Bonjour, àtous j'ai un problème avec vista ci joint un rapport ZHPDiag,si quelqu'un peut m'aider merci à lui.voici le rapport de scan ZHPDiagRapport de ZHPDiag v2013.4.5.28 par Nicolas Coolman, Update du 05/04/2013
Run by gab at 06/04/2013 01:00:30
State : Version à jour.
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 20.0 v20.0 (Defaut)
GCIE: Google Chrome v26.0.1410.43
---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 9QJXR
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 73 GB (64%) free of 112 GB
---\\ Logged in mode
~ Computer Name: PC-DE-GAB
~ User Name: gab
~ All Users Names: gab, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\gab\AppData\Roaming\
~ %Desktop% : C:\Users\gab\Desktop\
~ %Favorites% : C:\Users\gab\Favorites\
~ %LocalAppData% : C:\Users\gab\AppData\Local\
~ %StartMenu% : C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 73 Go of 112 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.03728C624D05C2F157BBD46F6B7F6EA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 04:30:21.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/612
~ Mes musiques (My Musics) : 1/45
~ Mes Videos (My Videos) : 1/11
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/36
~ Mon Bureau (My Desktop) : 1/25
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.BB13432FA552AFCE8A66BCB5EE85F652] - (...) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2569168] [PID.1924] =>Toolbar.Babylon
[MD5.5F529FBB095CBC9F14BB1E97A7A6B547] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.4060]
[MD5.9AEF1107109189F955192D4B714B516C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [90112] [PID.2100]
[MD5.D8A33AF26E4143F7A892009890BB6F64] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.844]
[MD5.766E24A20116AFA41F380B57FFE7AF02] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328] [PID.2436]
[MD5.34A3539B15A361F2A92E28C3124D148D] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4251328] [PID.1376]
[MD5.0A61A3ACE26CA4FC637BC8AF8C05CC00] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032] [PID.1740] =>PUP.SweetIM
[MD5.F920FBB43C1CDB905044C91B9A3FD516] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18643560] [PID.1756]
[MD5.734006A2DB2404138F2C1A2CB86D32EF] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.3068]
[MD5.4BAFEB055A5D44D69DAA437BAD787663] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe [90112] [PID.2060]
[MD5.6E5876A0BBCD9146A4DB62C68BB99EE6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6493184] [PID.1528]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3260]
[MD5.C1F19D2BACBEE9AB64D9AE69E9859AC0] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456] [PID.1064]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1396]
[MD5.01E80E1DE60650BC61E9A0A513B0DDD8] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.2044]
[MD5.891B795CBA240A9C2BAC13B8B5FC31D7] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [130304] [PID.224]
[MD5.7DB02C7ED0C79C40EC1D845691E98FF5] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [57344] [PID.2180]
[MD5.B4139011FADDBDAE615961548E75E5C5] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337] [PID.2332]
[MD5.F0F6BEE889236BB6D6A94560D7EEA2AC] - (.RealNetworks, Inc. - Online Games Manager.) -- C:\Program Files\Online Games Manager\ogmservice.exe [559168] [PID.2736]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.2832]
[MD5.E570ECA850F30EB740C2E9699DF3D2BD] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- c:\Program Files\Microsoft Security Client\NisSrv.exe [295232] [PID.3768]
[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.3848]
~ Processes Running: Scanned in 00mn 10s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gab\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\1hoelnf4.default\prefs.js
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\ruqve71n.default\prefs.js
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\prefs.js
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\user.js
M3 - MFPP: Plugins - [gab] -- C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\1hoelnf4.default\searchplugins\fbdownloader_search.xml
M3 - MFPP: Plugins - [gab] -- C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\searchplugins\delta.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [gab] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.8.638.) -- C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pages.tvunetworks.com/WebPlayer] - (.TVU networks - 2,5,3,1.) -- C:\Windows\system32\TVUAx\npTVUAx.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.19] - (.Veetle Inc - Version 0.9.19, Copyright 2006-2012 Veetle Inc<br><a href="
http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="
http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.2] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Firefox Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.delta-search.com =>Toolbar.DeltaSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.0.2.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 18
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
~ BHO: 4 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SystrayORAHSS] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-3128661018-94020315-1220936078-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-3128661018-94020315-1220936078-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: Video Converter.lnk . (...) -- C:\Program Files\VideoConverter\VideoConverter.exe
~ Global Startup: Scanned in 00mn 04s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 6 Legitimates Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) -
http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0143862B-E4BF-4E65-BB73-26ED67355D8A}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{699F297B-C8BA-47A1-927A-F5904756D430}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{699F297B-C8BA-47A1-927A-F5904756D430}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll =>Toolbar.Babylon
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
O23 - Service: Online Games Manager (ogmservice) . (.RealNetworks, Inc. - Online Games Manager.) - C:\Program Files\Online Games Manager\ogmservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 8 Legitimates Scanned in 00mn 21s
---\\ Enumération Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedUpMyPC.job [242]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\spmonitor.job [320]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Test TimeTrigger.job [396]
[MD5.00000000000000000000000000000000] [APT] [SpeedUpMyPC] (...) -- C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [spmonitor] (...) -- C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Updater19962.exe] (...) -- C:\Users\gab\AppData\Local\Updater19962\Updater19962.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0A88E7C0-5A9E-4D9A-8355-98FD20FF1758}] (...) -- C:\Program Files\MakeHuman 0.9.1 RC1\uninstall.exe (.not file.) [0]
[MD5.06623A1845FF79E5088D98F8A234F2D1] [APT] [{1054502C-02AB-4AD6-A793-BFBF21480251}] (.Apple Computer, Inc..) -- C:\Windows\system32\QuickTime.cpl [202240]
[MD5.60106EBB64BE0CA658A3CC843214A78B] [APT] [{584176B7-4568-4CDE-BC64-1A013299BED1}] (.Intel Corporation.) -- C:\Windows\system32\igfxcpl.cpl [122880]
[MD5.F73246900E717D7524BD7E0FC40A12B2] [APT] [{5A859366-DFA7-4F06-9522-60048BD2A8AD}] (.France Telecom SA.) -- C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe [28672]
[MD5.00000000000000000000000000000000] [APT] [{5C5545CD-2120-49AA-A06B-7DF00E2C01A4}] (...) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma (.not file.) [0]
~ Scheduled Task: 24 Legitimates Scanned in 00mn 06s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
~ Active Setup: 14 Legitimates Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
~ Drivers: 40 Legitimates Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Toolbar.Babylon
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM] -- bi_uninstaller
O42 - Logiciel: Celtx (2.9) - (.Greyfirst.) [HKLM] -- Celtx (2.9)
O42 - Logiciel: EZdrummer - (.Toontrack.) [HKLM] -- {43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
O42 - Logiciel: Online Games Manager v1.20 - (.Real Networks, Inc..) [HKLM] -- Online Games Manager
O42 - Logiciel: Pack Tux XP 3.0 - (.Bricomix.) [HKLM] -- Pack Tux XP
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar For Firefox 1.11.0.2 - (...) [HKLM] -- {EEE6C374-6118-11DC-9C72-001320C79847} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Updater - (...) [HKLM] -- WNLT =>PUP.SweetIM
O42 - Logiciel: avast! Free Antivirus v7.0.1455.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: fTalk - (.Koyote-Lab Inc.) [HKCU] -- fTalk
~ Logic: 86 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5a6dfdeb63ce415]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\BI]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\CodeStuff]
[HKCU\Software\DXTransform]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\PerformerSoft]
[HKCU\Software\Sarbakan]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Sonalksis]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\VidFilters]
[HKCU\Software\WNLT]
[HKCU\Software\Worldweaver]
[HKCU\Software\delta LTD]
[HKCU\Software\perforce]
[HKLM\Software\5a6dfdeb63ce415]
[HKLM\Software\BD Inc]
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\Busps]
[HKLM\Software\Cinos]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DomaIQ]
[HKLM\Software\Greyfirst]
[HKLM\Software\Hemera Technologies Inc.]
[HKLM\Software\IncrediMail]
[HKLM\Software\Kjaerhus Audio]
[HKLM\Software\PerformerSoft]
[HKLM\Software\Supreme Savings]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\TG Byte Software]
[HKLM\Software\Thomson]
[HKLM\Software\Worldweaver]
[HKLM\Software\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\greyfirst.ca]
[HKLM\Software\woohook]
~ Key Software: 223 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/02/2011 - 11:28:05 - [42,569] ----D C:\Program Files\Celtx
O43 - CFD: 08/09/2010 - 06:46:04 - [1,229] ----D C:\Program Files\CodeStuff
O43 - CFD: 04/04/2013 - 19:17:36 - [0,041] ----D C:\Program Files\DomaIQ Uninstaller
O43 - CFD: 22/02/2013 - 11:32:30 - [0,063] ----D C:\Program Files\Driver Restore
O43 - CFD: 19/10/2010 - 08:42:26 - [0,001] ----D C:\Program Files\FaceMorpher Lite
O43 - CFD: 01/04/2013 - 01:01:52 - [0,577] ----D C:\Program Files\Online Games Manager
O43 - CFD: 09/02/2013 - 16:45:33 - [0,000] ----D C:\Program Files\PokerStars
O43 - CFD: 06/03/2010 - 14:52:56 - [0,000] ----D C:\Program Files\Sonik Synth 2 Free
O43 - CFD: 09/03/2013 - 23:01:23 - [4,909] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 09/03/2013 - 23:00:21 - [0,359] ----D C:\Program Files\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 05/12/2009 - 17:17:05 - [2,961] ----D C:\Program Files\Timeworks
O43 - CFD: 23/09/2012 - 19:25:18 - [13,520] ----D C:\Program Files\VideoConverter
O43 - CFD: 15/02/2013 - 20:07:23 - [0,017] ----D C:\Program Files\Whodeletedme
O43 - CFD: 24/03/2013 - 17:38:19 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 03/04/2013 - 12:56:27 - [8,209] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 09/03/2013 - 23:00:44 - [0,245] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 06/07/2012 - 09:05:27 - [1,000] ----D C:\ProgramData\{8EEE9C00-5B20-48B7-9329-7BA2CEEB18B2}
O43 - CFD: 12/08/2012 - 19:03:58 - [0] ----D C:\ProgramData\????????????????????????????????
O43 - CFD: 14/08/2012 - 13:51:35 - [0] ----D C:\ProgramData\?Í?Í1
O43 - CFD: 14/08/2012 - 19:42:26 - [0] ----D C:\ProgramData\?Ô?Ô1
O43 - CFD: 13/08/2012 - 13:09:49 - [0] ----D C:\ProgramData\????1
O43 - CFD: 13/08/2012 - 20:32:45 - [0] ----D C:\ProgramData\????1
O43 - CFD: 15/08/2012 - 12:54:22 - [0] ----D C:\ProgramData\????1
O43 - CFD: 15/08/2012 - 00:00:51 - [0] ----D C:\ProgramData\????1
O43 - CFD: 03/04/2013 - 12:54:17 - [0,009] ----D C:\Users\gab\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/01/2010 - 16:13:41 - [0,002] ----D C:\Users\gab\AppData\Roaming\Blue Cat Audio
O43 - CFD: 23/10/2009 - 10:06:35 - [0,001] ----D C:\Users\gab\AppData\Roaming\dcunningham.net
O43 - CFD: 21/02/2011 - 11:28:58 - [8,550] ----D C:\Users\gab\AppData\Roaming\Greyfirst
O43 - CFD: 04/01/2010 - 14:21:47 - [0,000] ----D C:\Users\gab\AppData\Roaming\Openworld Learning
O43 - CFD: 10/02/2013 - 01:43:36 - [0,047] ----D C:\Users\gab\AppData\Roaming\PerformerSoft
O43 - CFD: 05/09/2009 - 11:56:54 - [0,035] ----D C:\Users\gab\AppData\Roaming\Pirateville
O43 - CFD: 05/10/2010 - 11:00:08 - [0,004] ----D C:\Users\gab\AppData\Roaming\Stykz
O43 - CFD: 15/10/2010 - 09:32:28 - [0] ----D C:\Users\gab\AppData\Local\._Revolution_
O43 - CFD: 09/03/2013 - 23:08:27 - [0,428] ----D C:\Users\gab\AppData\Local\Bundled software uninstaller
O43 - CFD: 21/02/2011 - 11:28:58 - [3,484] ----D C:\Users\gab\AppData\Local\Greyfirst
O43 - CFD: 12/12/2012 - 11:59:45 - [0] ----D C:\Users\gab\AppData\Local\Ludi
O43 - CFD: 17/03/2013 - 23:35:09 - [0,000] ----D C:\Users\gab\AppData\Local\rencontreshard
O43 - CFD: 03/04/2013 - 19:42:32 - [0] ----D C:\Users\gab\AppData\Local\Supreme Savings
O43 - CFD: 03/04/2013 - 12:56:40 - [0,001] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 15/02/2013 - 20:34:56 - [0,002] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeStuff Starter
O43 - CFD: 27/04/2010 - 19:09:28 - [0] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Media Plugin
O43 - CFD: 19/10/2010 - 08:50:49 - [0] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Packs
O43 - CFD: 08/09/2010 - 06:49:31 - [0,002] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup (Disabled by Starter)
O43 - CFD: 05/12/2009 - 17:17:05 - [0] ----D C:\Users\gab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timeworks
~ 62 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 308 Legitimates Scanned in 00mn 24s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.85D17ABC76035D9F33FC47F068097C86] - 01/04/2013 - 22:54:45 ---A- . (...) -- C:\Windows\System32\QuickTime.qtp [352]
O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 27/02/2013 - 12:21:38 ---A- . (...) -- C:\Windows\System32\ImHttpComm.dll [28160]
~ Files: 36 Legitimates Scanned in 00mn 14s
---\\ Export de clé d'application autorisée (O47)
~ Keys Export: 1 Legitimates Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 7 Legitimates Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{009e9704-be21-11de-9b8a-001eec4c8d76}\AutoRun\command. (...) -- E:\AutoRunCardDetector.exe (.not file.)
O51 - MPSK:{3e122391-74ca-11de-9f46-001eec4c8d76}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
O51 - MPSK:{9ba234c1-da4e-11de-bca1-001eec4c8d76}\AutoRun\command. (...) -- E:\AutoRunCardDetector.exe (.not file.)
O51 - MPSK:{d52a1b71-73c6-11de-97fc-001eec4c8d76}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"VIDC.CFHD"="cfhd.dll" . (.CineForm Inc. - CineForm VFW CODEC.) -- C:\Windows\System32\cfhd.dll
O52 - TDSD: \drivers.desc\"cfhd.dll"="Codec CineForm HD VFW" . (.CineForm Inc. - CineForm VFW CODEC.) -- C:\Windows\System32\cfhd.dll
~ TDSD: 7 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
~ MWPE Keys: 1 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
~ Legacy: 130 Legitimates Scanned in 00mn 18s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
~ FASS Keys: 19 Legitimates Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [gab - ruqve71n.default] user_pref("extensions.crossrider.bic", "139f44f8f1934c80c7920f6c713f2599"); =>PUP.CrossRider
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("avg.install.userHPSettings", "
http://www.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=1017001FE2A7A91A"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("avg.install.userSPSettings", "Delta Search");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.crossrider.bic", "13dcf8bef5b8344a88eaba7936a80cf0"); =>PUP.CrossRider
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.bbDpng", "3");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.id", "1017208d000000000000001fe2a7a91a");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.instlDay", "15798");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.012:55:40");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.vrsnTs", "1.8.10.012:55:40");
O69 - SBI: prefs.js [gab - yi276baa.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) -
http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) -
http://www.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {218023DC-DB9B-406C-ADBE-78D784AAAE81} - (Yahoo! Search) -
http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) -
http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
~ Services: 31 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.AA4A8AD48D7A4DCE9E04C305DC158A74] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.1188.bin [739]
[MD5.897B373F3A95E6E79196CCB29C4F1EFE] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.1500.bin [37460]
[MD5.335D04B167C28EEAAD04FE58975C4A6E] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.272.bin [10223]
[MD5.834A12E9DF90C09E141195086476ACAB] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.2968.bin [739]
[MD5.035F83A462E62E69DF52E8640A54DDA6] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.3752.bin [2202]
[MD5.9A1BA39A6BCE89253C0058F6605DBC22] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.3816.bin [3932]
[MD5.7AE6ABAEE437A73391CAB1346F504DEC] [SPRF][19/05/2012] (...) -- C:\ProgramData\1337429325.4092.bin [2796]
[MD5.C8510796D287E7AC8823536E89982AAC] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.1036.bin [3932]
[MD5.78435E05C64B0036EF0670294D31179B] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.1612.bin [14227]
[MD5.51427B7D1539AEFA3EF5B8FD92708D96] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.2164.bin [28826]
[MD5.91966A79026C8793B2A9FB25E2F96923] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.2804.bin [4276]
[MD5.887803B4742F4348D394258EC082D5C9] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.2820.bin [48303]
[MD5.7AFF8B0835A907436AF4D793B30DBFD4] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.3048.bin [739]
[MD5.9A22DD06030A478788BB1FC6FCE20CC3] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.4056.bin [6197]
[MD5.B319BE1D56EAD59FA38F30E7932009F0] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.4660.bin [33461]
[MD5.30CDAFC407690D9FA8AD98735EB285EB] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.4780.bin [9761]
[MD5.BC9D9896BFB2FAC0472E756FB60F596D] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337697766.5840.bin [739]
[MD5.55B97CC5D269334FE575FCD734E4BE5C] [SPRF][22/05/2012] (...) -- C:\ProgramData\1337703717.bdinstall.bin [427669]
[MD5.BF25C72D37FD91804847CC6C1670105E] [SPRF][19/07/2009] (...) -- C:\Users\gab\AppData\Local\d3d8caps.dat [552]
[MD5.F81260A2C28E6FCC457BFF9837221CA5] [SPRF][05/04/2013] (...) -- C:\Users\gab\AppData\Local\d3d9caps.dat [6648]
~ Files: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
~ Firewall: 224 Legitimates Scanned in 00mn 03s
---\\ Scan Additionnel (O88)
Database Version : v2.11459 - (05/04/2013)
Clés trouvées (Keys found) : 88
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 2
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.IncrediBar
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{09C14BAE-2D45-4133-B0FA-5EA4FE5CF978}] =>PUP.SpecialSavings
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:sweetIM =>PUP.SweetIM
[HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} =>Toolbar.Babylon
C:\Program Files\SweetIM =>PUP.SweetIM
C:\Program Files\DomaIQ Uninstaller =>Toolbar.IncrediMail
C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com =>Toolbar.Babylon
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\Users\gab\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\gab\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\gab\AppData\Local\Supreme Savings =>PUP.RewardsArcade
C:\Users\gab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph =>Adware.GamePlayLabs
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\gab\AppData\Roaming\Mozilla\Firefox\Profiles\yi276baa.default\bprotector_prefs.js =>PUP.BProtector
~ Additionnel: Scanned in 00mn 45s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "82AF1148D23D8154290FF3DB087A20CB" . (.Sony Vegas 7.0.) -- C:\Windows\Installer\{8411FA28-D32D-4518-92F0-3FBD80A702BC}\vegas70.ico
O90 - PUC: "C6AC1E831212C5B43A5AB0003097E4FF" . (.Sony Media Manager 2.2.) -- C:\Windows\Installer\{38E1CA6C-2121-4B5C-A3A5-0B0003794EFF}\mediamgr.ico
~ Update Products: 66 Legitimates Scanned in 00mn 00s
---\\ Random Export Key (O91)
[HKCU\Software\5a6dfdeb63ce415] =>Toolbar.Babylon^
[HKCU\Software\5a6dfdeb63ce415]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5a6dfdeb63ce415]:version="2.6.1125.80"
[HKLM\Software\5a6dfdeb63ce415] =>Toolbar.Babylon^
[HKLM\Software\5a6dfdeb63ce415]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\5a6dfdeb63ce415]:version="2.6.1125.80"
~ Export Key Software: Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 08/10/2010 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 14/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 04/07/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 04/07/2012 130304 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 2569168 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
SR - | Auto 12/12/2006 57344 | C:\Program Files\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
SS - | Auto 07/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 12/03/2013 559168 | (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files\Online Games Manager\ogmservice.exe
SR - | Auto 24/10/2009 360224 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s
~ 1183 Legitimates filtered by white list
End of the scan (788 lines in 03mn 02s)(0)