Publicité
Publicité
Format du document : text/plain
Prévisualisation
SysRestore
M3 - MFPP: Plugins - [frimpera] -- C:\Users\frimpera\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qa6xi.default\searchplugins\Startpins.xml
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com
O43 - CFD: 06/01/2013 - 19:08:36 - [6,495] ----D C:\Program Files (x86)\Webplayer setup
O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\frimpera\AppData\Roaming\cacaoweb\cacaoweb.exe (.not file.)
[MD5.2A665235EE16982136845E78789E69DC] [SPRF][07/11/2012] (.Iminent - Iminent Setup.) -- C:\Users\frimpera\AppData\Local\Temp\20120702IminentSetup.exe [825976]
[MD5.BE7F0B75275270688088E8956F02EE5D] [SPRF][10/11/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew128b7d.exe [435712]
[MD5.30DB0EE7C0AF7172359DC678545A90DA] [SPRF][23/11/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew243851.exe [436736]
[MD5.6443CF0F6168DF09C01AFC519AEA1C3A] [SPRF][11/07/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew7040d8.exe [429056]
[MD5.7A93E7D6377640A2338438D1C51E2D3E] [SPRF][10/01/2013] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew935065.exe [436224]
[MD5.5D859347AB9EE5154DEF7AFBA257E54A] [SPRF][07/07/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewa82f83.exe [428544]
[MD5.9507D099D63307E9897D7E98373EE3A2] [SPRF][25/11/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewb62306.exe [436224]
[MD5.AC782786780CBD9A72FE0CAC0EE28107] [SPRF][22/12/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewf06b9b.exe [436736]
[MD5.3D563DEC3261ED2B5C9AC610BAD98B0E] [SPRF][25/07/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewfdf61b.exe [428544]
[MD5.8A7A15632EA40950F5592E9BCE69FF6E] [SPRF][12/06/2002] (...) -- C:\Users\frimpera\AppData\Local\Temp\comver.dll [40960]
[MD5.E35C4CA0FC282238E0A2BAFB1CAAFE5A] [SPRF][17/10/2012] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\frimpera\AppData\Local\Temp\uninst1.exe [340632]
O87 - FAEL: "TCP Query User{7F824229-F0A5-40CF-B0E1-35AD434F925F}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
O87 - FAEL: "UDP Query User{C71FB643-FC84-4999-88F7-5A8E42A19934}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
O87 - FAEL: "TCP Query User{866E7735-6842-442F-BD30-7040D832EB2C}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
O87 - FAEL: "UDP Query User{162F1A0A-1A28-4D40-A89E-2EB66D4517F4}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb]
C:\Program Files (x86)\Webplayer setup
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
[HKCU\Software\APN]
[HKCU\Software\Ask.com.tmp]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
O43 - CFD: 16/06/2012 - 12:51:27 - [4,389] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 16/06/2012 - 12:51:18 - [0,158] ----D C:\Users\frimpera\AppData\Local\APN
O69 - SBI: prefs.js [frimpera - 2r1qa6xi.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {3D83A55E-616B-4D53-8BF8-B33060985231} - (Ask Search) - http://websearch.ask.com
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][23/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\frimpera\AppData\Local\Temp\AskSLib.dll [248008]
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL]
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]
[HKCU\Software\APN]
[HKLM\Software\Wow6432Node\APN]
[HKCU\Software\Ask.com.tmp]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}]
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440}
C:\Program Files (x86)\Ask.com
C:\Users\frimpera\AppData\LocalLow\AskToolbar
EmptyFlash
FirewallRaz
EmptyTemp
M3 - MFPP: Plugins - [frimpera] -- C:\Users\frimpera\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qa6xi.default\searchplugins\Startpins.xml
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com
O43 - CFD: 06/01/2013 - 19:08:36 - [6,495] ----D C:\Program Files (x86)\Webplayer setup
O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\frimpera\AppData\Roaming\cacaoweb\cacaoweb.exe (.not file.)
[MD5.2A665235EE16982136845E78789E69DC] [SPRF][07/11/2012] (.Iminent - Iminent Setup.) -- C:\Users\frimpera\AppData\Local\Temp\20120702IminentSetup.exe [825976]
[MD5.BE7F0B75275270688088E8956F02EE5D] [SPRF][10/11/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew128b7d.exe [435712]
[MD5.30DB0EE7C0AF7172359DC678545A90DA] [SPRF][23/11/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew243851.exe [436736]
[MD5.6443CF0F6168DF09C01AFC519AEA1C3A] [SPRF][11/07/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew7040d8.exe [429056]
[MD5.7A93E7D6377640A2338438D1C51E2D3E] [SPRF][10/01/2013] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonew935065.exe [436224]
[MD5.5D859347AB9EE5154DEF7AFBA257E54A] [SPRF][07/07/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewa82f83.exe [428544]
[MD5.9507D099D63307E9897D7E98373EE3A2] [SPRF][25/11/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewb62306.exe [436224]
[MD5.AC782786780CBD9A72FE0CAC0EE28107] [SPRF][22/12/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewf06b9b.exe [436736]
[MD5.3D563DEC3261ED2B5C9AC610BAD98B0E] [SPRF][25/07/2012] (...) -- C:\Users\frimpera\AppData\Local\Temp\cacaonewfdf61b.exe [428544]
[MD5.8A7A15632EA40950F5592E9BCE69FF6E] [SPRF][12/06/2002] (...) -- C:\Users\frimpera\AppData\Local\Temp\comver.dll [40960]
[MD5.E35C4CA0FC282238E0A2BAFB1CAAFE5A] [SPRF][17/10/2012] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\frimpera\AppData\Local\Temp\uninst1.exe [340632]
O87 - FAEL: "TCP Query User{7F824229-F0A5-40CF-B0E1-35AD434F925F}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
O87 - FAEL: "UDP Query User{C71FB643-FC84-4999-88F7-5A8E42A19934}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
O87 - FAEL: "TCP Query User{866E7735-6842-442F-BD30-7040D832EB2C}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
O87 - FAEL: "UDP Query User{162F1A0A-1A28-4D40-A89E-2EB66D4517F4}C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\frimpera\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb]
C:\Program Files (x86)\Webplayer setup
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
[HKCU\Software\APN]
[HKCU\Software\Ask.com.tmp]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
O43 - CFD: 16/06/2012 - 12:51:27 - [4,389] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 16/06/2012 - 12:51:18 - [0,158] ----D C:\Users\frimpera\AppData\Local\APN
O69 - SBI: prefs.js [frimpera - 2r1qa6xi.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {3D83A55E-616B-4D53-8BF8-B33060985231} - (Ask Search) - http://websearch.ask.com
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][23/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\frimpera\AppData\Local\Temp\AskSLib.dll [248008]
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL]
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]
[HKCU\Software\APN]
[HKLM\Software\Wow6432Node\APN]
[HKCU\Software\Ask.com.tmp]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}]
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440}
C:\Program Files (x86)\Ask.com
C:\Users\frimpera\AppData\LocalLow\AskToolbar
EmptyFlash
FirewallRaz
EmptyTemp