~ ZHPDiag v2015.8.20.122 Par Nicolas Coolman (2015/08/20) ~ Démarré par Reda (Administrator) (2015/08/22 18:03:08) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Documents and Settings\Reda\Bureau\ZHPDiag.txt ~ Rapport: C:\Documents and Settings\Reda\Application Data\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ Démarrage du système: Normal (Normal boot) Windows XP, 32-bit Service Pack 2 (Build 2600) ---\\ Navigateurs Internet (2) - 0s GCIE: Google Chrome v43.0.2357.134 MSIE: Internet Explorer v8.0.6001.18702 ---\\ Informations sur les produits Windows (2) - 5s Windows Automatic Updates : KO Windows Genuine Advantage : KO ---\\ Logiciels d'optimisation (1) - 0s CCleaner v4.16 ---\\ Surveillance de Logiciels (2) - 0s Adobe Flash Player 16 NPAPI Adobe Reader XI ---\\ Informations sur le système (6) - 0s ~ Operating System: x86 Family 15 Model 2 Stepping 9, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 490.996 MB (41% free) ~ System Restore: Désactivé (Disabled) ~ System drive C: has 4 GB free of 20 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: EL-924CB949FACF ~ User Name: Reda ~ Logged in as Administrator ---\\ Enumération des unités disques (2) - 6s ~ Drive C: has 4 GB free of 20 GB (System) ~ Drive D: has 7 GB free of 18 GB ---\\ Etat du Centre de Sécurité Windows (9) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Recherche particulière de fichiers génériques (21) - 1s [MD5.4C33E5B9A6197B6ED215F6CFBA0A2DAA] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1036288] [MD5.F5402CD47B7389DDC21F92119A906EEE] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792] [MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [914944] [MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [506368] [MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] [MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [95360] [MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] [MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [49536] [MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [35072] [MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54400] [MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [41856] [MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [134912] [MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [74752] [MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [451456] [MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] [MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574592] [MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384] [MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] [MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196864] [MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58496] [MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] ---\\ Processus lancés (16) - 2s [MD5.212017B460C64D9B566B604FA5444B21] - (...) -- C:\Program Files\Winamp\winampa.exe [1221632] [PID.164] [MD5.BE8206CB0F57C3A912D55FA07576F040] - (...) -- C:\Program Files\win\msn.exe [1475072] [PID.176] [MD5.D70A947A60276F31ED74AFABDAE8E5F5] - (.CANON INC. - Canon Printer Status Window Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe [298152] [PID.192] [MD5.BD51AF0746ED143278FA02743D63EC87] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3935824] [PID.212] [MD5.1A9EF35FC5C6BF42962AE54BC581E652] - (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe [2011984] [PID.460] [MD5.682AC1D1FDF8D709A08151AC406750CC] - (.Aztec Media Inc - SmdmF Service.) -- C:\Program Files\Assets Manager\smdmf\SmdmFService.exe [3570704] [PID.1788] =>PUP.Optional.SystemK [MD5.E04F40AF7AA559894CD472F25C0824EE] - (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe [163840] [PID.2580] [MD5.264FCCE97154C68D114FD67BA2012858] - (.CANON INC. - Canon Printer Status Window.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNABHSWK.EXE [1470032] [PID.2892] [MD5.018FF0107057C6DE07C2C50DC0CA30F4] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [343576] [PID.3628] [MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.4136] [MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5776] [MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5100] [MD5.A8D454B32E6FCD043033735AC1F158C0] - (.Nullsoft - Winamp.) -- C:\Program Files\Winamp\winamp.exe [1121792] [PID.5544] [MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.5652] [MD5.3BBEC4CC2A388B4C5D1EFE20EAD7D98F] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.7248] [MD5.63E20985B61368A6172D93D0245DC9F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Reda\Mes documents\Downloads\ZHPDiag3.exe [1895424] [PID.9464] ---\\ Google Chrome, Démarrage,Recherche,Extensions (10) - 1s G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gjngjhikmffiafannjcjkdediacimkmk] RadioRage =>PUP.Optional.MindSpark G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [mppnoffgpafgpgbaigljliadgbnhljfl] Ask Search G2 - GCE: Preference [User Data\Default] [nafaimnnclfjfedmmabolbppcngeolgf] iLivid =>PUP.Optional.Bandoo G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (7) - 1s P2 - EXT FILE: (...) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\searchplugins\default-search.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml P2 - EXT: (. - Mozilla Firefox Hotfixer.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon P2 - EXT: (. - Supreme Finder.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a} P2 - EXT: (. - Site Advisor.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{6d0f26ba-45b8-4871-9c07-43ab341d5b73} P2 - EXT: (.DocWrap Class - DocWrap Class.) -- C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\{BF3253CF-E5DD-BCBE-D7CA-CB42297AAD04} P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_228.dll ---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (10) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer,Proxy Management (7) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Etude du fichier hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (32) ---\\ Browser Helper Object de navigateur (BHO) (1) - 0s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll ---\\ Applications lancées au démarrage du système (28) - 2s O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\ime\imjp8_1\imjpmig.exe O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [WinampAgent] . (...) -- C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [apo5] . (...) -- C:\Program Files\win\msn.exe O4 - HKLM\..\Run: [CNAP3 Launcher] . (.CANON INC. - Canon Printer Status Window Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAP3LAK.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe O4 - HKCU\..\Run: [Ufkmedia] . (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe O4 - HKCU\..\Run: [Elxltion] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\System32\regsvr32.exe O4 - HKCU\..\Run: [Intdsoft] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\system32\regsvr32.exe O4 - HKLM\..\policies\Explorer\Run: [625727453] . (.Microsoft Corp. - Microsoft Security.) -- C:\Documents and Settings\All Users\msvlnomul.exe O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Documents and Settings\Reda\Application Data\uTorrent\uTorrent.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Ufkmedia] . (.Poltiglia Gialla - Poltiglia Gialla.) -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia\tmp31A.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Elxltion] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\System32\regsvr32.exe O4 - HKUS\S-1-5-21-1454471165-823518204-839522115-1003\..\Run: [Intdsoft] . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\WINDOWS\system32\regsvr32.exe ---\\ Modification Domaine/Adresses DNS (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 ---\\ Liste des services NT non Microsoft et non désactivés (3) - 1s O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (.Aztec Media Inc - SmdmFConfiguration.) - C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: SmdmF Service (SmdmFService) . (.Aztec Media Inc - SmdmF Service.) - C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK ---\\ Tâches planifiées en automatique (3) - 2s O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056] ---\\ Logiciels installés (20) - 8s O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI O42 - Logiciel: C-Media WDM Audio Driver - (...) [HKLM] -- C-Media Audio Driver O42 - Logiciel: Programme de désinstallation Canon LBP6030 6040 6018L - (.Canon Inc..) [HKLM] -- Canon LBP6030 6040 6018L O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: GreenBrowser - (.MoreQuick.com.) [HKLM] -- GreenBrowser_is1 O42 - Logiciel: iCare Data Recovery 5.1 - (.iCare Software.) [HKLM] -- iCare Data Recovery_is1 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager O42 - Logiciel: MP3 To Ringtone Gold 8.7 - (.AnMing.) [HKLM] -- MP3 To Ringtone Gold_is1 O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM] -- Settings Manager O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Winamp (remove only) - (...) [HKLM] -- Winamp O42 - Logiciel: WinRAR 5.11 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Adobe Reader XI (11.0.08) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent O42 - Logiciel: Winamp Packages - (...) [HKCU] -- Winamp Packages ---\\ HKCU & HKLM Software Keys (61) - 8s HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Baidu HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\Canon HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\Dropbox HKLM\SOFTWARE\Gemplus HKLM\SOFTWARE\Google HKLM\SOFTWARE\iCare HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\iTinySoft HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\Nullsoft HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\Program Groups HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\Schlumberger HKLM\SOFTWARE\Secure HKLM\SOFTWARE\SiteSee HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\Windows 3.1 Migration Status HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\Wow6432Node HKCU\SOFTWARE\7633123CA7DFD46E21784D533246A24E =>PUP.Optional.CrossRider HKCU\SOFTWARE\Abaq HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Canon HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Elxltion HKCU\SOFTWARE\FileHippo HKCU\SOFTWARE\Google HKCU\SOFTWARE\iCarePro HKCU\SOFTWARE\iCare_Vesion HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\Intel HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\SecuredDownload HKCU\SOFTWARE\Sensaura HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager HKCU\SOFTWARE\TeleCharger HKCU\SOFTWARE\Winamp HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software ---\\ Contenu des dossiers Programmes (95) - 7s O43 - CFD: 2014/08/19 17:42:13 - [] D -- C:\Program Files\Adobe O43 - CFD: 2015/05/22 12:56:53 - [] D -- C:\Program Files\AnMing O43 - CFD: 2015/07/16 20:15:31 - [] D -- C:\Program Files\Assets Manager =>PUP.Optional.SystemK O43 - CFD: 2015/03/13 13:04:45 - [] D -- C:\Program Files\baidu O43 - CFD: 2015/05/12 17:34:30 - [] D -- C:\Program Files\Canon O43 - CFD: 2014/08/20 00:52:57 - [] D -- C:\Program Files\CCleaner O43 - CFD: 2014/08/19 16:38:13 - [0] D -- C:\Program Files\ComPlus Applications O43 - CFD: 2014/08/19 17:42:13 - [] D -- C:\Program Files\Fichiers communs O43 - CFD: 2014/08/19 23:25:03 - [] D -- C:\Program Files\Google O43 - CFD: 2015/03/18 21:46:07 - [] D -- C:\Program Files\GreenBrowser O43 - CFD: 2015/08/14 17:43:11 - [] D -- C:\Program Files\iCare Data Recovery O43 - CFD: 2014/08/24 16:27:59 - [] D -- C:\Program Files\Internet Download Manager O43 - CFD: 2015/08/15 15:52:30 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 2014/08/19 16:37:56 - [] D -- C:\Program Files\Messenger O43 - CFD: 2014/08/19 16:45:45 - [] D -- C:\Program Files\microsoft frontpage O43 - CFD: 2014/08/19 16:40:49 - [] D -- C:\Program Files\Movie Maker O43 - CFD: 2015/08/16 16:33:58 - [] D -- C:\Program Files\Mozilla Firefox O43 - CFD: 2014/08/19 16:33:01 - [] D -- C:\Program Files\MSN O43 - CFD: 2014/08/19 16:37:41 - [] D -- C:\Program Files\MSN Gaming Zone O43 - CFD: 2014/08/19 16:41:07 - [] D -- C:\Program Files\NetMeeting O43 - CFD: 2014/08/19 16:38:00 - [] D -- C:\Program Files\Online Services O43 - CFD: 2014/08/19 16:41:02 - [] D -- C:\Program Files\Outlook Express O43 - CFD: 2014/08/19 16:43:53 - [] D -- C:\Program Files\Services en ligne O43 - CFD: 2014/08/20 00:17:05 - [] D -- C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager O43 - CFD: 2014/08/19 17:23:27 - [0] D -- C:\Program Files\SiteLookup =>PUP.Optional.SiteLookup O43 - CFD: 2014/08/19 16:52:08 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 2014/08/25 05:11:36 - [] D -- C:\Program Files\VideoLAN O43 - CFD: 2014/12/09 17:37:20 - [] SHD -- C:\Program Files\win O43 - CFD: 2015/05/19 13:54:02 - [] D -- C:\Program Files\Winamp O43 - CFD: 2014/08/19 16:45:20 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 2014/08/19 16:34:14 - [] D -- C:\Program Files\Windows NT O43 - CFD: 2014/08/19 16:43:57 - [0] HD -- C:\Program Files\WindowsUpdate O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Program Files\WinRAR O43 - CFD: 2014/08/19 16:45:46 - [] D -- C:\Program Files\xerox O43 - CFD: 2014/08/19 16:38:22 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires O43 - CFD: 2014/08/20 00:52:56 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner O43 - CFD: 2014/08/19 19:25:46 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage O43 - CFD: 2014/08/19 23:25:28 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome O43 - CFD: 2015/03/18 21:45:59 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GreenBrowser O43 - CFD: 2014/08/21 18:12:22 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iCare Data Recovery O43 - CFD: 2014/08/23 17:07:50 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager O43 - CFD: 2014/08/19 16:38:23 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux O43 - CFD: 2014/08/23 16:17:55 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MP3 To Ringtone Gold O43 - CFD: 2014/08/19 16:45:26 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 2014/08/25 05:12:07 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR O43 - CFD: 2014/08/19 17:41:14 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 2014/08/26 17:46:50 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software O43 - CFD: 2015/03/13 13:05:11 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu O43 - CFD: 2014/08/19 17:25:05 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM O43 - CFD: 2015/08/22 02:07:51 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 2014/08/19 17:19:42 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla O43 - CFD: 2015/08/22 17:08:40 - [] D -- C:\Documents and Settings\All Users\Application Data\smdmf =>PUP.Optional.SystemK O43 - CFD: 2014/08/19 17:42:32 - [] D -- C:\Program Files\Fichiers communs\Adobe O43 - CFD: 2014/08/19 16:52:15 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared O43 - CFD: 2014/08/19 16:41:00 - [] D -- C:\Program Files\Fichiers communs\MSSoap O43 - CFD: 2014/08/19 19:26:22 - [] D -- C:\Program Files\Fichiers communs\ODBC O43 - CFD: 2014/08/19 16:41:06 - [] D -- C:\Program Files\Fichiers communs\Services O43 - CFD: 2014/08/19 19:26:19 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines O43 - CFD: 2014/08/19 16:39:54 - [] D -- C:\Program Files\Fichiers communs\System O43 - CFD: 2014/08/20 00:18:31 - [] D -- C:\Documents and Settings\Reda\Application Data\0F1L1I1P0H1L1E1E1F O43 - CFD: 2015/08/22 02:29:46 - [] D -- C:\Documents and Settings\Reda\Application Data\Adobe O43 - CFD: 2015/08/22 02:29:51 - [] D -- C:\Documents and Settings\Reda\Application Data\Baidu O43 - CFD: 2015/08/22 02:30:47 - [] D -- C:\Documents and Settings\Reda\Application Data\DMCache O43 - CFD: 2014/08/20 11:25:07 - [] D -- C:\Documents and Settings\Reda\Application Data\Dropbox O43 - CFD: 2015/03/26 20:45:15 - [] D -- C:\Documents and Settings\Reda\Application Data\dvdcss O43 - CFD: 2014/08/20 00:17:07 - [] D -- C:\Documents and Settings\Reda\Application Data\FirefoxToolbar O43 - CFD: 2014/08/19 16:52:10 - [] D -- C:\Documents and Settings\Reda\Application Data\Identities O43 - CFD: 2015/08/22 17:05:56 - [] D -- C:\Documents and Settings\Reda\Application Data\IDM O43 - CFD: 2014/08/19 17:13:19 - [] D -- C:\Documents and Settings\Reda\Application Data\Macromedia O43 - CFD: 2015/08/22 02:36:01 - [] SD -- C:\Documents and Settings\Reda\Application Data\Microsoft O43 - CFD: 2015/08/22 02:36:52 - [] D -- C:\Documents and Settings\Reda\Application Data\Mozilla O43 - CFD: 2015/08/14 14:02:58 - [] D -- C:\Documents and Settings\Reda\Application Data\OpenCandy =>PUP.Optional.OpenCandy O43 - CFD: 2014/08/19 17:23:22 - [0] D -- C:\Documents and Settings\Reda\Application Data\SimilarAddon =>PUP.Optional.SimilarAddon O43 - CFD: 2015/01/30 14:27:40 - [0] D -- C:\Documents and Settings\Reda\Application Data\TP O43 - CFD: 2015/08/22 17:58:56 - [] D -- C:\Documents and Settings\Reda\Application Data\uTorrent O43 - CFD: 2015/04/24 19:35:08 - [] D -- C:\Documents and Settings\Reda\Application Data\vlc O43 - CFD: 2014/08/19 17:26:37 - [] D -- C:\Documents and Settings\Reda\Application Data\WinRAR O43 - CFD: 2015/08/22 18:03:30 - [] D -- C:\Documents and Settings\Reda\Application Data\ZHP O43 - CFD: 2015/03/13 13:43:03 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Adobe O43 - CFD: 2015/04/01 22:30:40 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Baidu O43 - CFD: 2015/08/22 02:10:26 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Elxltion O43 - CFD: 2015/08/22 14:36:01 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Google O43 - CFD: 2014/08/19 17:29:05 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Identities O43 - CFD: 2015/08/22 14:36:05 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Microsoft O43 - CFD: 2015/08/22 14:36:06 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\MiniService O43 - CFD: 2015/08/22 14:36:08 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Mozilla O43 - CFD: 2015/03/13 13:04:43 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Temp O43 - CFD: 2015/08/22 02:11:21 - [] D -- C:\Documents and Settings\Reda\Local Settings\Application Data\Ufkmedia O43 - CFD: 2014/08/19 16:52:12 - [] RD -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Accessoires O43 - CFD: 2015/08/15 15:52:45 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Accessories O43 - CFD: 2015/08/22 16:09:40 - [] RD -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Démarrage O43 - CFD: 2014/08/23 17:07:50 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Internet Download Manager O43 - CFD: 2014/08/22 03:43:32 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\Winamp O43 - CFD: 2014/08/19 17:24:17 - [] D -- C:\Documents and Settings\Reda\Menu Démarrer\Programmes\WinRAR ---\\ Liste des pilotes du système (33) - 4s O58 - SDL:2001/10/02 20:17:52 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] O58 - SDL:2006/06/26 12:15:38 A . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\System32\drivers\cmuda.sys [1372992] O58 - SDL:2001/10/02 20:17:52 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] O58 - SDL:2004/08/04 01:46:08 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256] O58 - SDL:2004/08/04 01:46:20 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496] O58 - SDL:2001/10/02 20:17:30 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] O58 - SDL:2001/08/17 22:20:18 A . (.Yamaha Corp. - Yamaha PCI(x) Audio System (WDM)[1013].) -- C:\WINDOWS\System32\drivers\ds1wdm.sys [334208] O58 - SDL:2001/08/17 22:13:08 A . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\System32\drivers\fetnd5.sys [27165] O58 - SDL:2014/06/09 10:40:58 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [121440] O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] O58 - SDL:2001/10/02 20:18:56 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] O58 - SDL:2005/03/12 00:28:09 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [20640] O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] O58 - SDL:2001/10/02 20:17:52 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] O58 - SDL:2004/08/04 00:29:52 A . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [166912] O58 - SDL:2004/07/17 12:36:38 A . (...) -- C:\WINDOWS\System32\drivers\secdrv.sys [27440] O58 - SDL:2001/10/02 20:17:52 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] O58 - SDL:2001/10/02 20:17:52 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] O58 - SDL:2001/10/02 20:17:16 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037] O58 - SDL:2001/10/02 20:17:26 A . (...) -- C:\WINDOWS\System32\country.sys [27097] O58 - SDL:2001/10/02 20:18:02 A . (...) -- C:\WINDOWS\System32\himem.sys [4912] O58 - SDL:2001/10/02 20:18:12 A . (...) -- C:\WINDOWS\System32\key01.sys [42809] O58 - SDL:2004/08/03 23:46:56 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537] O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916] O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146] O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370] O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274] O58 - SDL:2001/10/02 20:18:38 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146] O58 - SDL:2004/08/03 23:45:26 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000] O58 - SDL:2004/08/03 23:45:16 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560] O58 - SDL:2004/08/03 23:45:12 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648] O58 - SDL:2004/08/03 23:45:16 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424] O58 - SDL:2004/08/03 23:45:14 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560] ---\\ Associations Shell Spawning (9) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Menu de démarrage Internet (10) - 1s O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\baidu\Spark\Spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ---\\ Recherche d'infection sur les navigateurs (7) - 8s O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("browser.search.order.1", "default-search.net"); =>PUP.Optional.SearchNet O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("browser.search.selectedEngine", "default-search.net"); =>PUP.Optional.SearchNet O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("extensions.enabledAddons", "veggy%40veggyAddon.com:1.0416509,%7B6d0f26ba-45b8-4871-9c07-43ab341d5b73%7D:0.2,%7B4fec0d7e[...] =>PUP.Optional.VeggyAddon O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"veggy@veggyAddon.com\":{\"d\":\"C:\\\\Documents and Settings\\\\Reda\\\\Appl[...] =>PUP.Optional.VeggyAddon O69 - SBI: prefs.js [Reda - bgjeylp4.default] user_pref("keyword.URL", "http://www.default-search.net/search?sid=492&aid=279&itype=n&ver=13467&tm=444&src=ds&p="); =>PUP.Optional.SearchNet O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com/ O69 - SBI: SearchScopes [HKCU] {8044AFBB-DA06-4362-A3E2-9993AC06C588} - (Google) - http://www.google.com/ ---\\ Enumère les services démarrés par Svchost (39) - 2s O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77312] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [60416] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [111616] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [243200] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168] O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: NWCWorkstation (NWCWorkstation) . (.Microsoft Corporation - Client Service for Netware.) -- C:\WINDOWS\system32\nwwks.dll [64000] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [89088] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [174080] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [49152] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171008] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [246272] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [177664] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [359936] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685056] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129536] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [382464] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38912] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Fournisseur de services de périphérique mul.) -- C:\WINDOWS\system32\mspmsnsv.dll [52736] ---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (5) - 13s SS - Demand [2014/11/19 22:02:55] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - System [2015/01/28 09:11:53] [ 38288] F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (.Aztec Media Inc.) - C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK SS - Auto [2014/08/19 23:18:40] [ 116648] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - Demand [2014/08/19 23:18:40] [ 116648] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - Auto [2015/01/28 09:11:53] [ 3570704] SmdmF Service (SmdmFService) . (.Aztec Media Inc.) - C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK ---\\ Scan Additionnel (18) - 0s C:\Program Files\Assets Manager\smdmf\SmdmFService.exe =>PUP.Optional.SystemK C:\Documents and Settings\Reda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk C:\Documents and Settings\Reda\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf C:\Documents and Settings\Reda\Application Data\Mozilla\Firefox\Profiles\bgjeylp4.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A91196222 =>PUP.Optional.SystemK C:\Program Files\Assets Manager\smdmf\smdmfmgrc3.cfg =>PUP.Optional.SystemK HKLM\SYSTEM\CurrentControlSet\Services\SmdmFService =>PUP.Optional.SystemK HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager HKCU\SOFTWARE\7633123CA7DFD46E21784D533246A24E =>PUP.Optional.CrossRider HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager C:\Program Files\Assets Manager =>PUP.Optional.SystemK C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager C:\Program Files\SiteLookup =>PUP.Optional.SiteLookup C:\Documents and Settings\All Users\Application Data\smdmf =>PUP.Optional.SystemK C:\Documents and Settings\Reda\Application Data\OpenCandy =>PUP.Optional.OpenCandy C:\Documents and Settings\Reda\Application Data\SimilarAddon =>PUP.Optional.SimilarAddon ---\\ Récapitulatif des éléments trouvées sur votre station (12) - 0s http://www.nicolascoolman.fr/pup-systemk/ =>PUP.Optional.SystemK http://www.nicolascoolman.fr/pup-mindspark/ =>PUP.Optional.MindSpark http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo http://www.nicolascoolman.fr/blog =>PUP.Optional.VeggyAddon http://www.nicolascoolman.fr/blog =>PUP.Optional.SettingsManager http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore http://www.nicolascoolman.fr/pup-linkeysearch/ =>PUP.Optional.LinkeySearch http://www.nicolascoolman.fr/blog =>PUP.Optional.SiteLookup http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy http://www.nicolascoolman.fr/blog =>PUP.Optional.SimilarAddon http://www.nicolascoolman.fr/hijacker-searchnet/ =>PUP.Optional.SearchNet ~ End of the scan, 7362 items in 107 seconds (481)(0)()