Sujet Précédent Sujet Suivant

Je bug de plus en plus !!! ....

MAROCCYTY Messages postés 12 Statut Membre -  
MAROCCYTY Messages postés 12 Statut Membre -
Bonjour,

ya 2 mois j"avait windows sweet sur mon PC bureau 2.00 ghs et 3.24 GO de ram je jouait normalement et sans lague et quand jai formater mon PC en "windows xp pack 3 "
je lagait de plu en plus
ex : quand jveut ouvrir un programe ou quélque chose je lag beaucoup ! .

quélqun pourait me donnez des conseil pour ne plus lagait avec windows XP pack 3 sans que je formate mon PC ?? merci !!
A voir également:

11 réponses

Réponse 1 / 11
Utilisateur anonyme
 
Re

Si tu veux que je t'aide ;il me faut ce rapport

Merci et @+
2
MAROCCYTY Messages postés 12 Statut Membre
 
non jai télécharger le logisiel mai jai pa trouver le singe + pour lancer lanalyse mais le logisiel marhe
0
Utilisateur anonyme
 
Bonjour,
On ne m'aurait pas tout dit! Un Singe dans ZHPDiag, c'est nouveau ça. LOL
0
Réponse 2 / 11
Utilisateur anonyme
 
Re

Poste moi ce rapport;merci
1
MAROCCYTY Messages postés 12 Statut Membre
 
Rapport de ZHPDiag v2013.3.24.78 par Nicolas Coolman, Update du 24/03/2013
Run by homan at 24/03/2013 04:23:20
State : Version à jour.
High Elevated Privileges : OK
UAC : Not Found


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v25.0.1364.172 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3318 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 59 GB (59%) free of 98 GB

---\\ Logged in mode
~ Computer Name: AMINE
~ User Name: homan
~ All Users Names: SUPPORT_388945a0, homan, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\homan\Application Data\
~ %Desktop% : C:\Documents and Settings\homan\Bureau\
~ %Favorites% : C:\Documents and Settings\homan\Favoris\
~ %LocalAppData% : C:\Documents and Settings\homan\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\homan\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 59 Go of 98 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 51 Go of 51 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 05:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.FCDD66EE148885E900285ADE8417E40B] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/02/2013 - 07:56:42.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 05:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 01:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.12/04/2008 - 22:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.12/04/2008 - 21:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 04:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.12/04/2008 - 19:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.12/04/2008 - 21:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.12/04/2008 - 21:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.12/04/2008 - 22:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 01:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.12/04/2008 - 22:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.12/04/2008 - 22:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 05:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.12/04/2008 - 22:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 06:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 04:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/25
~ Mon Bureau (My Desktop) : 1/57
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.587EFD6A3A30A35A27904D21AE1FB882] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356376] [PID.336]
[MD5.9AFC673E3F2B4A3E0F54E4744C40815A] - (.ReviverSoft LLC - Registry Reviver.) -- C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [20225656] [PID.352]
[MD5.2D7C1661961CE19085B6A968B1B293D4] - (...) -- C:\Program Files\DefaultTab\DefaultTabSearch.exe [572928] [PID.740]
[MD5.34AE0DFA3EE3B5B9975042D87332D0B7] - (...) -- C:\Documents and Settings\homan\Application Data\DefaultTab\DefaultTab\DTUpdate.exe [107520] [PID.792]
[MD5.96633419F4A1E37ACB89B45EBCCFE001] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.exe [238952] [PID.840]
[MD5.A0FF419B61AE47E26ADF3BB15DB4F2FE] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608] [PID.976]
[MD5.9F3E7CABE86BBDECA009DE291DB6D9E2] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [3467768] [PID.1596]
[MD5.3AD1E72748978D8B0B3B674741E4C3E2] - (.Pas de propriétaire - ToolbarU Application.) -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880] [PID.1728]
[MD5.9F6B6D0BE4F77F8693E9FD15D81C8A01] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [141848] [PID.2200]
[MD5.4C53C44E7C20E65445037954DC3A6BA4] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [166424] [PID.2256]
[MD5.D8F3B455D3FA4B40C9BF544F55647C19] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [137752] [PID.2292]
[MD5.48E6868781B4E8BF4B77DBEC7694BCE8] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe [295072] [PID.2364]
[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [PID.2676]
[MD5.5BB89B62C340AEFD5967E57FC07DA5EF] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [1151152] [PID.2784]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.2948]
[MD5.1E377D64DACD4E4656C86241CE5A1233] - (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [95576] [PID.3032]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18642024] [PID.3104]
[MD5.91C9F6FB02169142EB4F514E87756EC1] - (.Pas de propriétaire - ADIMON MFC Application.) -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [1205840] [PID.3200]
[MD5.2CFDD166E104F6A759C0E66763A56977] - (.Logixoft - Revealer Keylogger Free.) -- C:\Documents and Settings\All Users\Application Data\rvlkl\rvlkl.exe [364032] [PID.3208]
[MD5.F95890C80E1AD0BE412C33030B892657] - (.WinZip Computing, S.L. - WinZip Quick Pick.) -- C:\Program Files\WinZip\WZQKPICK32.exe [685936] [PID.3224]
[MD5.B95AC0CDB8F068F0C024CD344B354298] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1274320] [PID.756]
[MD5.20454822EC195F460A60B21E20CF18BD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5977088] [PID.292]
[MD5.10FC7797A698DD6650EB836AEB4F07CC] - (.Bandoo Media Inc - Data Manager.) -- C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe [1683456] [PID.0]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2628]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\homan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.40818.0.) -- c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.0.282] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.0] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In.) -- C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.0] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.0] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.0.282] - (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader - RealDownloader Plugin.) -- C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Firefox Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.babylon.com
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Download and Record Plugin.) -- C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} . (.APN LLC - dtx Dynamic Link Library.) -- C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} . (.Search Results LLC. - Search Results.) -- C:\Documents and Settings\homan\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} Clé orpheline
O2 - BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} . (.Bandoo Media Inc - Url Helper.) -- C:\Program Files\Search Results Toolbar\Datamngr\BrowserConnection.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files\Yontoo\YontooIEClient.dll
~ BHO: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Babylon Toolbar - [HKLM]{98889811-442D-49dd-99D7-DC866BE87DBC} . (.Babylon Ltd. - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll
O3 - Toolbar: Search-Results Toolbar - [HKLM]{377e5d4d-77e5-476a-8716-7e70a9272da0} . (.APN LLC - dtx Dynamic Link Library.) -- C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
O3 - Toolbar: (no name) - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} Clé orpheline
O3 - Toolbar: SimilarSites - [HKLM]{FE69C007-C452-4d3e-86D2-1730DF8BC871} . (.SimilarGroup - SimilarSites For Internet Explorer.) -- C:\Program Files\SimilarSites\similarsites.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
O4 - HKLM\..\Run: [DATAMNGR] . (.Bandoo Media Inc - Data Manager.) -- C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe
O4 - HKLM\..\Run: [NPSStartup] Clé orpheline
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Documents and Settings\homan\Application Data\Yontoo\YontooDesktop.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline
O4 - HKUS\S-1-5-21-796845957-2147006517-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-2147006517-1606980848-1003\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O4 - HKUS\S-1-5-21-796845957-2147006517-1606980848-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-796845957-2147006517-1606980848-1003\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Documents and Settings\homan\Application Data\Yontoo\YontooDesktop.exe
O4 - HKUS\S-1-5-21-796845957-2147006517-1606980848-1003\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-796845957-2147006517-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Windows Update.lnk . (.Microsoft Corporation - Gestionnaire de mise à jour de Windows NT.) -- C:\WINDOWS\system32\wupdmgr.exe
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Documents and Settings\homan\Local Settings\Application Data\iLivid\iLivid.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\kbrd.ico
O9 - Extra button: SimilarSites - {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} . (...) -- C:\Program Files\SimilarSites\hotbtn.ico
O9 - Extra button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\logo.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 3 Legitimates Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BED806C-ABD3-431E-8A12-AD6065835403}: NameServer = 62.251.229.223 62.251.229.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BED806C-ABD3-431E-8A12-AD6065835403}: NameServer = 62.251.229.223 62.251.229.237
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 5 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O23 - Service: DefaultTabSearch (DefaultTabSearch) . (...) - C:\Program Files\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate (DefaultTabUpdate) . (...) - C:\Documents and Settings\homan\Application Data\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: (vToolbarUpdater14.2.0) . (.Pas de propriétaire - ToolbarU Application.) - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: Yontoo Desktop Updater (Yontoo Desktop Updater) . (.Microsoft - Y2Desktop.Updater.) - C:\Program Files\Yontoo\Y2Desktop.Updater.exe
~ Services: 10 Legitimates Scanned in 00mn 07s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\BrowserProtect.job [292]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [234]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1050]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1054]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-2147006517-1606980848-1003.job [326]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-2147006517-1606980848-1003.job [300]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-2147006517-1606980848-1003.job [308]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-2147006517-1606980848-1003.job [278]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-2147006517-1606980848-1003.job [286]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Start Registry Reviver for AMINE@homan(logon).job [320]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job [260]
[MD5.EA856F4A46320389D1899B2CAA7BF40F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [253656]
[MD5.CC1A55091FD96BCB624AD791CD15D179] [APT] [EPUpdater] (...) -- C:\Documents and Settings\homan\Application Data\BabMaint.exe [114176]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.6A8E0E72D390B95EFE3A7FFA17D5C504] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-2147006517-1606980848-1003] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [232608]
[MD5.B7D0F1FA8926F0D58B7A000E5DAB4B3E] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-2147006517-1606980848-1003] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [187544]
[MD5.B7D0F1FA8926F0D58B7A000E5DAB4B3E] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-2147006517-1606980848-1003] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [187544]
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-2147006517-1606980848-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe [187544]
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-2147006517-1606980848-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe [187544]
[MD5.9AFC673E3F2B4A3E0F54E4744C40815A] [APT] [Start Registry Reviver for AMINE@homan(logon)] (.ReviverSoft LLC.) -- C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [20225656]
~ Scheduled Task: Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Installed Component - S-1-5-21-796845957-2147006517-1606980848-1003 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
O40 - ASIC: Installed Component - S-1-5-21-796845957-2147006517-1606980848-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 18 Legitimates Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - C:\WINDOWS\system32\DRIVERS\klif.sys
O41 - Driver: (kltdi) . (.Kaspersky Lab - Network filtering component.) - C:\WINDOWS\system32\DRIVERS\kltdi.sys
O41 - Driver: (kneps) . (.Kaspersky Lab - KNEPS Power.) - C:\WINDOWS\system32\DRIVERS\kneps.sys
~ Drivers: 69 Legitimates Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Babylon Chrome Toolbar - (.Babylon Ltd..) [HKLM] -- Babylon Chrome Toolbar
O42 - Logiciel: Babylon toolbar - (.BabylonToolbar.) [HKLM] -- BabylonToolbar
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: Cheating-Death 4.33.4 - (...) [HKLM] -- Cheating-Death
O42 - Logiciel: Counter Strike 1.6 FULL v44 - (...) [HKLM] -- Counter Strike 1.6 FULL v44
O42 - Logiciel: DefaultTab - (.Search Results, LLC.) [HKLM] -- DefaultTab
O42 - Logiciel: MSN - (...) [HKLM] -- MSNINST
O42 - Logiciel: Razer Game Booster - (.Razer USA Ltd..) [HKLM] -- {88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}
O42 - Logiciel: Registry Reviver - (.ReviverSoft LLC.) [HKLM] -- Registry Reviver
O42 - Logiciel: SAGEM F@st 800-840 - (.SAGEM.) [HKLM] -- {4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}
O42 - Logiciel: Search-Results Toolbar - (.APN LLC.) [HKLM] -- ilividtoolbargaw
O42 - Logiciel: SimilarSites - (.SimilarSites.) [HKLM] -- SimilarSites
O42 - Logiciel: XPStyleToolBox 2.0.6 - (.MOH.RAH.CO.software, Mohammad Rahmeh.) [HKLM] -- {065EDCF8-394D-4E3E-9447-537CEE246528}_is1
O42 - Logiciel: Yontoo 2.04.1 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: iLivid - (.Bandoo Media Inc.) [HKLM] -- iLivid
~ Logic: 98 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5ced68db469ef42]
[HKCU\Software\APN DTX]
[HKCU\Software\AppDataLow\Software\DefaultTab]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\Conduit]
[HKCU\Software\DM]
[HKCU\Software\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\Default Tab]
[HKCU\Software\DefaultTab]
[HKCU\Software\SmartBar]
[HKCU\Software\Softonic]
[HKCU\Software\ilivid]
[HKLM\Software\5ced68db469ef42]
[HKLM\Software\Babylon]
[HKLM\Software\Conduit]
[HKLM\Software\DataMngr]
[HKLM\Software\Default Tab]
[HKLM\Software\RegistryReviver]
[HKLM\Software\SAGEM]
[HKLM\Software\Tarma Installer]
[HKLM\Software\UnitedAdmins]
[HKLM\Software\iLividSRTB]
~ Key Software: 160 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/03/2013 - 09:14:44 - [2,371] ----D C:\Program Files\BabylonToolbar
O43 - CFD: 20/03/2013 - 09:03:27 - [0,515] ----D C:\Program Files\Cheating-Death
O43 - CFD: 18/03/2013 - 04:10:50 - [0,863] ----D C:\Program Files\DefaultTab
O43 - CFD: 20/03/2013 - 09:02:25 - [2,073] ----D C:\Program Files\Messenger
O43 - CFD: 18/01/2013 - 12:33:48 - [20,477] ----D C:\Program Files\MSN
O43 - CFD: 22/01/2013 - 21:37:45 - [36,299] ----D C:\Program Files\Razer
O43 - CFD: 09/02/2013 - 09:38:00 - [28,671] ----D C:\Program Files\ReviverSoft
O43 - CFD: 18/01/2013 - 20:39:43 - [12,222] ----D C:\Program Files\SAGEM
O43 - CFD: 20/03/2013 - 09:20:16 - [13,896] ----D C:\Program Files\Search Results Toolbar
O43 - CFD: 20/03/2013 - 09:22:39 - [0,661] ----D C:\Program Files\SimilarSites
O43 - CFD: 20/03/2013 - 09:23:37 - [7,925] ----D C:\Program Files\XPStyleToolBox2
O43 - CFD: 20/03/2013 - 09:19:50 - [0,801] ----D C:\Program Files\Yontoo
O43 - CFD: 18/01/2013 - 10:14:44 - [0,008] ----D C:\Documents and Settings\homan\Application Data\AnkamaCertificates
O43 - CFD: 20/03/2013 - 09:14:45 - [3,628] ----D C:\Documents and Settings\homan\Application Data\BabSolution
O43 - CFD: 29/01/2013 - 02:40:39 - [0,023] ----D C:\Documents and Settings\homan\Application Data\Babylon
O43 - CFD: 20/03/2013 - 09:19:00 - [0] ----D C:\Documents and Settings\homan\Application Data\BabylonToolbar
O43 - CFD: 13/03/2013 - 05:35:23 - [2,290] ----D C:\Documents and Settings\homan\Application Data\DefaultTab
O43 - CFD: 20/03/2013 - 09:23:00 - [0] ----D C:\Documents and Settings\homan\Application Data\ML
O43 - CFD: 20/03/2013 - 09:16:30 - [4,937] ----D C:\Documents and Settings\homan\Application Data\OpenCandy
O43 - CFD: 20/03/2013 - 09:20:34 - [0] ----D C:\Documents and Settings\homan\Application Data\searchresultstb
O43 - CFD: 20/03/2013 - 09:22:38 - [1,038] ----D C:\Documents and Settings\homan\Application Data\SimilarSites
O43 - CFD: 20/03/2013 - 09:26:35 - [4,979] ----D C:\Documents and Settings\homan\Application Data\VirusMaker
O43 - CFD: 20/03/2013 - 09:19:50 - [0,041] ----D C:\Documents and Settings\homan\Application Data\Yontoo
O43 - CFD: 10/03/2013 - 04:47:35 - [1,309] ----D C:\Documents and Settings\homan\Local Settings\Application Data\Conduit
O43 - CFD: 20/03/2013 - 09:20:23 - [61,571] ----D C:\Documents and Settings\homan\Local Settings\Application Data\iLivid
O43 - CFD: 22/01/2013 - 21:38:21 - [0,000] ----D C:\Documents and Settings\homan\Local Settings\Application Data\Razer
O43 - CFD: 20/03/2013 - 09:26:26 - [0] ----D C:\Documents and Settings\homan\Local Settings\Application Data\Temporary Projects
O43 - CFD: 20/03/2013 - 09:14:46 - [0,001] ----D C:\Documents and Settings\homan\Menu Démarrer\Programmes\BrowserProtect
O43 - CFD: 20/03/2013 - 09:03:27 - [0,003] ----D C:\Documents and Settings\homan\Menu Démarrer\Programmes\Cheating-Death
~ Program Folder: 136 Legitimates Scanned in 00mn 25s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A70CCF75B8E3FE16E7C03A3458587E36] - 23/03/2013 - 08:48:42 ---A- . (...) -- C:\text.txt [9123]
O44 - LFC:[MD5.1AB64B945D739DE85AA4EE33FE78FE61] - 23/03/2013 - 02:53:03 ---A- . (...) -- C:\WINDOWS\adidsl.ini [169]
O44 - LFC:[MD5.720917370FF2E1F798061A53F8652E3B] - 22/03/2013 - 22:27:25 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.132349F5D76536D54CC6E2E0DE89B140] - 22/03/2013 - 22:27:20 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.9062539E4784E3C1C8E40EC36C9E8083] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [895653]
O44 - LFC:[MD5.A58E5B04003B9B3E09430605597FA90F] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [62262]
O44 - LFC:[MD5.7BAE3AADBFBC78F8FB023D560F825F83] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\comsetup.log [307833]
O44 - LFC:[MD5.22EF16480C3DEAD0BEE0A60667232417] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\iis6.log [990543]
O44 - LFC:[MD5.E32198C4A163883C2F42287EA992BEE2] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.9CF5D741A38AE01A088686C7D38ECC2D] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\msgsocm.log [45058]
O44 - LFC:[MD5.F7337A1AE5CD939854CBEC7BA58E7F9D] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\netfxocm.log [157659]
O44 - LFC:[MD5.5CF2894CD26978262F936F75B1E1B497] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [184541]
O44 - LFC:[MD5.DEA6499DC9D4FCA33054F5C4F1B7FF64] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\ocgen.log [496874]
O44 - LFC:[MD5.FEB5714995B0736ACACA2D58F7DD648A] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\ocmsn.log [49791]
O44 - LFC:[MD5.595061A0EBD4EA854FB5D3497C49541C] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\system32\spupdsvc.inf [165]
O44 - LFC:[MD5.D0E6AD5E7B8FFD522548AC8180614B40] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\tabletoc.log [45725]
O44 - LFC:[MD5.022C291B74F48AED772E63FB86343BC5] - 17/03/2013 - 05:56:54 ---A- . (...) -- C:\WINDOWS\tsoc.log [414225]
O44 - LFC:[MD5.9C52661734E7144EFE1EC5EA3B458899] - 17/03/2013 - 05:56:53 ---A- . (...) -- C:\WINDOWS\msmqinst.log [278556]
O44 - LFC:[MD5.F0DA7B6A4C960943F83158E345FDC53C] - 17/03/2013 - 05:55:04 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.63B3BAE2AC59AF9904475FCC3780DFF0] - 14/03/2013 - 03:02:43 ---A- . (...) -- C:\WINDOWS\KB2809289-IE8.log [14981]
O44 - LFC:[MD5.F94685AEE096CE2B0F7385E6D38D6FC1] - 14/03/2013 - 03:02:34 ---A- . (...) -- C:\WINDOWS\updspapi.log [92453]
O44 - LFC:[MD5.111505FB83837C21E88C2474FE782164] - 14/03/2013 - 03:02:03 ---A- . (...) -- C:\WINDOWS\KB2807986.log [7047]
O44 - LFC:[MD5.4BFC824CBB7AEF25ECFAA5FB9031238D] - 14/03/2013 - 03:00:37 ---A- . (...) -- C:\WINDOWS\msxml4-KB954430-enu.LOG [310104]
O44 - LFC:[MD5.6E86151C440996BAC03E21C91B6E648E] - 14/03/2013 - 03:00:29 ---A- . (...) -- C:\WINDOWS\msxml4-KB973688-enu.LOG [316162]
O44 - LFC:[MD5.C83C84DAE3B901BF404D36F304B00FA0] - 13/03/2013 - 05:31:25 ---A- . (.Pas de propriétaire - EjectDisk DLL.) -- C:\WINDOWS\system32\FsUsbExDevice.Dll [110592]
O44 - LFC:[MD5.96633419F4A1E37ACB89B45EBCCFE001] - 13/03/2013 - 05:31:25 ---A- . (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.Exe [238952]
O44 - LFC:[MD5.E179BDBC42DA6ADD1040725415CE0F6B] - 13/03/2013 - 05:31:10 ---A- . (...) -- C:\WINDOWS\wmsetup.log [21793]
O44 - LFC:[MD5.A103FDF7348130EF3F3FEF56B1700A27] - 10/03/2013 - 04:47:11 ---A- . (...) -- C:\END [9]
O44 - LFC:[MD5.CAE7B6E4D7EB17829C526153D19B9C95] - 09/03/2013 - 06:47:35 ---A- . (.AVG Technologies - Pas de description.) -- C:\WINDOWS\system32\Drivers\avgtpx86.sys [33112]
O44 - LFC:[MD5.CBE5F69A5E5B918225F420BA748F3742] - 14/06/2010 - 09:32:54 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]
~ Files: 43 Legitimates Scanned in 00mn 15s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Counter-Strike 1.6\hl.exe" [Disabled] .(.Valve.) -- C:\Program Files\Counter-Strike 1.6\hl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\TeamViewer\Version8\TeamViewer.exe" [Enabled] .(.TeamViewer GmbH.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" [Enabled] .(.TeamViewer GmbH.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\igfxsrvc.exe" [Disabled] .(.Intel Corporation.) -- C:\WINDOWS\system32\igfxsrvc.exe
O47 - AAKE:Key Export SP - "C:\games\CS1.6v44\hl.exe" [Enabled] .(.Valve.) -- C:\games\CS1.6v44\hl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe" [Enabled] .(.APN LLC.) -- C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Counter-Strike 1.6\hlds.exe" [Enabled] .(.Valve.) -- C:\Program Files\Counter-Strike 1.6\hlds.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" [Enabled] .(.PeeringPortal.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" [Enabled] .(.PeeringPortal.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
~ Keys: Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 6 Legitimates Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
~ CBS: 21 Legitimates Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 12 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 6 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ Keys: Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.9A3A8614859FB77767B63A82A017CCC6] - 07/02/2007 - 16:50:14 ---A- . (.Analog Deivces - USB Firmware loader.) -- C:\WINDOWS\system32\Drivers\adildr.sys [56088]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 12/03/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) - LEGACY_ADOBEFLASHPLAYERUPDATESVC
O64 - Services: CurCS - 09/03/2013 - C:\WINDOWS\system32\drivers\avgtpx86.sys (avgtp) .(.AVG Technologies - Pas de description.) - LEGACY_AVGTP
O64 - Services: CurCS - 18/01/2013 - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (AVP) .(.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - LEGACY_AVP
O64 - Services: CurCS - ??\??\???? - (DcomLaunch) .(. - .) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - 10/02/2013 - C:\Program Files\DefaultTab\DefaultTabSearch.exe - DefaultTabSearch (DefaultTabSearch) .(...) - LEGACY_DEFAULTTABSEARCH
O64 - Services: CurCS - 13/03/2013 - C:\Documents and Settings\homan\Application Data\DefaultTab\DefaultTab\DTUpdate.exe - DefaultTabUpdate (DefaultTabUpdate) .(...) - LEGACY_DEFAULTTABUPDATE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 28/08/2001 - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 14/06/2010 - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 04/07/2010 - C:\WINDOWS\system32\FsUsbExService.exe (FsUsbExService) .(.Teruten - FsUsbDevice.) - LEGACY_FSUSBEXSERVICE
O64 - Services: CurCS - 18/01/2013 - C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 19/06/2012 - C:\WINDOWS\system32\DRIVERS\kl1.sys (kl1) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 18/01/2013 - C:\WINDOWS\system32\DRIVERS\klif.sys (KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - LEGACY_KLIF
O64 - Services: CurCS - 18/01/2013 - C:\WINDOWS\system32\DRIVERS\kltdi.sys (kltdi) .(.Kaspersky Lab - Network filtering component.) - LEGACY_KLTDI
O64 - Services: CurCS - 13/08/2012 - C:\WINDOWS\system32\DRIVERS\kneps.sys (kneps) .(.Kaspersky Lab - KNEPS Power.) - LEGACY_KNEPS
O64 - Services: CurCS - 29/11/2012 - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) .(...) - LEGACY_REALNETWORKS_DOWNLOADER_RESOLVER_SERVICE
O64 - Services: CurCS - ??\??\???? - (RpcSs) .(. - .) - LEGACY_RPCSS
O64 - Services: CurCS - 28/02/2013 - C:\Program Files\Skype\Updater\Updater.exe (SkypeUpdate) .(.Skype Technologies - Skype Updater Service.) - LEGACY_SKYPEUPDATE
O64 - Services: CurCS - 13/12/2012 - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer8) .(.TeamViewer GmbH - TeamViewer 8.) - LEGACY_TEAMVIEWER8
O64 - Services: CurCS - ??\??\???? - (TermService) .(. - .) - LEGACY_TERMSERVICE
O64 - Services: CurCS - 09/03/2013 - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe (vToolbarUpdater14.2.0) .(.Pas de propriétaire - ToolbarU Application.) - LEGACY_VTOOLBARUPDATER14.2.0
O64 - Services: CurCS - 06/03/2013 - C:\Program Files\Yontoo\Y2Desktop.Updater.exe (Yontoo Desktop Updater) .(.Microsoft - Y2Desktop.Updater.) - LEGACY_YONTOO_DESKTOP_UPDATER
~ Services: Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Keys: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {0F9F88E7-E066-4DD5-9AD3-B1BC83CA177A} - (Search Here) - http://www.mysearchresults.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {F1DF29BA-BF19-4E82-BF36-461620DFCD40} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
~ Services: 40 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.CC1A55091FD96BCB624AD791CD15D179] [SPRF][09/02/2013] (...) -- C:\Documents and Settings\homan\Application Data\BabMaint.exe [114176]
[MD5.535E66A45574059421E470C145F08AD9] [SPRF][22/01/2013] (.Razer USA Ltd. - Razer Game Booster.) -- C:\Documents and Settings\homan\Bureau\game_booster_setup.exe [21131384]
[MD5.6A67D4913054E76510A7272E082CD211] [SPRF][13/03/2013] (...) -- C:\Documents and Settings\homan\Bureau\New_PC_Studio_1.5.1.10064_2.exe [173838160]
~ Files: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : v2.11305 - (24/03/2013)
Clés trouvées (Keys found) : 155
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 18
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}] =>Adware.Yontoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKCU\Software\
0
Réponse 3 / 11
Utilisateur anonyme
 
Re

Fait un effort;je ne suis pas ton Boy

Ton rapport posté est incomplet
Tu n'as pas suivi ce qui était mentionné

@+
1
Réponse 4 / 11
Utilisateur anonyme
 
Je ne m'y connais pas tellement, mais je te propose de faire une analyse et de défragmenter ton ordinateur peut-être non ? Avec le défragmenteur de disque.
:)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Utilisateur anonyme
 
Bonjour

Regardons cela par curiosité

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

Serveur N°2

Ou

http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.

Une fois le téléchargement achevé,

Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »

Clique sur la loupe avec le signe + pour lancer l'analyse.

Laisse l'outil travailler, il peut être assez long.

Ferme ZHPDiag en fin d'analyse.

Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/

Si problème utilise un des suivants

https://forums-fec.be/upload
https://www.cjoint.com/

Regarde sur le bureau

Sélectionne le fichier ZHPDiag.txt.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Merci

@+

0
Réponse 6 / 11
MAROCCYTY Messages postés 12 Statut Membre
 
omg j"ai rient compri lol
0
Utilisateur anonyme
 
Tu sais lire ;-)
Il n'y a rien de compliqué
0
MAROCCYTY Messages postés 12 Statut Membre
 
ok merci bcp en tout cas jvai essayé
0
MAROCCYTY Messages postés 12 Statut Membre
 
euh .... jai pas trouver le singe +
0
MAROCCYTY Messages postés 12 Statut Membre
 
========== Récapitulatif ==========
1 : Autre


End of clean in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 24/03/2013 02:44:22 [447]
tu peux m"aidé maint ?
0
Réponse 7 / 11
MAROCCYTY Messages postés 12 Statut Membre
 
avec quoi stp?
0
Réponse 8 / 11
Utilisateur anonyme
 
Je m'efface alors?
0
Réponse 9 / 11
Utilisateur anonyme
 
Re

Tu cliques sur la première loupe que tu vois ;-))
0
Réponse 10 / 11
MAROCCYTY Messages postés 12 Statut Membre
 
deja fait ;) et apré ? :D
0
Utilisateur anonyme
 
Tu sais lire ;-[
0
MAROCCYTY Messages postés 12 Statut Membre
 
oué jai cliquer sur la loupe mai rient cest passé :o
0
Utilisateur anonyme
 
Regarde si sur le bureau tu as un rapport ZHPDiag.txt
0
MAROCCYTY Messages postés 12 Statut Membre
 
oui il est complet et on me montre 0% jesais pas prk lol
0
Réponse 11 / 11
MAROCCYTY Messages postés 12 Statut Membre
 
si ilest complet -_-
0

Discussions similaires

Iptv beug
leogauthier15 -
bazfile -

1 réponse
Problème IPTV SMARTER
eneleh49 -
glandu -

1 réponse
Problème iptv boîtier
Joaurep -
Joaurep -

2 réponses
Smart IPTV met un temps fou à charger depuis que je suis passé à la fibre
Ancaro13 -
glandu -

3 réponses
Family link : les temps ne correspondent pas !
Barfly -
Aure -

5 réponses