Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.8.20.122 Par Nicolas Coolman (2015/08/20)
~ Démarré par Reda (Administrator) (2015/08/22 18:03:08)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\Reda\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\Reda\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 2 (Build 2600)
---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v43.0.2357.134
MSIE: Internet Explorer v8.0.6001.18702
---\\ Informations sur les produits Windows (2) - 5s
Windows Automatic Updates : KO
Windows Genuine Advantage : KO
---\\ Logiciels d'optimisation (1) - 0s
CCleaner v4.16
---\\ Surveillance de Logiciels (2) - 0s
Adobe Flash Player 16 NPAPI
Adobe Reader XI
---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 490.996 MB (41% free)
~ System Restore: Désactivé (Disabled)
~ System drive C: has 4 GB free of 20 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: EL-924CB949FACF
~ User Name: Reda
~ Logged in as Administrator
---\\ Enumération des unités disques (2) - 6s
~ Drive C: has 4 GB free of 20 GB (System)
~ Drive D: has 7 GB free of 18 GB
---\\ Etat du Centre de Sécurité Windows (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (21) - 1s
[MD5.4C33E5B9A6197B6ED215F6CFBA0A2DAA] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.F5402CD47B7389DDC21F92119A906EEE] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [914944]
[MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376]
---\\ Processus lancés (16) - 2s
[MD5.212017B460C64D9B566B604FA5444B21] - (...) -- C:\Program Files\Winamp\winampa.exe [1221632] [PID.164]
[MD5.BE8206CB0F57C3A912D55FA07576F040] - (...) -- C:\Program Files\win\msn.exe [1475072] [PID.176]
[MD5.D70A947A60276F31ED74AFABDAE8E5F5] - (.CANON INC. - Canon Printer Status Window Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe [298152] [PID.192]
[MD5.BD51AF0746ED143278FA02743D63EC87] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3935824] [PID.212]
[MD5.1A9EF35FC5C6BF42962AE54BC581E652] - (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe [2011984] [PID.460]
[MD5.682AC1D1FDF8D709A08151AC406750CC] - (.Aztec Media Inc - SmdmF Service.) -- C:\Program Files\Assets Manager\smdmf\SmdmFService.exe [3570704] [PID.1788] =>PUP.Optional.SystemK
[MD5.E04F40AF7AA559894CD472F25C0824EE] - (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe [163840] [PID.2580]
[MD5.264FCCE97154C68D114FD67BA2012858] - (.CANON INC. - Canon Printer Status Window.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNABHSWK.EXE [1470032] [PID.2892]
[MD5.018FF0107057C6DE07C2C50DC0CA30F4] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [343576] [PID.3628]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.4136]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5776]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5100]
[MD5.A8D454B32E6FCD043033735AC1F158C0] - (.Nullsoft - Winamp.) -- C:\Program Files\Winamp\winamp.exe [1121792] [PID.5544]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5652]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.7248]
[MD5.63E20985B61368A6172D93D0245DC9F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Reda\Mes documents\Downloads\ZHPDiag3.exe [1895424] [PID.9464]
---\\ Google Chrome, Démarrage,Recherche,Extensions (10) - 1s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gjngjhikmffiafannjcjkdediacimkmk] RadioRage =>PUP.Optional.MindSpark
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [mppnoffgpafgpgbaigljliadgbnhljfl] Ask Search
G2 - GCE: Preference [User Data\Default] [nafaimnnclfjfedmmabolbppcngeolgf] iLivid =>PUP.Optional.Bandoo
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (7) - 1s
P2 - EXT FILE: (...) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\searchplugins\default-search.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
P2 - EXT: (. - Mozilla Firefox Hotfixer.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon
P2 - EXT: (. - Supreme Finder.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a}
P2 - EXT: (. - Site Advisor.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{6d0f26ba-45b8-4871-9c07-43ab341d5b73}
P2 - EXT: (.DocWrap Class - DocWrap Class.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{BF3253CF-E5DD-BCBE-D7CA-CB42297AAD04}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_228.dll
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (10) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (7) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (32)
---\\ Browser Helper Object de navigateur (BHO) (1) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
---\\ Applications lancées au démarrage du système (28) - 2s
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\ime\imjp8_1\imjpmig.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinampAgent] . (...) -- C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [apo5] . (...) -- C:\Program Files\win\msn.exe
O4 - HKLM\..\Run: [CNAP3 Launcher] . (.CANON INC. - Canon Printer Status Window Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [Ufkmedia] . (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe
O4 - HKCU\..\Run: [Elxltion] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\System32\regsvr32.exe
O4 - HKCU\..\Run: [Intdsoft] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\system32\regsvr32.exe
O4 - HKLM\..\policies\Explorer\Run: [625727453] . (.Microsoft Corp. - Microsoft Security.) -- C:\Documents and Settings\All Users\msvlnomul.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Ufkmedia] . (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Elxltion] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\System32\regsvr32.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Intdsoft] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\system32\regsvr32.exe
---\\ Modification Domaine/Adresses DNS (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
---\\ Liste des services NT non Microsoft et non désactivés (3) - 1s
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (.Aztec Media Inc - SmdmFConfiguration.) - C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SmdmF Service (SmdmFService) . (.Aztec Media Inc - SmdmF Service.) - C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK
---\\ Tâches planifiées en automatique (3) - 2s
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
---\\ Logiciels installés (20) - 8s
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: C-Media WDM Audio Driver - (...) [HKLM] -- C-Media Audio Driver
O42 - Logiciel: Programme de désinstallation Canon LBP6030 6040 6018L - (.Canon Inc..) [HKLM] -- Canon LBP6030 6040 6018L
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: GreenBrowser - (.MoreQuick.com.) [HKLM] -- GreenBrowser_is1
O42 - Logiciel: iCare Data Recovery 5.1 - (.iCare Software.) [HKLM] -- iCare Data Recovery_is1
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: MP3 To Ringtone Gold 8.7 - (.AnMing.) [HKLM] -- MP3 To Ringtone Gold_is1
O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM] -- Settings Manager
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Winamp (remove only) - (...) [HKLM] -- Winamp
O42 - Logiciel: WinRAR 5.11 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Reader XI (11.0.08) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent
O42 - Logiciel: Winamp Packages - (...) [HKCU] -- Winamp Packages
---\\ HKCU & HKLM Software Keys (61) - 8s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Baidu
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Canon
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Dropbox
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\iCare
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\iTinySoft
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nullsoft
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\SiteSee
HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\7633123CA7DFD46E21784D533246A24E =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Abaq
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Elxltion
HKCU\SOFTWARE\FileHippo
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\iCarePro
HKCU\SOFTWARE\iCare_Vesion
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\SecuredDownload
HKCU\SOFTWARE\Sensaura
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Contenu des dossiers Programmes (95) - 7s
O43 - CFD: 2014/08/19 17:42:13 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/05/22 12:56:53 - [] D -- C:\Program Files\AnMing
O43 - CFD: 2015/07/16 20:15:31 - [] D -- C:\Program Files\Assets Manager =>PUP.Optional.SystemK
O43 - CFD: 2015/03/13 13:04:45 - [] D -- C:\Program Files\baidu
O43 - CFD: 2015/05/12 17:34:30 - [] D -- C:\Program Files\Canon
O43 - CFD: 2014/08/20 00:52:57 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2014/08/19 16:38:13 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 2014/08/19 17:42:13 - [] D -- C:\Program Files\Fichiers communs
O43 - CFD: 2014/08/19 23:25:03 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/03/18 21:46:07 - [] D -- C:\Program Files\GreenBrowser
O43 - CFD: 2015/08/14 17:43:11 - [] D -- C:\Program Files\iCare Data Recovery
O43 - CFD: 2014/08/24 16:27:59 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/08/15 15:52:30 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2014/08/19 16:37:56 - [] D -- C:\Program Files\Messenger
O43 - CFD: 2014/08/19 16:45:45 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 2014/08/19 16:40:49 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2015/08/16 16:33:58 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2014/08/19 16:33:01 - [] D -- C:\Program Files\MSN
O43 - CFD: 2014/08/19 16:37:41 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 2014/08/19 16:41:07 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 2014/08/19 16:38:00 - [] D -- C:\Program Files\Online Services
O43 - CFD: 2014/08/19 16:41:02 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 2014/08/19 16:43:53 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 2014/08/20 00:17:05 - [] D -- C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager
O43 - CFD: 2014/08/19 17:23:27 - [0] D -- C:\Program Files\SiteLookup =>PUP.Optional.SiteLookup
O43 - CFD: 2014/08/19 16:52:08 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/08/25 05:11:36 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2014/12/09 17:37:20 - [] SHD -- C:\Program Files\win
O43 - CFD: 2015/05/19 13:54:02 - [] D -- C:\Program Files\Winamp
O43 - CFD: 2014/08/19 16:45:20 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2014/08/19 16:34:14 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2014/08/19 16:43:57 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2014/08/19 16:45:46 - [] D -- C:\Program Files\xerox
O43 - CFD: 2014/08/19 16:38:22 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2014/08/20 00:52:56 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 2014/08/19 19:25:46 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2014/08/19 23:25:28 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 2015/03/18 21:45:59 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GreenBrowser
O43 - CFD: 2014/08/21 18:12:22 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iCare Data Recovery
O43 - CFD: 2014/08/23 17:07:50 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager
O43 - CFD: 2014/08/19 16:38:23 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 2014/08/23 16:17:55 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MP3 To Ringtone Gold
O43 - CFD: 2014/08/19 16:45:26 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 2014/08/25 05:12:07 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 2014/08/19 17:41:14 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 2014/08/26 17:46:50 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 2015/03/13 13:05:11 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu
O43 - CFD: 2014/08/19 17:25:05 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 2015/08/22 02:07:51 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 2014/08/19 17:19:42 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 2015/08/22 17:08:40 - [] D -- C:\Documents and Settings\All Users\Application Data\smdmf =>PUP.Optional.SystemK
O43 - CFD: 2014/08/19 17:42:32 - [] D -- C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 2014/08/19 16:52:15 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 2014/08/19 16:41:00 - [] D -- C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 2014/08/19 19:26:22 - [] D -- C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 2014/08/19 16:41:06 - [] D -- C:\Program Files\Fichiers communs\Services
O43 - CFD: 2014/08/19 19:26:19 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 2014/08/19 16:39:54 - [] D -- C:\Program Files\Fichiers communs\System
O43 - CFD: 2014/08/20 00:18:31 - [] D -- C:\Documents and Settings\Reda\Application Data\0F1L1I1P0H1L1E1E1F
O43 - CFD: 2015/08/22 02:29:46 - [] D -- C:\Documents and Settings\Reda\Application Data\Adobe
O43 - CFD: 2015/08/22 02:29:51 - [] D -- C:\Documents and Settings\Reda\Application Data\Baidu
O43 - CFD: 2015/08/22 02:30:47 - [] D -- C:\Documents and Settings\Reda\Application Data\DMCache
O43 - CFD: 2014/08/20 11:25:07 - [] D -- C:\Documents and Settings\Reda\Application Data\Dropbox
O43 - CFD: 2015/03/26 20:45:15 - [] D -- C:\Documents and Settings\Reda\Application Data\dvdcss
O43 - CFD: 2014/08/20 00:17:07 - [] D -- C:\Documents and Settings\Reda\Application Data\FirefoxToolbar
O43 - CFD: 2014/08/19 16:52:10 - [] D -- C:\Documents and Settings\Reda\Application Data\Identities
O43 - CFD: 2015/08/22 17:05:56 - [] D -- C:\Documents and Settings\Reda\Application Data\IDM
O43 - CFD: 2014/08/19 17:13:19 - [] D -- C:\Documents and Settings\Reda\Application Data\Macromedia
O43 - CFD: 2015/08/22 02:36:01 - [] SD -- C:\Documents and Settings\Reda\Application Data\Microsoft
O43 - CFD: 2015/08/22 02:36:52 - [] D -- C:\Documents and Settings\Reda\Application Data\Mozilla
O43 - CFD: 2015/08/14 14:02:58 - [] D -- C:\Documents and Settings\Reda\Application Data\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2014/08/19 17:23:22 - [0] D -- C:\Documents and Settings\Reda\Application Data\SimilarAddon =>PUP.Optional.SimilarAddon
O43 - CFD: 2015/01/30 14:27:40 - [0] D -- C:\Documents and Settings\Reda\Application Data\TP
O43 - CFD: 2015/08/22 17:58:56 - [] D -- C:\Documents and Settings\Reda\Application Data\uTorrent
O43 - CFD: 2015/04/24 19:35:08 - [] D -- C:\Documents and Settings\Reda\Application Data\vlc
O43 - CFD: 2014/08/19 17:26:37 - [] D -- C:\Documents and Settings\Reda\Application Data\WinRAR
O43 - CFD: 2015/08/22 18:03:30 - [] D -- C:\Documents and Settings\Reda\Application Data\ZHP
O43 - CFD: 2015/03/13 13:43:03 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Adobe
O43 - CFD: 2015/04/01 22:30:40 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Baidu
O43 - CFD: 2015/08/22 02:10:26 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Elxltion
O43 - CFD: 2015/08/22 14:36:01 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Google
O43 - CFD: 2014/08/19 17:29:05 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Identities
O43 - CFD: 2015/08/22 14:36:05 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Microsoft
O43 - CFD: 2015/08/22 14:36:06 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\MiniService
O43 - CFD: 2015/08/22 14:36:08 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Mozilla
O43 - CFD: 2015/03/13 13:04:43 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Temp
O43 - CFD: 2015/08/22 02:11:21 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia
O43 - CFD: 2014/08/19 16:52:12 - [] RD -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2015/08/15 15:52:45 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Accessories
O43 - CFD: 2015/08/22 16:09:40 - [] RD -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2014/08/23 17:07:50 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Internet Download Manager
O43 - CFD: 2014/08/22 03:43:32 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Winamp
O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\WinRAR
---\\ Liste des pilotes du système (33) - 4s
O58 - SDL:2001/10/02 20:17:52 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528]
O58 - SDL:2006/06/26 12:15:38 A . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\System32\drivers\cmuda.sys [1372992]
O58 - SDL:2001/10/02 20:17:52 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776]
O58 - SDL:2004/08/04 01:46:08 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256]
O58 - SDL:2004/08/04 01:46:20 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496]
O58 - SDL:2001/10/02 20:17:30 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888]
O58 - SDL:2001/08/17 22:20:18 A . (.Yamaha Corp. - Yamaha PCI(x) Audio System (WDM)[1013].) -- C:\WINDOWS\System32\drivers\ds1wdm.sys [334208]
O58 - SDL:2001/08/17 22:13:08 A . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\System32\drivers\fetnd5.sys [27165]
O58 - SDL:2014/06/09 10:40:58 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [121440]
O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032]
O58 - SDL:2001/10/02 20:18:56 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792]
O58 - SDL:2005/03/12 00:28:09 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [20640]
O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032]
O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032]
O58 - SDL:2004/08/04 00:29:52 A . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [166912]
O58 - SDL:2004/07/17 12:36:38 A . (...) -- C:\WINDOWS\System32\drivers\secdrv.sys [27440]
O58 - SDL:2001/10/02 20:17:52 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376]
O58 - SDL:2001/10/02 20:17:52 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112]
O58 - SDL:2001/10/02 20:17:16 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037]
O58 - SDL:2001/10/02 20:17:26 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2001/10/02 20:18:02 A . (...) -- C:\WINDOWS\System32\himem.sys [4912]
O58 - SDL:2001/10/02 20:18:12 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2004/08/03 23:46:56 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2004/08/03 23:45:26 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000]
O58 - SDL:2004/08/03 23:45:16 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2004/08/03 23:45:12 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2004/08/03 23:45:16 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2004/08/03 23:45:14 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]
---\\ Associations Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Menu de démarrage Internet (10) - 1s
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\baidu\Spark\Spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
---\\ Recherche d'infection sur les navigateurs (7) - 8s
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("browser.search.order.1", "default-search.net"); =>PUP.Optional.SearchNet
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("browser.search.selectedEngine", "default-search.net"); =>PUP.Optional.SearchNet
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("extensions.enabledAddons", "veggy%40veggyAddon.com:1.0416509,%7B6d0f26ba-45b8-4871-9c07-43ab341d5b73%7D:0.2,%7B4fec0d7e[...] =>PUP.Optional.VeggyAddon
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"veggy@veggyAddon.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Reda\\\\Appl[...] =>PUP.Optional.VeggyAddon
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("keyword.URL", "http://www.default-search.net/search?sid=492&aid=279&itype=n&ver=13467&tm=444&src=ds&p="); =>PUP.Optional.SearchNet
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com/
O69 - SBI: SearchScopes [HKCU] {8044AFBB-DA06-4362-A3E2-9993AC06C588} - (Google) - http://www.google.com/
---\\ Enumère les services démarrés par Svchost (39) - 2s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [111616]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [243200]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: NWCWorkstation (NWCWorkstation) . (.Microsoft Corporation - Client Service for Netware.) -- C:\WINDOWS\system32\nwwks.dll [64000]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [246272]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [359936]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685056]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38912]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Fournisseur de services de périphérique mul.) -- C:\WINDOWS\system32\mspmsnsv.dll [52736]
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (5) - 13s
SS - Demand [2014/11/19 22:02:55] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - System [2015/01/28 09:11:53] [ 38288] F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (.Aztec Media Inc.) - C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK
SS - Auto [2014/08/19 23:18:40] [ 116648] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2014/08/19 23:18:40] [ 116648] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Auto [2015/01/28 09:11:53] [ 3570704] SmdmF Service (SmdmFService) . (.Aztec Media Inc.) - C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK
---\\ Scan Additionnel (18) - 0s
C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK
C:\Documents and Settings\Reda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk
C:\Documents and Settings\Reda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon
HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A91196222 =>PUP.Optional.SystemK
C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK
HKLM\SYSTEM\CurrentControlSet\Services\SmdmFService =>PUP.Optional.SystemK
HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\7633123CA7DFD46E21784D533246A24E =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
C:\Program Files\Assets Manager =>PUP.Optional.SystemK
C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager
C:\Program Files\SiteLookup =>PUP.Optional.SiteLookup
C:\Documents and Settings\All Users\Application Data\smdmf =>PUP.Optional.SystemK
C:\Documents and Settings\Reda\Application Data\OpenCandy =>PUP.Optional.OpenCandy
C:\Documents and Settings\Reda\Application Data\SimilarAddon =>PUP.Optional.SimilarAddon
---\\ Récapitulatif des éléments trouvées sur votre station (12) - 0s
http://www.nicolascoolman.fr/pup-systemk/ =>PUP.Optional.SystemK
http://www.nicolascoolman.fr/pup-mindspark/ =>PUP.Optional.MindSpark
http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/blog =>PUP.Optional.VeggyAddon
http://www.nicolascoolman.fr/blog =>PUP.Optional.SettingsManager
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/pup-linkeysearch/ =>PUP.Optional.LinkeySearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon
http://www.nicolascoolman.fr/hijacker-searchnet/ =>PUP.Optional.SearchNet
~ End of the scan, 7362 items in 107 seconds (481)(0)()
~ Démarré par Reda (Administrator) (2015/08/22 18:03:08)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\Reda\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\Reda\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 2 (Build 2600)
---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v43.0.2357.134
MSIE: Internet Explorer v8.0.6001.18702
---\\ Informations sur les produits Windows (2) - 5s
Windows Automatic Updates : KO
Windows Genuine Advantage : KO
---\\ Logiciels d'optimisation (1) - 0s
CCleaner v4.16
---\\ Surveillance de Logiciels (2) - 0s
Adobe Flash Player 16 NPAPI
Adobe Reader XI
---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 490.996 MB (41% free)
~ System Restore: Désactivé (Disabled)
~ System drive C: has 4 GB free of 20 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: EL-924CB949FACF
~ User Name: Reda
~ Logged in as Administrator
---\\ Enumération des unités disques (2) - 6s
~ Drive C: has 4 GB free of 20 GB (System)
~ Drive D: has 7 GB free of 18 GB
---\\ Etat du Centre de Sécurité Windows (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (21) - 1s
[MD5.4C33E5B9A6197B6ED215F6CFBA0A2DAA] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.F5402CD47B7389DDC21F92119A906EEE] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [914944]
[MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376]
---\\ Processus lancés (16) - 2s
[MD5.212017B460C64D9B566B604FA5444B21] - (...) -- C:\Program Files\Winamp\winampa.exe [1221632] [PID.164]
[MD5.BE8206CB0F57C3A912D55FA07576F040] - (...) -- C:\Program Files\win\msn.exe [1475072] [PID.176]
[MD5.D70A947A60276F31ED74AFABDAE8E5F5] - (.CANON INC. - Canon Printer Status Window Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe [298152] [PID.192]
[MD5.BD51AF0746ED143278FA02743D63EC87] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3935824] [PID.212]
[MD5.1A9EF35FC5C6BF42962AE54BC581E652] - (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe [2011984] [PID.460]
[MD5.682AC1D1FDF8D709A08151AC406750CC] - (.Aztec Media Inc - SmdmF Service.) -- C:\Program Files\Assets Manager\smdmf\SmdmFService.exe [3570704] [PID.1788] =>PUP.Optional.SystemK
[MD5.E04F40AF7AA559894CD472F25C0824EE] - (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe [163840] [PID.2580]
[MD5.264FCCE97154C68D114FD67BA2012858] - (.CANON INC. - Canon Printer Status Window.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNABHSWK.EXE [1470032] [PID.2892]
[MD5.018FF0107057C6DE07C2C50DC0CA30F4] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [343576] [PID.3628]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.4136]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5776]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5100]
[MD5.A8D454B32E6FCD043033735AC1F158C0] - (.Nullsoft - Winamp.) -- C:\Program Files\Winamp\winamp.exe [1121792] [PID.5544]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5652]
[MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.7248]
[MD5.63E20985B61368A6172D93D0245DC9F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Reda\Mes documents\Downloads\ZHPDiag3.exe [1895424] [PID.9464]
---\\ Google Chrome, Démarrage,Recherche,Extensions (10) - 1s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gjngjhikmffiafannjcjkdediacimkmk] RadioRage =>PUP.Optional.MindSpark
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [mppnoffgpafgpgbaigljliadgbnhljfl] Ask Search
G2 - GCE: Preference [User Data\Default] [nafaimnnclfjfedmmabolbppcngeolgf] iLivid =>PUP.Optional.Bandoo
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (7) - 1s
P2 - EXT FILE: (...) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\searchplugins\default-search.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
P2 - EXT: (. - Mozilla Firefox Hotfixer.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon
P2 - EXT: (. - Supreme Finder.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a}
P2 - EXT: (. - Site Advisor.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{6d0f26ba-45b8-4871-9c07-43ab341d5b73}
P2 - EXT: (.DocWrap Class - DocWrap Class.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{BF3253CF-E5DD-BCBE-D7CA-CB42297AAD04}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_228.dll
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (10) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (7) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (32)
---\\ Browser Helper Object de navigateur (BHO) (1) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
---\\ Applications lancées au démarrage du système (28) - 2s
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\ime\imjp8_1\imjpmig.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinampAgent] . (...) -- C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [apo5] . (...) -- C:\Program Files\win\msn.exe
O4 - HKLM\..\Run: [CNAP3 Launcher] . (.CANON INC. - Canon Printer Status Window Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [Ufkmedia] . (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe
O4 - HKCU\..\Run: [Elxltion] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\System32\regsvr32.exe
O4 - HKCU\..\Run: [Intdsoft] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\system32\regsvr32.exe
O4 - HKLM\..\policies\Explorer\Run: [625727453] . (.Microsoft Corp. - Microsoft Security.) -- C:\Documents and Settings\All Users\msvlnomul.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Ufkmedia] . (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Elxltion] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\System32\regsvr32.exe
O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Intdsoft] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\system32\regsvr32.exe
---\\ Modification Domaine/Adresses DNS (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
---\\ Liste des services NT non Microsoft et non désactivés (3) - 1s
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (.Aztec Media Inc - SmdmFConfiguration.) - C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SmdmF Service (SmdmFService) . (.Aztec Media Inc - SmdmF Service.) - C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK
---\\ Tâches planifiées en automatique (3) - 2s
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
---\\ Logiciels installés (20) - 8s
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: C-Media WDM Audio Driver - (...) [HKLM] -- C-Media Audio Driver
O42 - Logiciel: Programme de désinstallation Canon LBP6030 6040 6018L - (.Canon Inc..) [HKLM] -- Canon LBP6030 6040 6018L
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: GreenBrowser - (.MoreQuick.com.) [HKLM] -- GreenBrowser_is1
O42 - Logiciel: iCare Data Recovery 5.1 - (.iCare Software.) [HKLM] -- iCare Data Recovery_is1
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: MP3 To Ringtone Gold 8.7 - (.AnMing.) [HKLM] -- MP3 To Ringtone Gold_is1
O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM] -- Settings Manager
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Winamp (remove only) - (...) [HKLM] -- Winamp
O42 - Logiciel: WinRAR 5.11 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Reader XI (11.0.08) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent
O42 - Logiciel: Winamp Packages - (...) [HKCU] -- Winamp Packages
---\\ HKCU & HKLM Software Keys (61) - 8s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Baidu
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Canon
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Dropbox
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\iCare
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\iTinySoft
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nullsoft
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\SiteSee
HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\7633123CA7DFD46E21784D533246A24E =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Abaq
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Elxltion
HKCU\SOFTWARE\FileHippo
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\iCarePro
HKCU\SOFTWARE\iCare_Vesion
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\SecuredDownload
HKCU\SOFTWARE\Sensaura
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Contenu des dossiers Programmes (95) - 7s
O43 - CFD: 2014/08/19 17:42:13 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/05/22 12:56:53 - [] D -- C:\Program Files\AnMing
O43 - CFD: 2015/07/16 20:15:31 - [] D -- C:\Program Files\Assets Manager =>PUP.Optional.SystemK
O43 - CFD: 2015/03/13 13:04:45 - [] D -- C:\Program Files\baidu
O43 - CFD: 2015/05/12 17:34:30 - [] D -- C:\Program Files\Canon
O43 - CFD: 2014/08/20 00:52:57 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2014/08/19 16:38:13 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 2014/08/19 17:42:13 - [] D -- C:\Program Files\Fichiers communs
O43 - CFD: 2014/08/19 23:25:03 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/03/18 21:46:07 - [] D -- C:\Program Files\GreenBrowser
O43 - CFD: 2015/08/14 17:43:11 - [] D -- C:\Program Files\iCare Data Recovery
O43 - CFD: 2014/08/24 16:27:59 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/08/15 15:52:30 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2014/08/19 16:37:56 - [] D -- C:\Program Files\Messenger
O43 - CFD: 2014/08/19 16:45:45 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 2014/08/19 16:40:49 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2015/08/16 16:33:58 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2014/08/19 16:33:01 - [] D -- C:\Program Files\MSN
O43 - CFD: 2014/08/19 16:37:41 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 2014/08/19 16:41:07 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 2014/08/19 16:38:00 - [] D -- C:\Program Files\Online Services
O43 - CFD: 2014/08/19 16:41:02 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 2014/08/19 16:43:53 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 2014/08/20 00:17:05 - [] D -- C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager
O43 - CFD: 2014/08/19 17:23:27 - [0] D -- C:\Program Files\SiteLookup =>PUP.Optional.SiteLookup
O43 - CFD: 2014/08/19 16:52:08 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/08/25 05:11:36 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2014/12/09 17:37:20 - [] SHD -- C:\Program Files\win
O43 - CFD: 2015/05/19 13:54:02 - [] D -- C:\Program Files\Winamp
O43 - CFD: 2014/08/19 16:45:20 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2014/08/19 16:34:14 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2014/08/19 16:43:57 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2014/08/19 16:45:46 - [] D -- C:\Program Files\xerox
O43 - CFD: 2014/08/19 16:38:22 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2014/08/20 00:52:56 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 2014/08/19 19:25:46 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2014/08/19 23:25:28 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 2015/03/18 21:45:59 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GreenBrowser
O43 - CFD: 2014/08/21 18:12:22 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iCare Data Recovery
O43 - CFD: 2014/08/23 17:07:50 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager
O43 - CFD: 2014/08/19 16:38:23 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 2014/08/23 16:17:55 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MP3 To Ringtone Gold
O43 - CFD: 2014/08/19 16:45:26 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 2014/08/25 05:12:07 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 2014/08/19 17:41:14 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 2014/08/26 17:46:50 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 2015/03/13 13:05:11 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu
O43 - CFD: 2014/08/19 17:25:05 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 2015/08/22 02:07:51 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 2014/08/19 17:19:42 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 2015/08/22 17:08:40 - [] D -- C:\Documents and Settings\All Users\Application Data\smdmf =>PUP.Optional.SystemK
O43 - CFD: 2014/08/19 17:42:32 - [] D -- C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 2014/08/19 16:52:15 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 2014/08/19 16:41:00 - [] D -- C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 2014/08/19 19:26:22 - [] D -- C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 2014/08/19 16:41:06 - [] D -- C:\Program Files\Fichiers communs\Services
O43 - CFD: 2014/08/19 19:26:19 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 2014/08/19 16:39:54 - [] D -- C:\Program Files\Fichiers communs\System
O43 - CFD: 2014/08/20 00:18:31 - [] D -- C:\Documents and Settings\Reda\Application Data\0F1L1I1P0H1L1E1E1F
O43 - CFD: 2015/08/22 02:29:46 - [] D -- C:\Documents and Settings\Reda\Application Data\Adobe
O43 - CFD: 2015/08/22 02:29:51 - [] D -- C:\Documents and Settings\Reda\Application Data\Baidu
O43 - CFD: 2015/08/22 02:30:47 - [] D -- C:\Documents and Settings\Reda\Application Data\DMCache
O43 - CFD: 2014/08/20 11:25:07 - [] D -- C:\Documents and Settings\Reda\Application Data\Dropbox
O43 - CFD: 2015/03/26 20:45:15 - [] D -- C:\Documents and Settings\Reda\Application Data\dvdcss
O43 - CFD: 2014/08/20 00:17:07 - [] D -- C:\Documents and Settings\Reda\Application Data\FirefoxToolbar
O43 - CFD: 2014/08/19 16:52:10 - [] D -- C:\Documents and Settings\Reda\Application Data\Identities
O43 - CFD: 2015/08/22 17:05:56 - [] D -- C:\Documents and Settings\Reda\Application Data\IDM
O43 - CFD: 2014/08/19 17:13:19 - [] D -- C:\Documents and Settings\Reda\Application Data\Macromedia
O43 - CFD: 2015/08/22 02:36:01 - [] SD -- C:\Documents and Settings\Reda\Application Data\Microsoft
O43 - CFD: 2015/08/22 02:36:52 - [] D -- C:\Documents and Settings\Reda\Application Data\Mozilla
O43 - CFD: 2015/08/14 14:02:58 - [] D -- C:\Documents and Settings\Reda\Application Data\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2014/08/19 17:23:22 - [0] D -- C:\Documents and Settings\Reda\Application Data\SimilarAddon =>PUP.Optional.SimilarAddon
O43 - CFD: 2015/01/30 14:27:40 - [0] D -- C:\Documents and Settings\Reda\Application Data\TP
O43 - CFD: 2015/08/22 17:58:56 - [] D -- C:\Documents and Settings\Reda\Application Data\uTorrent
O43 - CFD: 2015/04/24 19:35:08 - [] D -- C:\Documents and Settings\Reda\Application Data\vlc
O43 - CFD: 2014/08/19 17:26:37 - [] D -- C:\Documents and Settings\Reda\Application Data\WinRAR
O43 - CFD: 2015/08/22 18:03:30 - [] D -- C:\Documents and Settings\Reda\Application Data\ZHP
O43 - CFD: 2015/03/13 13:43:03 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Adobe
O43 - CFD: 2015/04/01 22:30:40 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Baidu
O43 - CFD: 2015/08/22 02:10:26 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Elxltion
O43 - CFD: 2015/08/22 14:36:01 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Google
O43 - CFD: 2014/08/19 17:29:05 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Identities
O43 - CFD: 2015/08/22 14:36:05 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Microsoft
O43 - CFD: 2015/08/22 14:36:06 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\MiniService
O43 - CFD: 2015/08/22 14:36:08 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Mozilla
O43 - CFD: 2015/03/13 13:04:43 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Temp
O43 - CFD: 2015/08/22 02:11:21 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia
O43 - CFD: 2014/08/19 16:52:12 - [] RD -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2015/08/15 15:52:45 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Accessories
O43 - CFD: 2015/08/22 16:09:40 - [] RD -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2014/08/23 17:07:50 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Internet Download Manager
O43 - CFD: 2014/08/22 03:43:32 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Winamp
O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\WinRAR
---\\ Liste des pilotes du système (33) - 4s
O58 - SDL:2001/10/02 20:17:52 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528]
O58 - SDL:2006/06/26 12:15:38 A . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\System32\drivers\cmuda.sys [1372992]
O58 - SDL:2001/10/02 20:17:52 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776]
O58 - SDL:2004/08/04 01:46:08 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256]
O58 - SDL:2004/08/04 01:46:20 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496]
O58 - SDL:2001/10/02 20:17:30 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888]
O58 - SDL:2001/08/17 22:20:18 A . (.Yamaha Corp. - Yamaha PCI(x) Audio System (WDM)[1013].) -- C:\WINDOWS\System32\drivers\ds1wdm.sys [334208]
O58 - SDL:2001/08/17 22:13:08 A . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\System32\drivers\fetnd5.sys [27165]
O58 - SDL:2014/06/09 10:40:58 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [121440]
O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032]
O58 - SDL:2001/10/02 20:18:56 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792]
O58 - SDL:2005/03/12 00:28:09 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [20640]
O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032]
O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032]
O58 - SDL:2004/08/04 00:29:52 A . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [166912]
O58 - SDL:2004/07/17 12:36:38 A . (...) -- C:\WINDOWS\System32\drivers\secdrv.sys [27440]
O58 - SDL:2001/10/02 20:17:52 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376]
O58 - SDL:2001/10/02 20:17:52 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112]
O58 - SDL:2001/10/02 20:17:16 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037]
O58 - SDL:2001/10/02 20:17:26 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2001/10/02 20:18:02 A . (...) -- C:\WINDOWS\System32\himem.sys [4912]
O58 - SDL:2001/10/02 20:18:12 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2004/08/03 23:46:56 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2004/08/03 23:45:26 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000]
O58 - SDL:2004/08/03 23:45:16 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2004/08/03 23:45:12 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2004/08/03 23:45:16 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2004/08/03 23:45:14 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]
---\\ Associations Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Menu de démarrage Internet (10) - 1s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Recherche d'infection sur les navigateurs (7) - 8s
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("browser.search.order.1", "default-search.net"); =>PUP.Optional.SearchNet
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("browser.search.selectedEngine", "default-search.net"); =>PUP.Optional.SearchNet
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("extensions.enabledAddons", "veggy%40veggyAddon.com:1.0416509,%7B6d0f26ba-45b8-4871-9c07-43ab341d5b73%7D:0.2,%7B4fec0d7e[...] =>PUP.Optional.VeggyAddon
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"veggy@veggyAddon.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Reda\\\\Appl[...] =>PUP.Optional.VeggyAddon
O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("keyword.URL", "http://www.default-search.net/search?sid=492&aid=279&itype=n&ver=13467&tm=444&src=ds&p="); =>PUP.Optional.SearchNet
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com/
O69 - SBI: SearchScopes [HKCU] {8044AFBB-DA06-4362-A3E2-9993AC06C588} - (Google) - http://www.google.com/
---\\ Enumère les services démarrés par Svchost (39) - 2s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [111616]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [243200]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: NWCWorkstation (NWCWorkstation) . (.Microsoft Corporation - Client Service for Netware.) -- C:\WINDOWS\system32\nwwks.dll [64000]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [246272]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [359936]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685056]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38912]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Fournisseur de services de périphérique mul.) -- C:\WINDOWS\system32\mspmsnsv.dll [52736]
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (5) - 13s
SS - Demand [2014/11/19 22:02:55] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - System [2015/01/28 09:11:53] [ 38288] F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (.Aztec Media Inc.) - C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK
SS - Auto [2014/08/19 23:18:40] [ 116648] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2014/08/19 23:18:40] [ 116648] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Auto [2015/01/28 09:11:53] [ 3570704] SmdmF Service (SmdmFService) . (.Aztec Media Inc.) - C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK
---\\ Scan Additionnel (18) - 0s
C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK
C:\Documents and Settings\Reda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk
C:\Documents and Settings\Reda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon
HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A91196222 =>PUP.Optional.SystemK
C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK
HKLM\SYSTEM\CurrentControlSet\Services\SmdmFService =>PUP.Optional.SystemK
HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\7633123CA7DFD46E21784D533246A24E =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
C:\Program Files\Assets Manager =>PUP.Optional.SystemK
C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager
C:\Program Files\SiteLookup =>PUP.Optional.SiteLookup
C:\Documents and Settings\All Users\Application Data\smdmf =>PUP.Optional.SystemK
C:\Documents and Settings\Reda\Application Data\OpenCandy =>PUP.Optional.OpenCandy
C:\Documents and Settings\Reda\Application Data\SimilarAddon =>PUP.Optional.SimilarAddon
---\\ Récapitulatif des éléments trouvées sur votre station (12) - 0s
http://www.nicolascoolman.fr/pup-systemk/ =>PUP.Optional.SystemK
http://www.nicolascoolman.fr/pup-mindspark/ =>PUP.Optional.MindSpark
http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/blog =>PUP.Optional.VeggyAddon
http://www.nicolascoolman.fr/blog =>PUP.Optional.SettingsManager
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/pup-linkeysearch/ =>PUP.Optional.LinkeySearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon
http://www.nicolascoolman.fr/hijacker-searchnet/ =>PUP.Optional.SearchNet
~ End of the scan, 7362 items in 107 seconds (481)(0)()