Page us.yhs4search.yahoo.com
Fermé
tititthierry
Messages postés
53
Date d'inscription
mercredi 23 octobre 2013
Statut
Membre
Dernière intervention
30 décembre 2017
-
22 mars 2014 à 18:40
cddede Messages postés 2889 Date d'inscription mardi 21 mai 2013 Statut Contributeur Dernière intervention 17 février 2018 - 22 mars 2014 à 18:53
cddede Messages postés 2889 Date d'inscription mardi 21 mai 2013 Statut Contributeur Dernière intervention 17 février 2018 - 22 mars 2014 à 18:53
Bonjour, mon probleme est que quand j'ouvre une 2eme page web,j'ai la page us.yhs4search.yahoo.com qui vient au lieu de google,je pense que j'ai un virus!qui pourrais me diagnostiquer les rapports ci joint?merci d'avance
# AdwCleaner v3.022 - Rapport créé le 22/03/2014 à 12:17:04
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Utilisateur PC - UTILISAT-66BE35
# Exécuté depuis : D:\Documents and Settings\Utilisateur PC\Mes documents\Downloads\adwcleaner (2).exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : IBUpdaterService
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\SweetIM
Dossier Supprimé : C:\Program Files\SweetIM
Dossier Supprimé : C:\WINDOWS\system32\ARFC
Dossier Supprimé : C:\WINDOWS\system32\jmdp
Dossier Supprimé : C:\WINDOWS\system32\WNLT
Dossier Supprimé : D:\Documents and Settings\Utilisateur PC\Mes documents\Optimizer Pro
Fichier Supprimé : C:\WINDOWS\system32\dmwu.exe
Fichier Supprimé : C:\WINDOWS\system32\ImhxxpComm.dll
Fichier Supprimé : C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Valeur Supprimée : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Valeur Supprimée : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Valeur Supprimée : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Valeur Supprimée : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\ARFC\wrtc.exe]
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\wnlt
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\Software\ImInstaller
Clé Supprimée : HKLM\Software\wnlt
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wnlt
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Clé Supprimée : HKLM\Software\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Clé Supprimée : HKLM\Software\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
***** [ Navigateurs ] *****
-\\ Internet Explorer v8.0.6001.18702
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v
[ Fichier : C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Supprimée : homepage
Supprimée : icon_url
Supprimée : search_url
Supprimée : keyword
[ Fichier : C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6722 octets] - [12/10/2013 15:44:26]
AdwCleaner[R1].txt - [2320 octets] - [16/02/2014 22:06:02]
AdwCleaner[R2].txt - [1267 octets] - [17/02/2014 08:38:52]
AdwCleaner[R3].txt - [8239 octets] - [25/02/2014 19:34:02]
AdwCleaner[R4].txt - [4518 octets] - [12/03/2014 12:34:10]
AdwCleaner[R5].txt - [9731 octets] - [22/03/2014 12:16:11]
AdwCleaner[S0].txt - [6571 octets] - [12/10/2013 15:51:09]
AdwCleaner[S1].txt - [2260 octets] - [16/02/2014 22:08:11]
AdwCleaner[S2].txt - [1328 octets] - [17/02/2014 08:39:52]
AdwCleaner[S3].txt - [8091 octets] - [25/02/2014 19:35:35]
AdwCleaner[S4].txt - [4447 octets] - [12/03/2014 12:35:38]
AdwCleaner[S5].txt - [9440 octets] - [22/03/2014 12:17:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [9500 octets] ##########
~ Rapport de ZHPDiag v2014.3.22.23 - Nicolas Coolman (22/03/2014)
~ Lancé par Utilisateur PC (22/03/2014 12:12:01)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ Logiciels de protection du système
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 95 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1919 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 33 GB (53%) free of 61 GB
---\\ Mode de connexion au système
~ Computer Name: UTILISAT-66BE35
~ User Name: Utilisateur PC
~ All Users Names: Utilisateur PC, UpdatusUser, SUPPORT_388945a0, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Utilisateur PC\Application Data\
~ %Desktop% : C:\Documents and Settings\Utilisateur PC\Bureau\
~ %Favorites% : C:\Documents and Settings\Utilisateur PC\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Utilisateur PC\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 33 Go of 61 Go)
D: Hard drive, Flash drive, Thumb drive (Free 72 Go of 92 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: CD-ROM drive (Not Inserted)
J: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.1643EF58F167E8EDA0566EA4402ECB8D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.24/02/2014 - 12:45:24.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 8:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/24
~ Mes musiques (My Musics) : 1/12
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/42
~ Mes Documents (My Documents) : 1/1620
~ Mon Bureau (My Desktop) : 0/320
~ Menu demarrer (Programs) : 1/58
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1132]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.284]
[MD5.A75F90FEDB30F75BF0C75716B6E3B05B] - (.Broadcom Corporation - Bluetooth Tray Application.) -- C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe [565309] [PID.428]
[MD5.9B8B01150C02F965289BD8856757412A] - (.Michel Krämer - Spamihilator.) -- C:\Program Files\Spamihilator\spamihilator.exe [2024960] [PID.436]
[MD5.C98ACDE22458C8F46FD0503CB9E2D01F] - (.Google Inc. - Google Crash Handler.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Update\1.3.22.5\GoogleCrashHandler.exe [223112] [PID.516]
[MD5.0A20A0B4D575160BC2E91D7CA5B1C4C6] - (.Broadcom Corporation - Bluetooth Stack COM Server.) -- C:\Program Files\D-Link\Logiciel Bluetooth\BTStackServer.exe [1245268] [PID.580]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1444]
[MD5.62120A235E5D1D3DDFD5E6F5F6B69E1F] - (.Broadcom Corporation - Bluetooth Support Server.) -- C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe [163840] [PID.1544]
[MD5.381B25DC8E958D905B33130D500BBF29] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.1848]
[MD5.6B91710EBA73DB7DACB4730933B7EADF] - (.Aztec Media Inc. - Systemk Service.) -- C:\Program Files\Settings Manager\systemk\SystemkService.exe [3448848] [PID.1688]
[MD5.83A82F79D330BAA8A8227A0D2115D492] - (...) -- C:\Windows\System32\jmdp\stij.exe [1107592] [PID.6440]
[MD5.BF804E312CACA3C339A97B13FAD8F171] - (...) -- C:\WINDOWS\system32\dmwu.exe [1791280] [PID.6524]
[MD5.0411F7EE63AE48D2918AB4F2C79AB6C4] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [PID.7372]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [859976] [PID.6128]
[MD5.8DB4860DB3AB481815B8A0C8B24A113B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8252416] [PID.6564]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://mysearch.sweetpacks.com/ =>PUP.SweetIM
G0 - GCSP: Preference [User Data\Default][HomePage] https://mysearch.sweetpacks.com/ =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleÃfÂ'Ã'Â Wallet v.0.0.6.1 (Activé)
~ Google Browser: 24 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com =>Spyware.VMNToolbar
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.sweetpacks.com/ =>PUP.SweetIM
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 2
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 20 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Favoris Bluetooth.lnk - Clé orpheline
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [Utilisateur PC]: Free mp3 Wma Converter.lnk . (.Koyote Lab Inc. - Free Audio Converter.) -- C:\Program Files\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe
O4 - GS\Program [Utilisateur PC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [UpdatusUser]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 16 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [AllUsers]: BTTray.lnk . (.Broadcom Corporation - Bluetooth Tray Application.) -- C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe
O4 - GS\Program [Utilisateur PC]: Spamihilator.lnk . (.Michel Krämer - Spamihilator.) -- C:\Program Files\Spamihilator\spamihilator.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-21-1993962763-162531612-1801674531-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1993962763-162531612-1801674531-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1993962763-162531612-1801674531-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1366649505078
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1320172396375
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EAD68BB8-846B-4E53-AC37-1C7E4E5D3074}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{EAD68BB8-846B-4E53-AC37-1C7E4E5D3074}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CS2\Services\Tcpip\..\{EAD68BB8-846B-4E53-AC37-1C7E4E5D3074}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.88.203.3 62.197.111.140
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} . (.Broadcom Corporation - BTXPPanel Module.) -- C:\WINDOWS\system32\btxppanel.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Settings Manager\systemk\syskldr.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (IBUpdaterService) . (...) - C:\WINDOWS\system32\dmwu.exe =>Adware.InstallBrain
~ Services: 9 Legitimates Filtered in 00mn 03s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x64) . (...) -- c:\program files\settings manager\systemk\x64\sysapcrt.dll
O36 - AppCertDlls: (x86) . (...) -- c:\program files\settings manager\systemk\sysapcrt.dll
~ Keys: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job [230] =>PUP.SpeedUpMyPC
~ Scheduled Task: 14 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: SweetPacks Updater Service - (...) [HKLM] -- WNLT =>PUP.SweetIM
~ Logic: 29 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\45362InstEnd]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Conduit_Search_Protect]
[HKCU\Software\IM]
[HKCU\Software\IncrediMail]
[HKCU\Software\Linkey]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\SystemK]
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\mark_kit]
[HKLM\Software\1019]
[HKLM\Software\1307]
[HKLM\Software\MediaViewV1] =>PUP.MediaViewer
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SystemK]
~ Key Software: 242 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2013 - 14:35:27 - [4,634] ----D C:\Program Files\GUMF6.tmp
O43 - CFD: 22/03/2014 - 9:48:26 - [1,379] ----D C:\Program Files\IncrediMail
O43 - CFD: 12/03/2014 - 15:17:45 - [0] ----D C:\Program Files\MediaViewV1 =>PUP.MediaViewer
O43 - CFD: 25/02/2014 - 16:26:28 - [14,255] ----D C:\Program Files\Settings Manager
O43 - CFD: 22/03/2014 - 9:46:31 - [4,607] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 22/03/2014 - 9:49:37 - [0] ----D C:\Documents and Settings\All Users\Application Data\IM
O43 - CFD: 22/03/2014 - 9:48:26 - [2,999] ----D C:\Documents and Settings\All Users\Application Data\IncrediMail
O43 - CFD: 22/03/2014 - 12:07:15 - [0] ----D C:\Documents and Settings\All Users\Application Data\SweetIM =>PUP.SweetIM
O43 - CFD: 22/03/2014 - 12:12:09 - [0,010] ----D C:\Documents and Settings\All Users\Application Data\systemk
O43 - CFD: 17/10/2013 - 15:03:00 - [27,641] -SH-D C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 25/02/2014 - 16:18:15 - [0,205] ----D C:\Documents and Settings\Utilisateur PC\Application Data\BitComet =>P2P.BitComet
O43 - CFD: 19/11/2012 - 12:53:49 - [0,056] ----D C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Ares
O43 - CFD: 22/03/2014 - 9:52:34 - [12,897] ----D C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM
~ Program Folder: 150 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 11/03/2014 - 15:52:53 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.0516F454076E4B7C8E6AF416F1BEFF8D] - 12/03/2014 - 10:23:06 ---A- . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\WINDOWS\system32\ImHttpComm.dll [27136]
O44 - LFC:[MD5.BF804E312CACA3C339A97B13FAD8F171] - 12/03/2014 - 10:27:54 ---A- . (...) -- C:\WINDOWS\system32\dmwu.exe [1791280]
O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 12/03/2014 - 9:59:28 ---A- . (...) -- C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest [1870]
~ Files: 16 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.84B7794C6E5F9C1E816CBCD65E795C5D] - 22/03/2014 - 11:55:00 ---A- - C:\WINDOWS\Prefetch\NS1D98.TMP-3B0A3E86.pf
O45 - LFCP:[MD5.537585917D3397A35DCD27B20234DFFA] - 22/03/2014 - 12:07:09 ---A- - C:\WINDOWS\Prefetch\UNUTIL.EXE-22CEE879.pf
O45 - LFCP:[MD5.93EF26369EF5DEEE6C5B3E065D81C83B] - 22/03/2014 - 9:32:29 ---A- - C:\WINDOWS\Prefetch\INCREDIMAIL_TSA1E6QM.EXE-10482EE8.pf
O45 - LFCP:[MD5.AA5DA5C5101658F2B39DD767EB1A6972] - 22/03/2014 - 9:40:48 ---A- - C:\WINDOWS\Prefetch\INCREDIMAIL_TSA1E7FV.EXE-2F0DB3B9.pf
O45 - LFCP:[MD5.A77B9DCD89F6EC4C38082F795C19B0C6] - 22/03/2014 - 9:46:44 ---A- - C:\WINDOWS\Prefetch\PROXYINSTALLER.EXE-03BB3E9B.pf
O45 - LFCP:[MD5.43D7BBA28572C69050FF50C52C6FC5E0] - 22/03/2014 - 9:47:24 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-09C4817C.pf
~ Prefetcher: 50 Legitimates Filtered in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spamihilator\cdcc.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Spamihilator\cdcc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spamihilator\dccproc.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Spamihilator\dccproc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\BitComet\BitComet.exe" [Enabled] .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\dmwu.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\IncMail.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\Bin\IncMail.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImApp.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\Bin\ImApp.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\Bin\ImpCnt.exe (.not file.)
~ Keys Export: 24 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Trojan.Staser
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - rjatydimofu.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{33e13a92-707e-11e2-bce7-001966055ddd}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 29/03/2000 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 14:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - 8:36:06 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 14:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 14:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/04/2008 - 8:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 13/04/2008 - 8:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 13/04/2008 - 8:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 13/04/2008 - 8:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 13/04/2008 - 8:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 13/04/2008 - 8:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 5 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 19/03/2014 - 12:12:27 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\MPC-HC\default.mpcpl [164]
O61 - LFC: 19/03/2014 - 12:12:27 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Windows\Themes\Custom.theme [7902]
O61 - LFC: 19/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [26624]
O61 - LFC: 20/03/2014 - 12:12:25 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Address Book\Utilisateur PC.wab [202362]
O61 - LFC: 20/03/2014 - 12:12:25 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Address Book\Utilisateur PC.wab~ [181819]
O61 - LFC: 20/03/2014 - 12:12:28 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\Bureau\dicton\Thumbs.db [18944]
O61 - LFC: 21/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 21/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\000705.bak [365]
O61 - LFC: 21/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\000705.ldb [365]
O61 - LFC: 22/03/2014 - 12:12:25 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768]
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\Log.txt [294806] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\TestsZHPDiag.txt [3495] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\ZHPDiag.txt [41186] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Bureau\ZHPDiag.lnk [1532] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Bureau\ZHPFix.lnk [1637] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:29 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\IECompatCache\index.dat [65536]
O61 - LFC: 22/03/2014 - 12:12:29 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\IETldCache\index.dat [262144]
O61 - LFC: 22/03/2014 - 12:12:44 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [271546]
O61 - LFC: 22/03/2014 - 12:12:44 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [57344]
O61 - LFC: 22/03/2014 - 12:12:44 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History-journal [512]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [1038336]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [10832]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [106888]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [0]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [0]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\000720.ldb [153]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\000722.ldb [245]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [269]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [777]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-000721 [307] =>.Google Inc
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db [7168]
O61 - LFC: 22/03/2014 - 12:13:20 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [4331520]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\.usage [24]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\LOG [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\LOG.old [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\MANIFEST-000293 [88]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG.old [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000800 [359]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\History [3440640]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [3706]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\LOG [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\LOG.old [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\MANIFEST-000762 [108]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [463407]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage [386048]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal [6704]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [3072]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.cuisineaz.com_0.localstorage [12288]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.cuisineaz.com_0.localstorage-journal [12896]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.be_0.localstorage [3072]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.be_0.localstorage-journal [512]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [18432]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [5672]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [33792]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [122097]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [20480]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal [3608]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Reset Prompt Memento [32]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003051.ldb [759208]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003053.ldb [159144]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003056.ldb [117622]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003059.ldb [118699]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [277]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [277]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-003058 [256] =>.Google Inc
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [86016]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [2868]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [3141632]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [10792]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal.protect [10792]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data.protect [3141632]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Local State [66677]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [5329080]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1315774]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135496]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [722396]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19480]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [29012]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing IP Blacklist [1488]
O61 - LFC: 22/03/2014 - 12:13:24 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\CrashReports\2fdee5f6-507d-4fc7-9e14-238a8d16f6ab.dmp [0]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\letter_fold.ima [14756]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\page_up.ima [14082]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\run_away.ima [27259]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\shattered.ima [15925]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\shreds.ima [24115]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\swish_side.ima [18043]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Ecard\birthday_faces.imf [3341]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Ecard\birthday_smiles.imf [12588]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Ecard\blessings_of_peace.imf [12143]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\
# AdwCleaner v3.022 - Rapport créé le 22/03/2014 à 12:17:04
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Utilisateur PC - UTILISAT-66BE35
# Exécuté depuis : D:\Documents and Settings\Utilisateur PC\Mes documents\Downloads\adwcleaner (2).exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : IBUpdaterService
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\SweetIM
Dossier Supprimé : C:\Program Files\SweetIM
Dossier Supprimé : C:\WINDOWS\system32\ARFC
Dossier Supprimé : C:\WINDOWS\system32\jmdp
Dossier Supprimé : C:\WINDOWS\system32\WNLT
Dossier Supprimé : D:\Documents and Settings\Utilisateur PC\Mes documents\Optimizer Pro
Fichier Supprimé : C:\WINDOWS\system32\dmwu.exe
Fichier Supprimé : C:\WINDOWS\system32\ImhxxpComm.dll
Fichier Supprimé : C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Valeur Supprimée : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Valeur Supprimée : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Valeur Supprimée : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Valeur Supprimée : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\ARFC\wrtc.exe]
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\wnlt
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\Software\ImInstaller
Clé Supprimée : HKLM\Software\wnlt
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wnlt
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Clé Supprimée : HKLM\Software\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Clé Supprimée : HKLM\Software\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
***** [ Navigateurs ] *****
-\\ Internet Explorer v8.0.6001.18702
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v
[ Fichier : C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Supprimée : homepage
Supprimée : icon_url
Supprimée : search_url
Supprimée : keyword
[ Fichier : C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6722 octets] - [12/10/2013 15:44:26]
AdwCleaner[R1].txt - [2320 octets] - [16/02/2014 22:06:02]
AdwCleaner[R2].txt - [1267 octets] - [17/02/2014 08:38:52]
AdwCleaner[R3].txt - [8239 octets] - [25/02/2014 19:34:02]
AdwCleaner[R4].txt - [4518 octets] - [12/03/2014 12:34:10]
AdwCleaner[R5].txt - [9731 octets] - [22/03/2014 12:16:11]
AdwCleaner[S0].txt - [6571 octets] - [12/10/2013 15:51:09]
AdwCleaner[S1].txt - [2260 octets] - [16/02/2014 22:08:11]
AdwCleaner[S2].txt - [1328 octets] - [17/02/2014 08:39:52]
AdwCleaner[S3].txt - [8091 octets] - [25/02/2014 19:35:35]
AdwCleaner[S4].txt - [4447 octets] - [12/03/2014 12:35:38]
AdwCleaner[S5].txt - [9440 octets] - [22/03/2014 12:17:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [9500 octets] ##########
~ Rapport de ZHPDiag v2014.3.22.23 - Nicolas Coolman (22/03/2014)
~ Lancé par Utilisateur PC (22/03/2014 12:12:01)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ Logiciels de protection du système
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 95 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1919 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 33 GB (53%) free of 61 GB
---\\ Mode de connexion au système
~ Computer Name: UTILISAT-66BE35
~ User Name: Utilisateur PC
~ All Users Names: Utilisateur PC, UpdatusUser, SUPPORT_388945a0, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Utilisateur PC\Application Data\
~ %Desktop% : C:\Documents and Settings\Utilisateur PC\Bureau\
~ %Favorites% : C:\Documents and Settings\Utilisateur PC\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Utilisateur PC\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 33 Go of 61 Go)
D: Hard drive, Flash drive, Thumb drive (Free 72 Go of 92 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: CD-ROM drive (Not Inserted)
J: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.1643EF58F167E8EDA0566EA4402ECB8D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.24/02/2014 - 12:45:24.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 8:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/24
~ Mes musiques (My Musics) : 1/12
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/42
~ Mes Documents (My Documents) : 1/1620
~ Mon Bureau (My Desktop) : 0/320
~ Menu demarrer (Programs) : 1/58
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1132]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.284]
[MD5.A75F90FEDB30F75BF0C75716B6E3B05B] - (.Broadcom Corporation - Bluetooth Tray Application.) -- C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe [565309] [PID.428]
[MD5.9B8B01150C02F965289BD8856757412A] - (.Michel Krämer - Spamihilator.) -- C:\Program Files\Spamihilator\spamihilator.exe [2024960] [PID.436]
[MD5.C98ACDE22458C8F46FD0503CB9E2D01F] - (.Google Inc. - Google Crash Handler.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Update\1.3.22.5\GoogleCrashHandler.exe [223112] [PID.516]
[MD5.0A20A0B4D575160BC2E91D7CA5B1C4C6] - (.Broadcom Corporation - Bluetooth Stack COM Server.) -- C:\Program Files\D-Link\Logiciel Bluetooth\BTStackServer.exe [1245268] [PID.580]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1444]
[MD5.62120A235E5D1D3DDFD5E6F5F6B69E1F] - (.Broadcom Corporation - Bluetooth Support Server.) -- C:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe [163840] [PID.1544]
[MD5.381B25DC8E958D905B33130D500BBF29] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.1848]
[MD5.6B91710EBA73DB7DACB4730933B7EADF] - (.Aztec Media Inc. - Systemk Service.) -- C:\Program Files\Settings Manager\systemk\SystemkService.exe [3448848] [PID.1688]
[MD5.83A82F79D330BAA8A8227A0D2115D492] - (...) -- C:\Windows\System32\jmdp\stij.exe [1107592] [PID.6440]
[MD5.BF804E312CACA3C339A97B13FAD8F171] - (...) -- C:\WINDOWS\system32\dmwu.exe [1791280] [PID.6524]
[MD5.0411F7EE63AE48D2918AB4F2C79AB6C4] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [PID.7372]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [859976] [PID.6128]
[MD5.8DB4860DB3AB481815B8A0C8B24A113B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8252416] [PID.6564]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://mysearch.sweetpacks.com/ =>PUP.SweetIM
G0 - GCSP: Preference [User Data\Default][HomePage] https://mysearch.sweetpacks.com/ =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleÃfÂ'Ã'Â Wallet v.0.0.6.1 (Activé)
~ Google Browser: 24 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com =>Spyware.VMNToolbar
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.sweetpacks.com/ =>PUP.SweetIM
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 2
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 20 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Favoris Bluetooth.lnk - Clé orpheline
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [Utilisateur PC]: Free mp3 Wma Converter.lnk . (.Koyote Lab Inc. - Free Audio Converter.) -- C:\Program Files\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe
O4 - GS\Program [Utilisateur PC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [UpdatusUser]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 16 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [AllUsers]: BTTray.lnk . (.Broadcom Corporation - Bluetooth Tray Application.) -- C:\Program Files\D-Link\Logiciel Bluetooth\BTTray.exe
O4 - GS\Program [Utilisateur PC]: Spamihilator.lnk . (.Michel Krämer - Spamihilator.) -- C:\Program Files\Spamihilator\spamihilator.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-21-1993962763-162531612-1801674531-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1993962763-162531612-1801674531-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1993962763-162531612-1801674531-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1366649505078
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1320172396375
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EAD68BB8-846B-4E53-AC37-1C7E4E5D3074}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CS1\Services\Tcpip\..\{EAD68BB8-846B-4E53-AC37-1C7E4E5D3074}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CS2\Services\Tcpip\..\{EAD68BB8-846B-4E53-AC37-1C7E4E5D3074}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.88.203.3 62.197.111.140
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} . (.Broadcom Corporation - BTXPPanel Module.) -- C:\WINDOWS\system32\btxppanel.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Settings Manager\systemk\syskldr.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (IBUpdaterService) . (...) - C:\WINDOWS\system32\dmwu.exe =>Adware.InstallBrain
~ Services: 9 Legitimates Filtered in 00mn 03s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x64) . (...) -- c:\program files\settings manager\systemk\x64\sysapcrt.dll
O36 - AppCertDlls: (x86) . (...) -- c:\program files\settings manager\systemk\sysapcrt.dll
~ Keys: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job [230] =>PUP.SpeedUpMyPC
~ Scheduled Task: 14 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: SweetPacks Updater Service - (...) [HKLM] -- WNLT =>PUP.SweetIM
~ Logic: 29 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\45362InstEnd]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Conduit_Search_Protect]
[HKCU\Software\IM]
[HKCU\Software\IncrediMail]
[HKCU\Software\Linkey]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\SystemK]
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\mark_kit]
[HKLM\Software\1019]
[HKLM\Software\1307]
[HKLM\Software\MediaViewV1] =>PUP.MediaViewer
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SystemK]
~ Key Software: 242 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2013 - 14:35:27 - [4,634] ----D C:\Program Files\GUMF6.tmp
O43 - CFD: 22/03/2014 - 9:48:26 - [1,379] ----D C:\Program Files\IncrediMail
O43 - CFD: 12/03/2014 - 15:17:45 - [0] ----D C:\Program Files\MediaViewV1 =>PUP.MediaViewer
O43 - CFD: 25/02/2014 - 16:26:28 - [14,255] ----D C:\Program Files\Settings Manager
O43 - CFD: 22/03/2014 - 9:46:31 - [4,607] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 22/03/2014 - 9:49:37 - [0] ----D C:\Documents and Settings\All Users\Application Data\IM
O43 - CFD: 22/03/2014 - 9:48:26 - [2,999] ----D C:\Documents and Settings\All Users\Application Data\IncrediMail
O43 - CFD: 22/03/2014 - 12:07:15 - [0] ----D C:\Documents and Settings\All Users\Application Data\SweetIM =>PUP.SweetIM
O43 - CFD: 22/03/2014 - 12:12:09 - [0,010] ----D C:\Documents and Settings\All Users\Application Data\systemk
O43 - CFD: 17/10/2013 - 15:03:00 - [27,641] -SH-D C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 25/02/2014 - 16:18:15 - [0,205] ----D C:\Documents and Settings\Utilisateur PC\Application Data\BitComet =>P2P.BitComet
O43 - CFD: 19/11/2012 - 12:53:49 - [0,056] ----D C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Ares
O43 - CFD: 22/03/2014 - 9:52:34 - [12,897] ----D C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM
~ Program Folder: 150 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 11/03/2014 - 15:52:53 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.0516F454076E4B7C8E6AF416F1BEFF8D] - 12/03/2014 - 10:23:06 ---A- . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\WINDOWS\system32\ImHttpComm.dll [27136]
O44 - LFC:[MD5.BF804E312CACA3C339A97B13FAD8F171] - 12/03/2014 - 10:27:54 ---A- . (...) -- C:\WINDOWS\system32\dmwu.exe [1791280]
O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 12/03/2014 - 9:59:28 ---A- . (...) -- C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest [1870]
~ Files: 16 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.84B7794C6E5F9C1E816CBCD65E795C5D] - 22/03/2014 - 11:55:00 ---A- - C:\WINDOWS\Prefetch\NS1D98.TMP-3B0A3E86.pf
O45 - LFCP:[MD5.537585917D3397A35DCD27B20234DFFA] - 22/03/2014 - 12:07:09 ---A- - C:\WINDOWS\Prefetch\UNUTIL.EXE-22CEE879.pf
O45 - LFCP:[MD5.93EF26369EF5DEEE6C5B3E065D81C83B] - 22/03/2014 - 9:32:29 ---A- - C:\WINDOWS\Prefetch\INCREDIMAIL_TSA1E6QM.EXE-10482EE8.pf
O45 - LFCP:[MD5.AA5DA5C5101658F2B39DD767EB1A6972] - 22/03/2014 - 9:40:48 ---A- - C:\WINDOWS\Prefetch\INCREDIMAIL_TSA1E7FV.EXE-2F0DB3B9.pf
O45 - LFCP:[MD5.A77B9DCD89F6EC4C38082F795C19B0C6] - 22/03/2014 - 9:46:44 ---A- - C:\WINDOWS\Prefetch\PROXYINSTALLER.EXE-03BB3E9B.pf
O45 - LFCP:[MD5.43D7BBA28572C69050FF50C52C6FC5E0] - 22/03/2014 - 9:47:24 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-09C4817C.pf
~ Prefetcher: 50 Legitimates Filtered in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spamihilator\cdcc.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Spamihilator\cdcc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spamihilator\dccproc.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Spamihilator\dccproc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\BitComet\BitComet.exe" [Enabled] .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\dmwu.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\IncMail.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\Bin\IncMail.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImApp.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\Bin\ImApp.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\Bin\ImpCnt.exe (.not file.)
~ Keys Export: 24 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Trojan.Staser
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - rjatydimofu.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{33e13a92-707e-11e2-bce7-001966055ddd}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 29/03/2000 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 14:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - 8:36:06 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 14:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 14:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/04/2008 - 8:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 13/04/2008 - 8:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 13/04/2008 - 8:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 13/04/2008 - 8:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 13/04/2008 - 8:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 13/04/2008 - 8:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 5 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 19/03/2014 - 12:12:27 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\MPC-HC\default.mpcpl [164]
O61 - LFC: 19/03/2014 - 12:12:27 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Windows\Themes\Custom.theme [7902]
O61 - LFC: 19/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [26624]
O61 - LFC: 20/03/2014 - 12:12:25 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Address Book\Utilisateur PC.wab [202362]
O61 - LFC: 20/03/2014 - 12:12:25 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Address Book\Utilisateur PC.wab~ [181819]
O61 - LFC: 20/03/2014 - 12:12:28 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\Bureau\dicton\Thumbs.db [18944]
O61 - LFC: 21/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\data_1 [270336]
O61 - LFC: 21/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\000705.bak [365]
O61 - LFC: 21/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\000705.ldb [365]
O61 - LFC: 22/03/2014 - 12:12:25 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768]
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\Log.txt [294806] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\TestsZHPDiag.txt [3495] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Application Data\ZHP\ZHPDiag.txt [41186] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Bureau\ZHPDiag.lnk [1532] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:28 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Bureau\ZHPFix.lnk [1637] =>.Nicolas Coolman
O61 - LFC: 22/03/2014 - 12:12:29 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\IECompatCache\index.dat [65536]
O61 - LFC: 22/03/2014 - 12:12:29 -SHA- . (...) -- C:\Documents and Settings\Utilisateur PC\IETldCache\index.dat [262144]
O61 - LFC: 22/03/2014 - 12:12:44 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [271546]
O61 - LFC: 22/03/2014 - 12:12:44 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [57344]
O61 - LFC: 22/03/2014 - 12:12:44 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History-journal [512]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [1038336]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [10832]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [106888]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [0]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [0]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\000720.ldb [153]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\000722.ldb [245]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [269]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [777]
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-000721 [307] =>.Google Inc
O61 - LFC: 22/03/2014 - 12:13:19 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db [7168]
O61 - LFC: 22/03/2014 - 12:13:20 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [4331520]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\.usage [24]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\LOG [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\LOG.old [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\004\t\Paths\MANIFEST-000293 [88]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG.old [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000800 [359]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\History [3440640]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [3706]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\LOG [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\LOG.old [148]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\IndexedDB\https_www.google.be_0.indexeddb.leveldb\MANIFEST-000762 [108]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [463407]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage [386048]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal [6704]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [3072]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.cuisineaz.com_0.localstorage [12288]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.cuisineaz.com_0.localstorage-journal [12896]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.be_0.localstorage [3072]
O61 - LFC: 22/03/2014 - 12:13:21 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.be_0.localstorage-journal [512]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [18432]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [5672]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [33792]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640]
O61 - LFC: 22/03/2014 - 12:13:22 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [122097]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [20480]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal [3608]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Reset Prompt Memento [32]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003051.ldb [759208]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003053.ldb [159144]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003056.ldb [117622]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\003059.ldb [118699]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [277]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [277]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-003058 [256] =>.Google Inc
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [86016]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [2868]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [3141632]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [10792]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal.protect [10792]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data.protect [3141632]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Local State [66677]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [5329080]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1315774]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135496]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [722396]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19480]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [29012]
O61 - LFC: 22/03/2014 - 12:13:23 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing IP Blacklist [1488]
O61 - LFC: 22/03/2014 - 12:13:24 ---A- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\Google\CrashReports\2fdee5f6-507d-4fc7-9e14-238a8d16f6ab.dmp [0]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\letter_fold.ima [14756]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\page_up.ima [14082]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\run_away.ima [27259]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\shattered.ima [15925]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\shreds.ima [24115]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Animation\swish_side.ima [18043]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Ecard\birthday_faces.imf [3341]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Ecard\birthday_smiles.imf [12588]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\Application Data\IM\Ecard\blessings_of_peace.imf [12143]
O61 - LFC: 22/03/2014 - 12:13:28 ----- . (...) -- C:\Documents and Settings\Utilisateur PC\Local Settings\
A voir également:
- Page us.yhs4search.yahoo.com
- Supprimer une page word - Guide
- Page d'accueil iphone - Guide
- Traduire une page web - Guide
- Créer une page facebook - Guide
- Word numéro de page 1/2 - Guide
2 réponses
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 805
22 mars 2014 à 18:49
22 mars 2014 à 18:49
Windows pas officiel!
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
cddede
Messages postés
2889
Date d'inscription
mardi 21 mai 2013
Statut
Contributeur
Dernière intervention
17 février 2018
1 036
22 mars 2014 à 18:46
22 mars 2014 à 18:46
Bonjour,
Avec ceci, ne cherche pas plus loin si tu as des virus :
---\\ Logiciels de partage PeerToPeer
eMule
CDLT
Avec ceci, ne cherche pas plus loin si tu as des virus :
---\\ Logiciels de partage PeerToPeer
eMule
CDLT
22 mars 2014 à 18:53
- Bien vu lilidurhone +2