Sujet Précédent Sujet Suivant

Comment reparer windows vista?

Fermé
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015 - 5 avril 2013 à 21:37
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015 - 6 avril 2013 à 21:33
Bonjour, à tout le monde ,depuis quelques jours mon pc portable ne fonctionne plus tres bien,trés trés lent au démarrage et pour s'arréter aussi,quant je lance fire fox il me l'affiche en double superposé,et la impossible de naviguer.j'ai essayé un nettoyage rien,d'autre trucs,enfin le b a ba car je suis nul en informatique.j'ai aussi fait une recherche d'érreur ça m'anonce erreur windows search ou explore bloqué j'en ai fait une copie analisée par mon antivirus rien qui indique une ataque si quelqu'un a la solution merci pour son aide.En plus ça bloque aussi ma messagerie par intermitence.



A voir également:

5 réponses

Réponse 1 / 5
akala57 Messages postés 29 Date d'inscription vendredi 5 avril 2013 Statut Membre Dernière intervention 24 juin 2013 66
5 avril 2013 à 21:41
Bonjour,

Si tu penses la situation désespérée, je crois que tu devrais essayer une réparation via le CD d'installation de ton Windows ! Tu le mets dans ton lecteur, éteins le pc et redémarres sur le CD, il te proposera sûrement de réparer Windows ;-).
0
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
5 avril 2013 à 22:02
merci mais je n'ai plus le cd je suis dans la mouise.
0
akala57 Messages postés 29 Date d'inscription vendredi 5 avril 2013 Statut Membre Dernière intervention 24 juin 2013 66
5 avril 2013 à 22:11
Arf désolé :-/. Si tu trouves une âme charitable prête à te le filer...
Après peut-être que tu as beaucoup d'applications qui tournent en fond et qui se lancent au démarrage. Quand j'en ai trop mon PC râme à fond et est limite inutilisable, je ne peux pas lancer Skype au démarrage, un peu comme ton PC.
Je te propose Glary Utilities https://www.commentcamarche.net/telecharger/utilitaires/11165-glary-utilities/
Regardes ce qui se lancent au démarrage ;-)
0
Réponse 2 / 5
alkanoide Messages postés 1333 Date d'inscription lundi 14 janvier 2013 Statut Membre Dernière intervention 5 décembre 2014 299
5 avril 2013 à 21:46
Hello

Tout d'abord :

Est ce que tous tes programmes sont bien à jours? ( Windows, Navigateurs, plugins etc )
Défragmentes-tu ton disque dur régulièrement?
Nettoies tu ton disque ( avec ccleaner par exemple ) et vides tu ton cache régulièrement?

Si ce n'est pas le cas fais le.

Tu peux également faire une analyse avec ZHPdiag et héberger le rapport en postant le lien afin qu'un helper regarde de plus près si jamais tu es infecté.

Bonne continuation
0
Réponse 3 / 5
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
5 avril 2013 à 21:57
merci ALKANOIDE defragmenter oui,nettoyage ccleaner oui ,comment metre à jour et vider cache?je suis nul .Et pour tout dire mes prtits fils 10 et 2ans l'ont utiliser le week end de Paques j'ai bien peur qu'ils n'aient fait une boulette.
0
alkanoide Messages postés 1333 Date d'inscription lundi 14 janvier 2013 Statut Membre Dernière intervention 5 décembre 2014 299
Modifié par alkanoide le 5/04/2013 à 22:04
Si tu as utilisé Ccleaner alors ton cache est vidé.

Pour les mises à jour Windows : Panneau de configuration\Système et sécurité\Windows Update et rechercher les mises à jour

Je vois déjà que ton Firefox est à jour. Dans Modules Complémentaires, onglet plugin, tu as une petite phrase/lien en bleu ' vérifier les mises à jour' une page s'ouvrira avec la liste de tes plugins, tout ce qui ne sera pas en vert ... tu devras mettre à jour ( en cliquant sur le pouce ça te dirigera vers le site adéquat )
0
alkanoide Messages postés 1333 Date d'inscription lundi 14 janvier 2013 Statut Membre Dernière intervention 5 décembre 2014 299
5 avril 2013 à 22:03
Je te conseille tout de même de faire un rapport ZHPdiag après la vérification des mises à jour, puisque tu a peur que tes petits-fils aient fait une boulette ( c'est possible, on ne sait jamais il suffit d'un mauvais site et hop --> infection )
Je ne serai pas habilitée à faire une désinfection ( à la rigueur je pourrais repérer quelques logiciels à désinstaller ) mais un helper confirmé te viendra en aide ;)
0
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
5 avril 2013 à 23:14
je n'arrive pas à télécharger ZHPdiag ça m'affiche le téléchargement ne peut ètre enregistré car une erreur est apparue
0
Réponse 4 / 5
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
5 avril 2013 à 22:08
ok merci je vais lancer ZHPdig apres avoir tout verifier à plus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
5 avril 2013 à 23:05
je n'arrive pas à telecharger ZHPdig ça m'affiche letelechargement ne peut etre enregistre car une erreur est apparue.
0
alkanoide Messages postés 1333 Date d'inscription lundi 14 janvier 2013 Statut Membre Dernière intervention 5 décembre 2014 299
5 avril 2013 à 23:35
Essayes par là peut être https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
0
nemausus30
Modifié par nemausus30 le 6/04/2013 à 00:26
merci pour le lien mais ça ne marche pas.
0
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
6 avril 2013 à 01:15
voici le rapport de scan ZHPDiagRapport de ZHPDiag v2013.4.5.28 par Nicolas Coolman, Update du 05/04/2013
Run by gab at 06/04/2013 01:00:30
State : Version à jour.
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 20.0 v20.0 (Defaut)
GCIE: Google Chrome v26.0.1410.43

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 9QJXR
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 73 GB (64%) free of 112 GB

---\\ Logged in mode
~ Computer Name: PC-DE-GAB
~ User Name: gab
~ All Users Names: gab, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\gab\AppData\Roaming\
~ %Desktop% : C:\Users\gab\Desktop\
~ %Favorites% : C:\Users\gab\Favorites\
~ %LocalAppData% : C:\Users\gab\AppData\Local\
~ %StartMenu% : C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 73 Go of 112 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.03728C624D05C2F157BBD46F6B7F6EA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 04:30:21.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/612
~ Mes musiques (My Musics) : 1/45
~ Mes Videos (My Videos) : 1/11
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/36
~ Mon Bureau (My Desktop) : 1/25
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.BB13432FA552AFCE8A66BCB5EE85F652] - (...) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2569168] [PID.1924] =>Toolbar.Babylon
[MD5.5F529FBB095CBC9F14BB1E97A7A6B547] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.4060]
[MD5.9AEF1107109189F955192D4B714B516C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [90112] [PID.2100]
[MD5.D8A33AF26E4143F7A892009890BB6F64] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.844]
[MD5.766E24A20116AFA41F380B57FFE7AF02] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328] [PID.2436]
[MD5.34A3539B15A361F2A92E28C3124D148D] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4251328] [PID.1376]
[MD5.0A61A3ACE26CA4FC637BC8AF8C05CC00] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032] [PID.1740] =>PUP.SweetIM
[MD5.F920FBB43C1CDB905044C91B9A3FD516] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18643560] [PID.1756]
[MD5.734006A2DB2404138F2C1A2CB86D32EF] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.3068]
[MD5.4BAFEB055A5D44D69DAA437BAD787663] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe [90112] [PID.2060]
[MD5.6E5876A0BBCD9146A4DB62C68BB99EE6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6493184] [PID.1528]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3260]
[MD5.C1F19D2BACBEE9AB64D9AE69E9859AC0] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456] [PID.1064]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1396]
[MD5.01E80E1DE60650BC61E9A0A513B0DDD8] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.2044]
[MD5.891B795CBA240A9C2BAC13B8B5FC31D7] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [130304] [PID.224]
[MD5.7DB02C7ED0C79C40EC1D845691E98FF5] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [57344] [PID.2180]
[MD5.B4139011FADDBDAE615961548E75E5C5] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337] [PID.2332]
[MD5.F0F6BEE889236BB6D6A94560D7EEA2AC] - (.RealNetworks, Inc. - Online Games Manager.) -- C:\Program Files\Online Games Manager\ogmservice.exe [559168] [PID.2736]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.2832]
[MD5.E570ECA850F30EB740C2E9699DF3D2BD] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- c:\Program Files\Microsoft Security Client\NisSrv.exe [295232] [PID.3768]
[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.3848]
~ Processes Running: Scanned in 00mn 10s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gab\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\1hoelnf4.default\prefs.js
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\ruqve71n.default\prefs.js
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\prefs.js
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\user.js
M3 - MFPP: Plugins - [gab] -- C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\1hoelnf4.default\searchplugins\fbdownloader_search.xml
M3 - MFPP: Plugins - [gab] -- C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\searchplugins\delta.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.8.638.) -- C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pages.tvunetworks.com/WebPlayer] - (.TVU networks - 2,5,3,1.) -- C:\Windows\system32\TVUAx\npTVUAx.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.19] - (.Veetle Inc - Version 0.9.19, Copyright 2006-2012 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.2] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Firefox Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com =>Toolbar.DeltaSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.0.2.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 18



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
~ BHO: 4 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SystrayORAHSS] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-3128661018-94020315-1220936078-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-3128661018-94020315-1220936078-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: Video Converter.lnk . (...) -- C:\Program Files\VideoConverter\VideoConverter.exe
~ Global Startup: Scanned in 00mn 04s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 6 Legitimates Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0143862B-E4BF-4E65-BB73-26ED67355D8A}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{699F297B-C8BA-47A1-927A-F5904756D430}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{699F297B-C8BA-47A1-927A-F5904756D430}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll =>Toolbar.Babylon
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
O23 - Service: Online Games Manager (ogmservice) . (.RealNetworks, Inc. - Online Games Manager.) - C:\Program Files\Online Games Manager\ogmservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 8 Legitimates Scanned in 00mn 21s



---\\ Enumération Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedUpMyPC.job [242]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\spmonitor.job [320]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Test TimeTrigger.job [396]
[MD5.00000000000000000000000000000000] [APT] [SpeedUpMyPC] (...) -- C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [spmonitor] (...) -- C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Updater19962.exe] (...) -- C:\Users\gab\AppData\Local\Updater19962\Updater19962.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0A88E7C0-5A9E-4D9A-8355-98FD20FF1758}] (...) -- C:\Program Files\MakeHuman 0.9.1 RC1\uninstall.exe (.not file.) [0]
[MD5.06623A1845FF79E5088D98F8A234F2D1] [APT] [{1054502C-02AB-4AD6-A793-BFBF21480251}] (.Apple Computer, Inc..) -- C:\Windows\system32\QuickTime.cpl [202240]
[MD5.60106EBB64BE0CA658A3CC843214A78B] [APT] [{584176B7-4568-4CDE-BC64-1A013299BED1}] (.Intel Corporation.) -- C:\Windows\system32\igfxcpl.cpl [122880]
[MD5.F73246900E717D7524BD7E0FC40A12B2] [APT] [{5A859366-DFA7-4F06-9522-60048BD2A8AD}] (.France Telecom SA.) -- C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe [28672]
[MD5.00000000000000000000000000000000] [APT] [{5C5545CD-2120-49AA-A06B-7DF00E2C01A4}] (...) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma (.not file.) [0]
~ Scheduled Task: 24 Legitimates Scanned in 00mn 06s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
~ Active Setup: 14 Legitimates Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
~ Drivers: 40 Legitimates Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Toolbar.Babylon
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM] -- bi_uninstaller
O42 - Logiciel: Celtx (2.9) - (.Greyfirst.) [HKLM] -- Celtx (2.9)
O42 - Logiciel: EZdrummer - (.Toontrack.) [HKLM] -- {43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
O42 - Logiciel: Online Games Manager v1.20 - (.Real Networks, Inc..) [HKLM] -- Online Games Manager
O42 - Logiciel: Pack Tux XP 3.0 - (.Bricomix.) [HKLM] -- Pack Tux XP
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar For Firefox 1.11.0.2 - (...) [HKLM] -- {EEE6C374-6118-11DC-9C72-001320C79847} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Updater - (...) [HKLM] -- WNLT =>PUP.SweetIM
O42 - Logiciel: avast! Free Antivirus v7.0.1455.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: fTalk - (.Koyote-Lab Inc.) [HKCU] -- fTalk
~ Logic: 86 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5a6dfdeb63ce415]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\BI]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\CodeStuff]
[HKCU\Software\DXTransform]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\PerformerSoft]
[HKCU\Software\Sarbakan]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Sonalksis]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\VidFilters]
[HKCU\Software\WNLT]
[HKCU\Software\Worldweaver]
[HKCU\Software\delta LTD]
[HKCU\Software\perforce]
[HKLM\Software\5a6dfdeb63ce415]
[HKLM\Software\BD Inc]
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\Busps]
[HKLM\Software\Cinos]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DomaIQ]
[HKLM\Software\Greyfirst]
[HKLM\Software\Hemera Technologies Inc.]
[HKLM\Software\IncrediMail]
[HKLM\Software\Kjaerhus Audio]
[HKLM\Software\PerformerSoft]
[HKLM\Software\Supreme Savings]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\TG Byte Software]
[HKLM\Software\Thomson]
[HKLM\Software\Worldweaver]
[HKLM\Software\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\greyfirst.ca]
[HKLM\Software\woohook]
~ Key Software: 223 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/02/2011 - 11:28:05 - [42,569] ----D C:\Program Files\Celtx
O43 - CFD: 08/09/2010 - 06:46:04 - [1,229] ----D C:\Program Files\CodeStuff
O43 - CFD: 04/04/2013 - 19:17:36 - [0,041] ----D C:\Program Files\DomaIQ Uninstaller
O43 - CFD: 22/02/2013 - 11:32:30 - [0,063] ----D C:\Program Files\Driver Restore
O43 - CFD: 19/10/2010 - 08:42:26 - [0,001] ----D C:\Program Files\FaceMorpher Lite
O43 - CFD: 01/04/2013 - 01:01:52 - [0,577] ----D C:\Program Files\Online Games Manager
O43 - CFD: 09/02/2013 - 16:45:33 - [0,000] ----D C:\Program Files\PokerStars
O43 - CFD: 06/03/2010 - 14:52:56 - [0,000] ----D C:\Program Files\Sonik Synth 2 Free
O43 - CFD: 09/03/2013 - 23:01:23 - [4,909] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 09/03/2013 - 23:00:21 - [0,359] ----D C:\Program Files\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 05/12/2009 - 17:17:05 - [2,961] ----D C:\Program Files\Timeworks
O43 - CFD: 23/09/2012 - 19:25:18 - [13,520] ----D C:\Program Files\VideoConverter
O43 - CFD: 15/02/2013 - 20:07:23 - [0,017] ----D C:\Program Files\Whodeletedme
O43 - CFD: 24/03/2013 - 17:38:19 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 03/04/2013 - 12:56:27 - [8,209] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 09/03/2013 - 23:00:44 - [0,245] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 06/07/2012 - 09:05:27 - [1,000] ----D C:\ProgramData\{8EEE9C00-5B20-48B7-9329-7BA2CEEB18B2}
O43 - CFD: 12/08/2012 - 19:03:58 - [0] ----D C:\ProgramData\????????????????????????????????
O43 - CFD: 14/08/2012 - 13:51:35 - [0] ----D C:\ProgramData\?Í?Í1
O43 - CFD: 14/08/2012 - 19:42:26 - [0] ----D C:\ProgramData\?Ô?Ô1
O43 - CFD: 13/08/2012 - 13:09:49 - [0] ----D C:\ProgramData\????1
O43 - CFD: 13/08/2012 - 20:32:45 - [0] ----D C:\ProgramData\????1
O43 - CFD: 15/08/2012 - 12:54:22 - [0] ----D C:\ProgramData\????1
O43 - CFD: 15/08/2012 - 00:00:51 - [0] ----D C:\ProgramData\????1
O43 - CFD: 03/04/2013 - 12:54:17 - [0,009] ----D C:\Users\gab\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/01/2010 - 16:13:41 - [0,002] ----D C:\Users\gab\AppData\Roaming\Blue Cat Audio
O43 - CFD: 23/10/2009 - 10:06:35 - [0,001] ----D C:\Users\gab\AppData\Roaming\dcunningham.net
O43 - CFD: 21/02/2011 - 11:28:58 - [8,550] ----D C:\Users\gab\AppData\Roaming\Greyfirst
O43 - CFD: 04/01/2010 - 14:21:47 - [0,000] ----D C:\Users\gab\AppData\Roaming\Openworld Learning
O43 - CFD: 10/02/2013 - 01:43:36 - [0,047] ----D C:\Users\gab\AppData\Roaming\PerformerSoft
O43 - CFD: 05/09/2009 - 11:56:54 - [0,035] ----D C:\Users\gab\AppData\Roaming\Pirateville
O43 - CFD: 05/10/2010 - 11:00:08 - [0,004] ----D C:\Users\gab\AppData\Roaming\Stykz
O43 - CFD: 15/10/2010 - 09:32:28 - [0] ----D C:\Users\gab\AppData\Local\._Revolution_
O43 - CFD: 09/03/2013 - 23:08:27 - [0,428] ----D C:\Users\gab\AppData\Local\Bundled software uninstaller
O43 - CFD: 21/02/2011 - 11:28:58 - [3,484] ----D C:\Users\gab\AppData\Local\Greyfirst
O43 - CFD: 12/12/2012 - 11:59:45 - [0] ----D C:\Users\gab\AppData\Local\Ludi
O43 - CFD: 17/03/2013 - 23:35:09 - [0,000] ----D C:\Users\gab\AppData\Local\rencontreshard
O43 - CFD: 03/04/2013 - 19:42:32 - [0] ----D C:\Users\gab\AppData\Local\Supreme Savings
O43 - CFD: 03/04/2013 - 12:56:40 - [0,001] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 15/02/2013 - 20:34:56 - [0,002] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeStuff Starter
O43 - CFD: 27/04/2010 - 19:09:28 - [0] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Media Plugin
O43 - CFD: 19/10/2010 - 08:50:49 - [0] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Packs
O43 - CFD: 08/09/2010 - 06:49:31 - [0,002] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup (Disabled by Starter)
O43 - CFD: 05/12/2009 - 17:17:05 - [0] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timeworks
~ 62 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 308 Legitimates Scanned in 00mn 24s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.85D17ABC76035D9F33FC47F068097C86] - 01/04/2013 - 22:54:45 ---A- . (...) -- C:\Windows\System32\QuickTime.qtp [352]
O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 27/02/2013 - 12:21:38 ---A- . (...) -- C:\Windows\System32\ImHttpComm.dll [28160]
~ Files: 36 Legitimates Scanned in 00mn 14s



---\\ Export de clé d'application autorisée (O47)
~ Keys Export: 1 Legitimates Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 7 Legitimates Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{009e9704-be21-11de-9b8a-001eec4c8d76}\AutoRun\command. (...) -- E:\AutoRunCardDetector.exe (.not file.)
O51 - MPSK:{3e122391-74ca-11de-9f46-001eec4c8d76}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
O51 - MPSK:{9ba234c1-da4e-11de-bca1-001eec4c8d76}\AutoRun\command. (...) -- E:\AutoRunCardDetector.exe (.not file.)
O51 - MPSK:{d52a1b71-73c6-11de-97fc-001eec4c8d76}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"VIDC.CFHD"="cfhd.dll" . (.CineForm Inc. - CineForm VFW CODEC.) -- C:\Windows\System32\cfhd.dll
O52 - TDSD: \drivers.desc\"cfhd.dll"="Codec CineForm HD VFW" . (.CineForm Inc. - CineForm VFW CODEC.) -- C:\Windows\System32\cfhd.dll
~ TDSD: 7 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
~ MWPE Keys: 1 Legitimates Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
~ Legacy: 130 Legitimates Scanned in 00mn 18s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
~ FASS Keys: 19 Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [gab - ruqve71n.default] user_pref("extensions.crossrider.bic", "139f44f8f1934c80c7920f6c713f2599"); =>PUP.CrossRider
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=1017001FE2A7A91A"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("avg.install.userSPSettings", "Delta Search");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.crossrider.bic", "13dcf8bef5b8344a88eaba7936a80cf0"); =>PUP.CrossRider
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.bbDpng", "3");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.id", "1017208d000000000000001fe2a7a91a");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.instlDay", "15798");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.012:55:40");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.vrsnTs", "1.8.10.012:55:40");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {218023DC-DB9B-406C-ADBE-78D784AAAE81} - (Yahoo! Search) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
~ Services: 31 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.AA4A8AD48D7A4DCE9E04C305DC158A74] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.1188.bin [739]
[MD5.897B373F3A95E6E79196CCB29C4F1EFE] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.1500.bin [37460]
[MD5.335D04B167C28EEAAD04FE58975C4A6E] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.272.bin [10223]
[MD5.834A12E9DF90C09E141195086476ACAB] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.2968.bin [739]
[MD5.035F83A462E62E69DF52E8640A54DDA6] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.3752.bin [2202]
[MD5.9A1BA39A6BCE89253C0058F6605DBC22] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.3816.bin [3932]
[MD5.7AE6ABAEE437A73391CAB1346F504DEC] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.4092.bin [2796]
[MD5.C8510796D287E7AC8823536E89982AAC] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.1036.bin [3932]
[MD5.78435E05C64B0036EF0670294D31179B] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.1612.bin [14227]
[MD5.51427B7D1539AEFA3EF5B8FD92708D96] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.2164.bin [28826]
[MD5.91966A79026C8793B2A9FB25E2F96923] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.2804.bin [4276]
[MD5.887803B4742F4348D394258EC082D5C9] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.2820.bin [48303]
[MD5.7AFF8B0835A907436AF4D793B30DBFD4] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.3048.bin [739]
[MD5.9A22DD06030A478788BB1FC6FCE20CC3] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.4056.bin [6197]
[MD5.B319BE1D56EAD59FA38F30E7932009F0] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.4660.bin [33461]
[MD5.30CDAFC407690D9FA8AD98735EB285EB] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.4780.bin [9761]
[MD5.BC9D9896BFB2FAC0472E756FB60F596D] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.5840.bin [739]
[MD5.55B97CC5D269334FE575FCD734E4BE5C] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337703717.bdinstall.bin [427669]
[MD5.BF25C72D37FD91804847CC6C1670105E] [SPRF][19/07/2009] (...) -- C:\Users\gab\AppData\Local\d3d8caps.dat [552]
[MD5.F81260A2C28E6FCC457BFF9837221CA5] [SPRF][05/04/2013] (...) -- C:\Users\gab\AppData\Local\d3d9caps.dat [6648]
~ Files: Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
~ Firewall: 224 Legitimates Scanned in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : v2.11459 - (05/04/2013)
Clés trouvées (Keys found) : 88
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 2

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.IncrediBar
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{09C14BAE-2D45-4133-B0FA-5EA4FE5CF978}] =>PUP.SpecialSavings
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:sweetIM =>PUP.SweetIM
[HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} =>Toolbar.Babylon
C:\Program Files\SweetIM =>PUP.SweetIM
C:\Program Files\DomaIQ Uninstaller =>Toolbar.IncrediMail
C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com =>Toolbar.Babylon
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\Users\gab\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\gab\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\gab\AppData\Local\Supreme Savings =>PUP.RewardsArcade
C:\Users\gab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph =>Adware.GamePlayLabs
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\bprotector_prefs.js =>PUP.BProtector
~ Additionnel: Scanned in 00mn 45s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "82AF1148D23D8154290FF3DB087A20CB" . (.Sony Vegas 7.0.) -- C:\Windows\Installer\{8411FA28-D32D-4518-92F0-3FBD80A702BC}\vegas70.ico
O90 - PUC: "C6AC1E831212C5B43A5AB0003097E4FF" . (.Sony Media Manager 2.2.) -- C:\Windows\Installer\{38E1CA6C-2121-4B5C-A3A5-0B0003794EFF}\mediamgr.ico
~ Update Products: 66 Legitimates Scanned in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\5a6dfdeb63ce415] =>Toolbar.Babylon^
[HKCU\Software\5a6dfdeb63ce415]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5a6dfdeb63ce415]:version="2.6.1125.80"
[HKLM\Software\5a6dfdeb63ce415] =>Toolbar.Babylon^
[HKLM\Software\5a6dfdeb63ce415]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\5a6dfdeb63ce415]:version="2.6.1125.80"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 08/10/2010 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 14/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 04/07/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 04/07/2012 130304 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 2569168 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
SR - | Auto 12/12/2006 57344 | C:\Program Files\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
SS - | Auto 07/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 12/03/2013 559168 | (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files\Online Games Manager\ogmservice.exe
SR - | Auto 24/10/2009 360224 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s



~ 1183 Legitimates filtered by white list
End of the scan (788 lines in 03mn 02s)(0)
0
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
6 avril 2013 à 01:16
si quelqu'un peut m'aider merci
0
nemausus30 Messages postés 176 Date d'inscription jeudi 6 septembre 2012 Statut Membre Dernière intervention 25 juin 2015
6 avril 2013 à 21:33
bonsoir y a t'il un helper en ligne qui pourrait m'aider?
0