Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Desktop Security] =>Rogue.Multiple
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500Core] (.Facebook Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500UA] (.Facebook Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500Core - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500Core.job [1180]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500UA - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500UA.job [1202]
O41 - Driver: (ssmdrv) . (. - .) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (.not file.)
O41 - Driver: (avipbb) . (. - .) - C:\WINDOWS\system32\DRIVERS\avipbb.sys (.not file.)
O41 - Driver: (avkmgr) . (. - .) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys (.not file.)
[HKLM\Software\IncrediMail]
O43 - CFD: 19-08-2011 - 23:20:04 - [] ----D C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_Administrateur_Bureau_Mask.My.IP.v2.2.1.2 by dr akkira_crack Mask.My.IP.v2.2.1.2 by dr akkira_MaskMyIP.exe
O43 - CFD: 05-12-2010 - 20:04:05 - [] ----D C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
O43 - CFD: 30-01-2011 - 20:44:57 - [] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
O43 - CFD: 19-08-2011 - 23:20:04 - [] ----D C:\Documents and Settings\Administrateur\Application Data\C__Documents and Settings_Administrateur_Bureau_Mask.My.IP.v2.2.1.2 by dr akkira_crack Mask.My.IP.v2.2.1.2 by dr akkira_MaskMyIP.exe
O44 - LFC:[MD5.BAB3ECF567B889F4DB09F3BA88F05007] - 03-12-2014 - 22:32:25 ---A- . (...) -- C:\WINDOWS\wmsetup.log [940]
O44 - LFC:[MD5.A864BF88F5E184942C64C0288AC24A4E] - 14-12-2014 - 20:37:39 ---A- . (...) -- C:\WINDOWS\msmqinst.log [1940]
O44 - LFC:[MD5.E14ABCA87F209255B18336D66E65D2F7] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [6790]
O44 - LFC:[MD5.61B6B98931DCFA315EAD3F7E06EC2F7F] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [719]
O44 - LFC:[MD5.33AB1A472766DEDD2E51E512A17420C2] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\comsetup.log [2505]
O44 - LFC:[MD5.82A08810596F828CD327A2EFA382B664] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\iis6.log [6811]
O44 - LFC:[MD5.4ABCF0D4C9E2625C59584DE1D6CD6B3A] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\imsins.log [1943]
O44 - LFC:[MD5.CB2CEF18B8A9D79C998CD05604CDCDD2] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\netfxocm.log [1592]
O44 - LFC:[MD5.836F9D14526FCABDD9A18E2051AD7A91] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [1809]
O44 - LFC:[MD5.09AC5BE3A0251DD1755983E0A7B4AEFE] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\ocgen.log [6472]
O44 - LFC:[MD5.AAA2DE0F723C4AC7296B213C3856BAFD] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\ocmsn.log [469]
O44 - LFC:[MD5.F614F1B04A894EB64BF6F1D7F72A341E] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\tsoc.log [4591]
[HKCU\Software\Administrateur914]
[HKCU\Software\Random's]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AC6240AE-33B6-40D3-8683-31BBE86049A0}]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.1980]
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\WINDOWS\system32\CbFsMntNtf3.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Snagit - [HKLM]{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} . (.TechSmith Corporation - Snagit Add-in for Internet Explorer.) -- C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - ActiveSync Favorite Synchronization.) -- C:\Program Files\MI3AA1~1\INetRepl.dll
O9 - Extra button: Cr�er un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Cl� orpheline
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
[HKCU\Software\3ivx]
[HKCU\Software\ABBYY]
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASProtect]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AdsFix]
[HKCU\Software\Ahead]
[HKCU\Software\Alcohol Soft]
[HKCU\Software\AppDataLow\Software\RealNetworks]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Atheros]
[HKCU\Software\Avnex]
[HKCU\Software\BDUSBImmunizer]
[HKCU\Software\BVRP Software]
[HKCU\Software\Binary Noise]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Sector]
[HKCU\Software\Corel]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\Cygwin]
[HKCU\Software\DScaler5]
[HKCU\Software\DVD Decrypter]
[HKCU\Software\Digital River]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\DownloadManager]
[HKCU\Software\EasyBits]
[HKCU\Software\ExtractNow]
[HKCU\Software\FSPro Labs]
[HKCU\Software\Facebook]
[HKCU\Software\FileHippo.com]
[HKCU\Software\FreeCall]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\GetFLV]
[HKCU\Software\Google]
[HKCU\Software\GsmServer]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IDAVLab]
[HKCU\Software\IM Providers]
[HKCU\Software\Illustrate]
[HKCU\Software\ImTOO]
[HKCU\Software\ImmenseTech]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jeyo]
[HKCU\Software\KTR]
[HKCU\Software\KeyHoleTV]
[HKCU\Software\LC Technology Inc]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\LG Electronics]
[HKCU\Software\LGE]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\LowRegistry]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Macroplant]
[HKCU\Software\MainConcept (Muvee Consumer)]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\Matroska Pack]
[HKCU\Software\MediaInfo]
[HKCU\Software\MiniTool Solution Ltd.]
[HKCU\Software\Motorola Inc.]
[HKCU\Software\Motorola]
[HKCU\Software\MoveNetworks]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nitro PDF]
[HKCU\Software\ODBC]
[HKCU\Software\PEERNET Inc.]
[HKCU\Software\Paint.NET]
[HKCU\Software\Palm Digital Media]
[HKCU\Software\Palm]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Python]
[HKCU\Software\RatioMaster.NET]
[HKCU\Software\RealNetworks]
[HKCU\Software\Research In Motion]
[HKCU\Software\Rixler Software]
[HKCU\Software\Robin Digital Software]
[HKCU\Software\SCC]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Samsung PC Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Scanner Information]
[HKCU\Software\Seagate Software]
[HKCU\Software\SecureMedia]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SolidDocuments]
[HKCU\Software\Sonic Solutions]
[HKCU\Software\Sonic]
[HKCU\Software\SpoonInstall]
[HKCU\Software\StarSynergy]
[HKCU\Software\Sysinternals]
[HKCU\Software\TVP]
[HKCU\Software\Tansee iPhone Transfer]
[HKCU\Software\TechSmith]
[HKCU\Software\The Creative Assembly]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Ulead]
[HKCU\Software\UnH Solutions]
[HKCU\Software\UniqueSW]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\VirginMega]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WinHIIP]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\XChat]
[HKCU\Software\Xenocode]
[HKCU\Software\Xilisoft]
[HKCU\Software\Yahoo]
[HKCU\Software\ej-technologies]
[HKCU\Software\geissplugin]
[HKCU\Software\keyhole.com]
[HKCU\Software\llionsoft]
[HKCU\Software\madFlac]
[HKCU\Software\mkvmergeGUI]
[HKCU\Software\ooVoo]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AdsFix]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\Alcohol Soft]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Avnex]
[HKLM\Software\BVRP Software]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\CallbackFS]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Code Sector]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\Cygwin]
[HKLM\Software\DEVGURU]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EldoS]
[HKLM\Software\FSPro Labs]
[HKLM\Software\Foxconn]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GSMServer]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Global IP Solutions]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Havas Medimedia]
[HKLM\Software\IDAVLab]
[HKLM\Software\ILLUSION]
[HKLM\Software\IM Providers]
[HKLM\Software\ImTOO]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\LG Electronics]
[HKLM\Software\Licenses]
[HKLM\Software\MCCI]
[HKLM\Software\MSN Virus Removal]
[HKLM\Software\Macromedia]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\NewSoft]
[HKLM\Software\Nitro PDF]
[HKLM\Software\NokiaFREE Unlock Codes Calculator]
[HKLM\Software\ODBC]
[HKLM\Software\OVP]
[HKLM\Software\Orb Networks]
[HKLM\Software\Oreans Technologies]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PEERNET Inc.]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protexis]
[HKLM\Software\QSound Labs, Inc.]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\S3R521]
[HKLM\Software\S3]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Scanner Information]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\SolidDocuments]
[HKLM\Software\Sonic]
[HKLM\Software\Sysinternals]
[HKLM\Software\TechSmith]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\USBDCam]
[HKLM\Software\USBSCAN INFO]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\Valve]
[HKLM\Software\Vidal]
[HKLM\Software\VideoLAN]
[HKLM\Software\VsMntNtf]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wise Solutions]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\calibre]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\swearware]
[HKLM\Software\zbshareware]
ShortcutFix
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Desktop Security] =>Rogue.Multiple
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500Core] (.Facebook Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500UA] (.Facebook Inc..) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500Core - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500Core.job [1180]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500UA - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1202660629-220523388-682003330-500UA.job [1202]
O41 - Driver: (ssmdrv) . (. - .) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (.not file.)
O41 - Driver: (avipbb) . (. - .) - C:\WINDOWS\system32\DRIVERS\avipbb.sys (.not file.)
O41 - Driver: (avkmgr) . (. - .) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys (.not file.)
[HKLM\Software\IncrediMail]
O43 - CFD: 19-08-2011 - 23:20:04 - [] ----D C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_Administrateur_Bureau_Mask.My.IP.v2.2.1.2 by dr akkira_crack Mask.My.IP.v2.2.1.2 by dr akkira_MaskMyIP.exe
O43 - CFD: 05-12-2010 - 20:04:05 - [] ----D C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
O43 - CFD: 30-01-2011 - 20:44:57 - [] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
O43 - CFD: 19-08-2011 - 23:20:04 - [] ----D C:\Documents and Settings\Administrateur\Application Data\C__Documents and Settings_Administrateur_Bureau_Mask.My.IP.v2.2.1.2 by dr akkira_crack Mask.My.IP.v2.2.1.2 by dr akkira_MaskMyIP.exe
O44 - LFC:[MD5.BAB3ECF567B889F4DB09F3BA88F05007] - 03-12-2014 - 22:32:25 ---A- . (...) -- C:\WINDOWS\wmsetup.log [940]
O44 - LFC:[MD5.A864BF88F5E184942C64C0288AC24A4E] - 14-12-2014 - 20:37:39 ---A- . (...) -- C:\WINDOWS\msmqinst.log [1940]
O44 - LFC:[MD5.E14ABCA87F209255B18336D66E65D2F7] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [6790]
O44 - LFC:[MD5.61B6B98931DCFA315EAD3F7E06EC2F7F] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [719]
O44 - LFC:[MD5.33AB1A472766DEDD2E51E512A17420C2] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\comsetup.log [2505]
O44 - LFC:[MD5.82A08810596F828CD327A2EFA382B664] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\iis6.log [6811]
O44 - LFC:[MD5.4ABCF0D4C9E2625C59584DE1D6CD6B3A] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\imsins.log [1943]
O44 - LFC:[MD5.CB2CEF18B8A9D79C998CD05604CDCDD2] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\netfxocm.log [1592]
O44 - LFC:[MD5.836F9D14526FCABDD9A18E2051AD7A91] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [1809]
O44 - LFC:[MD5.09AC5BE3A0251DD1755983E0A7B4AEFE] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\ocgen.log [6472]
O44 - LFC:[MD5.AAA2DE0F723C4AC7296B213C3856BAFD] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\ocmsn.log [469]
O44 - LFC:[MD5.F614F1B04A894EB64BF6F1D7F72A341E] - 14-12-2014 - 20:37:56 ---A- . (...) -- C:\WINDOWS\tsoc.log [4591]
[HKCU\Software\Administrateur914]
[HKCU\Software\Random's]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AC6240AE-33B6-40D3-8683-31BBE86049A0}]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.1980]
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\WINDOWS\system32\CbFsMntNtf3.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Snagit - [HKLM]{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} . (.TechSmith Corporation - Snagit Add-in for Internet Explorer.) -- C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - ActiveSync Favorite Synchronization.) -- C:\Program Files\MI3AA1~1\INetRepl.dll
O9 - Extra button: Cr�er un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Cl� orpheline
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
[HKCU\Software\3ivx]
[HKCU\Software\ABBYY]
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASProtect]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AdsFix]
[HKCU\Software\Ahead]
[HKCU\Software\Alcohol Soft]
[HKCU\Software\AppDataLow\Software\RealNetworks]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Atheros]
[HKCU\Software\Avnex]
[HKCU\Software\BDUSBImmunizer]
[HKCU\Software\BVRP Software]
[HKCU\Software\Binary Noise]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Sector]
[HKCU\Software\Corel]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\Cygwin]
[HKCU\Software\DScaler5]
[HKCU\Software\DVD Decrypter]
[HKCU\Software\Digital River]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\DownloadManager]
[HKCU\Software\EasyBits]
[HKCU\Software\ExtractNow]
[HKCU\Software\FSPro Labs]
[HKCU\Software\Facebook]
[HKCU\Software\FileHippo.com]
[HKCU\Software\FreeCall]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\GetFLV]
[HKCU\Software\Google]
[HKCU\Software\GsmServer]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IDAVLab]
[HKCU\Software\IM Providers]
[HKCU\Software\Illustrate]
[HKCU\Software\ImTOO]
[HKCU\Software\ImmenseTech]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jeyo]
[HKCU\Software\KTR]
[HKCU\Software\KeyHoleTV]
[HKCU\Software\LC Technology Inc]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\LG Electronics]
[HKCU\Software\LGE]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\LowRegistry]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Macroplant]
[HKCU\Software\MainConcept (Muvee Consumer)]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\Matroska Pack]
[HKCU\Software\MediaInfo]
[HKCU\Software\MiniTool Solution Ltd.]
[HKCU\Software\Motorola Inc.]
[HKCU\Software\Motorola]
[HKCU\Software\MoveNetworks]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nitro PDF]
[HKCU\Software\ODBC]
[HKCU\Software\PEERNET Inc.]
[HKCU\Software\Paint.NET]
[HKCU\Software\Palm Digital Media]
[HKCU\Software\Palm]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Python]
[HKCU\Software\RatioMaster.NET]
[HKCU\Software\RealNetworks]
[HKCU\Software\Research In Motion]
[HKCU\Software\Rixler Software]
[HKCU\Software\Robin Digital Software]
[HKCU\Software\SCC]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\Samsung PC Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Scanner Information]
[HKCU\Software\Seagate Software]
[HKCU\Software\SecureMedia]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SolidDocuments]
[HKCU\Software\Sonic Solutions]
[HKCU\Software\Sonic]
[HKCU\Software\SpoonInstall]
[HKCU\Software\StarSynergy]
[HKCU\Software\Sysinternals]
[HKCU\Software\TVP]
[HKCU\Software\Tansee iPhone Transfer]
[HKCU\Software\TechSmith]
[HKCU\Software\The Creative Assembly]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Ulead]
[HKCU\Software\UnH Solutions]
[HKCU\Software\UniqueSW]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\VirginMega]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WinHIIP]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\XChat]
[HKCU\Software\Xenocode]
[HKCU\Software\Xilisoft]
[HKCU\Software\Yahoo]
[HKCU\Software\ej-technologies]
[HKCU\Software\geissplugin]
[HKCU\Software\keyhole.com]
[HKCU\Software\llionsoft]
[HKCU\Software\madFlac]
[HKCU\Software\mkvmergeGUI]
[HKCU\Software\ooVoo]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AdsFix]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\Alcohol Soft]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Avnex]
[HKLM\Software\BVRP Software]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\CallbackFS]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Code Sector]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\Cygwin]
[HKLM\Software\DEVGURU]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EldoS]
[HKLM\Software\FSPro Labs]
[HKLM\Software\Foxconn]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GSMServer]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Global IP Solutions]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Havas Medimedia]
[HKLM\Software\IDAVLab]
[HKLM\Software\ILLUSION]
[HKLM\Software\IM Providers]
[HKLM\Software\ImTOO]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\LG Electronics]
[HKLM\Software\Licenses]
[HKLM\Software\MCCI]
[HKLM\Software\MSN Virus Removal]
[HKLM\Software\Macromedia]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\NewSoft]
[HKLM\Software\Nitro PDF]
[HKLM\Software\NokiaFREE Unlock Codes Calculator]
[HKLM\Software\ODBC]
[HKLM\Software\OVP]
[HKLM\Software\Orb Networks]
[HKLM\Software\Oreans Technologies]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PEERNET Inc.]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protexis]
[HKLM\Software\QSound Labs, Inc.]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\S3R521]
[HKLM\Software\S3]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Scanner Information]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\SolidDocuments]
[HKLM\Software\Sonic]
[HKLM\Software\Sysinternals]
[HKLM\Software\TechSmith]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\USBDCam]
[HKLM\Software\USBSCAN INFO]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\Valve]
[HKLM\Software\Vidal]
[HKLM\Software\VideoLAN]
[HKLM\Software\VsMntNtf]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wise Solutions]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\calibre]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\swearware]
[HKLM\Software\zbshareware]
ShortcutFix
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore