBooster
O42 - Logiciel: Iminent Toolbar For Internet Explorer - (.Iminent.) [HKLM] -- {A76AA284-E52D-47E6-9E4F-B85DBF8E35C3} =>Adware.IMBooster
O42 - Logiciel: InterActual Player - (...) [HKLM] -- InterActual Player
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Lexicon Alpha ASIO(remove only) - (...) [HKLM] -- Alpha ASIO driver
O42 - Logiciel: Lexicon Alpha Driver - (.Lexicon.) [HKLM] -- Lexicon Alpha Driver
O42 - Logiciel: Lexicon Alpha Driver - (.Lexicon.) [HKLM] -- {AAFA253A-08A9-46A8-AB30-B4C26E578424}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB954459) - (.Microsoft Corporation.) [HKLM] -- {97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
O42 - Logiciel: Magic Photo Recovery 3.3 - (...) [HKLM] -- Magic Photo Recovery
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100
O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 28.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: PDF Reader - (...) [HKCU] -- PDF Reader
O42 - Logiciel: PricePeep - (.betwikx LLC.) [HKLM] -- PricePeep =>Adware.PricePeep
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: Software Update Helper - (.Boxore OU..) [HKLM] -- {006E6A46-8D55-4F10-BBA8-2C9653B4278B} =>Adware.Boxore
O42 - Logiciel: Software Version Updater - (...) [HKLM] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Software.Updater
O42 - Logiciel: Sony Vegas Movie Studio 8.0 - (.Sony.) [HKLM] -- {62892E81-E6D4-4550-AA61-183839FEF370}
O42 - Logiciel: The Lord of the Rings FREE Trial - (.ATI Technologies Inc..) [HKLM] -- {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
O42 - Logiciel: Update for MySearchDial - (.Update for MySearchDial.) [HKCU] -- MySearchDial =>Adware.MyWebSearch
O42 - Logiciel: Update for PDF Reader - (...) [HKCU] -- DSite =>Hijacker.DSite
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: Yontoo 2.053 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 62 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5ce8b8cb16aef49] =>Hijacker.Eazel
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\ChicaLogic, Inc.]
[HKCU\Software\ChicaLogic]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DSiteProducts] =>Hijacker.DSite
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\DirectShow]
[HKCU\Software\East Imperial Soft]
[HKCU\Software\Google]
[HKCU\Software\IADirectShow]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opendisc]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Sony Media Software]
[HKCU\Software\TBSB01620]
[HKCU\Software\TeleCharger]
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\mozilla]
[HKCU\Software\mysearchdial.com] =>Adware.MyWebSearch
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\5ce8b8cb16aef49] =>Hijacker.Eazel
[HKLM\Software\5e3]
[HKLM\Software\781]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\ChicaLogic, Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HighCriteria]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Lexicon]
[HKLM\Software\Licenses]
[HKLM\Software\Loader]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Rocket Division Software]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SoftShape]
[HKLM\Software\Software]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Sony Media Software]
[HKLM\Software\Symantec]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Umbrella]
[HKLM\Software\VST]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\dotNetInstaller]
[HKLM\Software\mozilla.org]
~ Key Software: 215 Scanned in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/04/2013 - 00:58:38 - [168,343] ----D C:\Program Files\Adobe
O43 - CFD: 12/11/2013 - 21:40:23 - [2,316] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 26/03/2013 - 19:04:38 - [0,584] ----D C:\Program Files\ATI
O43 - CFD: 26/03/2013 - 19:04:35 - [20,043] ----D C:\Program Files\ATI Stream
O43 - CFD: 26/03/2013 - 19:04:13 - [0] ----D C:\Program Files\ATI Technologies
O43 - CFD: 26/03/2013 - 19:52:44 - [418,671] ----D C:\Program Files\AVAST Software
O43 - CFD: 01/04/2013 - 19:21:35 - [1,486] ----D C:\Program Files\BabylonToolbar =>PUP.Babylon
O43 - CFD: 06/04/2013 - 18:26:51 - [24,522] ----D C:\Program Files\BitComet =>P2P.BitComet
O43 - CFD: 26/03/2014 - 14:04:46 - [2,877] ----D C:\Program Files\Boxore =>Adware.Boxore
O43 - CFD: 01/04/2013 - 19:20:51 - [2,261] ----D C:\Program Files\Browser Helper Object
O43 - CFD: 21/03/2013 - 16:10:09 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 14/05/2013 - 20:21:34 - [2,787] ----D C:\Program Files\Delta
O43 - CFD: 29/05/2013 - 18:17:52 - [7,967] ----D C:\Program Files\East Imperial Soft
O43 - CFD: 12/11/2013 - 21:42:07 - [314,494] ----D C:\Program Files\Fichiers communs
O43 - CFD: 30/05/2013 - 13:36:26 - [16,071] ----D C:\Program Files\FreeMind
O43 - CFD: 21/02/2014 - 22:27:58 - [17,344] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 04/04/2013 - 21:55:20 - [3,373] ----D C:\Program Files\IMinent Toolbar =>Adware.IMBooster
O43 - CFD: 25/03/2014 - 21:51:59 - [6,966] ----D C:\Program Files\InterActual
O43 - CFD: 12/11/2013 - 19:34:06 - [2,596] ----D C:\Program Files\Internet Explorer
O43 - CFD: 03/05/2013 - 12:46:32 - [123,356] ----D C:\Program Files\Java
O43 - CFD: 26/03/2013 - 19:35:08 - [11,019] ----D C:\Program Files\Lexicon
O43 - CFD: 26/03/2013 - 18:54:37 - [2,088] ----D C:\Program Files\Messenger
O43 - CFD: 21/03/2013 - 16:13:22 - [0] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 17/05/2013 - 19:18:30 - [328,340] ----D C:\Program Files\Microsoft Office
O43 - CFD: 24/05/2013 - 14:01:01 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 17/05/2013 - 19:18:59 - [3,032] ----D C:\Program Files\Microsoft Works
O43 - CFD: 04/04/2013 - 22:01:38 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 26/03/2013 - 18:54:30 - [10,822] ----D C:\Program Files\Movie Maker
O43 - CFD: 03/04/2014 - 23:58:37 - [56,255] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 04/04/2014 - 12:46:10 - [0,330] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 21/03/2013 - 16:09:56 - [8,341] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 14/05/2013 - 17:37:28 - [0,017] ----D C:\Program Files\MSXML 6.0
O43 - CFD: 12/11/2013 - 20:13:36 - [2,952] ----D C:\Program Files\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 26/03/2013 - 18:53:34 - [3,133] ----D C:\Program Files\NetMeeting
O43 - CFD: 26/03/2013 - 18:53:32 - [4,173] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 18/05/2013 - 18:50:05 - [4,982] ----D C:\Program Files\PDFReader
O43 - CFD: 01/04/2013 - 19:21:02 - [0,769] ----D C:\Program Files\PricePeep =>Adware.PricePeep
O43 - CFD: 12/11/2013 - 21:43:45 - [73,545] ----D C:\Program Files\QuickTime
O43 - CFD: 23/09/2013 - 12:54:46 - [4,486] ----D C:\Program Files\Recuva
O43 - CFD: 21/03/2013 - 16:10:06 - [0,003] ----D C:\Program Files\Services en ligne
O43 - CFD: 14/05/2013 - 20:22:13 - [2,991] ----D C:\Program Files\Software
O43 - CFD: 12/11/2013 - 19:41:31 - [137,913] ----D C:\Program Files\Sony
O43 - CFD: 12/11/2013 - 19:31:06 - [80,814] ----D C:\Program Files\Sony Setup
O43 - CFD: 21/03/2013 - 16:18:45 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 04/04/2013 - 21:59:15 - [95,075] ----D C:\Program Files\VideoLAN
O43 - CFD: 12/11/2013 - 19:42:01 - [0] ----D C:\Program Files\Vstplugins
O43 - CFD: 26/03/2013 - 18:55:11 - [6,255] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/03/2013 - 18:53:32 - [3,754] ----D C:\Program Files\Windows NT
O43 - CFD: 26/03/2013 - 18:28:58 - [0,001] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 21/03/2013 - 16:13:22 - [0] ----D C:\Program Files\xerox
O43 - CFD: 18/05/2013 - 18:52:22 - [0,871] ----D C:\Program Files\Yontoo =>Adware.Yontoo
O43 - CFD: 04/04/2014 - 16:42:07 - [17,117] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 19/09/2013 - 18:08:53 - [1,727] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 12/11/2013 - 21:42:07 - [63,895] ----D C:\Program Files\Fichiers communs\Apple
O43 - CFD: 17/05/2013 - 19:18:22 - [0,089] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 03/05/2013 - 12:47:47 - [1,189] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/05/2013 - 19:18:49 - [201,710] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 21/03/2013 - 16:11:00 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 21/03/2013 - 15:59:59 - [0] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 21/03/2013 - 16:11:08 - [0,008] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 21/03/2013 - 15:59:55 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 26/03/2013 - 18:53:31 - [39,198] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 03/04/2014 - 22:03:57 - [2,795] ----D C:\Program Files\Fichiers communs\Umbrella
O43 - CFD: 05/10/2013 - 14:48:35 - [4,786] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 12/11/2013 - 21:40:20 - [22,757] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 12/11/2013 - 21:42:52 - [26,332] ----D C:\Docum
A voir également:
- Rapport virus
- Virus mcafee - Accueil - Piratage
- Plan rapport de stage - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Faux message virus iphone ✓ - Forum Virus
- Undisclosed-recipients virus - Guide
