cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.12.29.26 - Nicolas Coolman (29/12/2013)
~ Lancé par kader (07/01/2014 05:11:56 م)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16618
MFIE: Mozilla Firefox 26.0 (Defaut)
GCIE: Google Chrome v27.0.1453.116
OPIE: Opera v12.12

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Ad Blocker v1.0.0.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: x86 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3578.9 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 109 GB (36%) free of 298 GB

---\\ Mode de connexion au système
~ Computer Name: ABDOULKADER
~ User Name: kader
~ All Users Names: NTUSER, kader, HelpAssistant, chamsia, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\kader\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\kader\AppData\Roaming\
~ %Desktop% : C:\Users\kader\Desktop\
~ %Favorites% : C:\Users\kader\Favorites\
~ %LocalAppData% : C:\Users\kader\AppData\Local\
~ %StartMenu% : C:\Users\kader\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 109 Go of 298 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)
G: Floppy drive, Flash card reader, USB Key (Free 0 Go of 1 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in :0mn صs



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54 ص.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45 ص.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.2473CA6595A2659D7039A4A89FECA269] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 02:25:57 ص.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 01:17:54 م.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 01:21:24 م.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58 ص.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15 ص.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 12:11:15 ص.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10 ص.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32 ص.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29 ص.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 12:11:24 ص.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 12:54:29 ص.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22 ص.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44 ص.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 02:45:29 م.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 12:45:35 ص.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 12:54:34 ص.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46 ص.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 12:53:41 ص.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17 ص.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 01:30:16 م.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in :0mn صs



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 0/498
~ Mes musiques (My Musics) : 0/1119
~ Mes Videos (My Videos) : 0/563
~ Mes Favoris (My Favorites) : 0/46
~ Mes Documents (My Documents) : 0/9554
~ Mon Bureau (My Desktop) : 0/29
~ Menu demarrer (Programs) : 0/83
~ Hidden Files: Scanned in :3mn صs



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.424]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.3080]
[MD5.7EAFC20E93923DBE751164EB0683C490] - (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files\CyberLink\YouCam\YouCamService.exe [247016] [PID.3332]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.3608]
[MD5.4C976D5913FF84FBF3ED55F8855641B1] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [1568976] [PID.2824]
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576] [PID.2748]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.2876]
[MD5.A115E3540E9406551FD82DC9BD485F0F] - (.Pas de propriétaire - VProtect Application (Official).) -- C:\Program Files\AVG Secure Search\vprot.exe [2471448] [PID.3052] =>Toolbar.AVGSearch
[MD5.979D74799EA6C8B8167869A68DF5204A] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe [141824] [PID.3432]
[MD5.783F7F39A134AA5A9FE78A137980190B] - (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe [351000] [PID.3600]
[MD5.10E89F598469C60D8C87A8218089A87D] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\kader\AppData\Local\Akamai\netsession_win.exe [4489472] [PID.1128]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\kader\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.1596]
[MD5.58644FAFEEDFF3F8E9B9B02B8E093D46] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3612240] [PID.4084]
[MD5.32BD04B415865C8BCAF77310CCCB8A10] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\kader\AppData\Roaming\Dropbox\bin\Dropbox.exe [30714312] [PID.2840]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3032]
[MD5.A98C51239F27C4E43BE9401C4A11E306] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe [814472] [PID.3224]
[MD5.5521928AA79079565B7CB8FCE6806131] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [825808] [PID.2520]
[MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [268248] [PID.5340]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.6124]
[MD5.0C93CB40FFF1442BC6920281A8DF25AE] - (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMGrHlp.exe [513048] [PID.5064]
[MD5.ACA7A810549BD74EB1643BAAF0971EFC] - (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe [155136] [PID.7440]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.6384]
[MD5.C0AE759423616CDB7FCB3A19E6C869B1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8304640] [PID.6204]
~ Processes Running: Scanned in :0mn صs



---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
B0 - SPO: operaprefs.ini [kader] Home URL=http://www.google.com
B1 - OSP: search.ini [kader] URL=http://yahoo.opera.com/search
~ Opera Browser: 2 Legitimates Filtered in :0mn صs



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\kader\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [alpnhingmddeadgmgjbfefmaanaeifak] Bob Marley v.1.4 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google00A0Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.1 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [nhmkffelfdpohokfochdoakingpncmbh] Webexp Enhanced v.1.1 (Activé)
~ Google Browser: 20 Legitimates Filtered in :4mn صs



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\kader\AppData\Roaming\Mozilla\Firefox\Profiles\a8lefhmy.default\prefs.js (.not file.)
C:\Users\kader\AppData\Roaming\Mozilla\Firefox\Profiles\ltjyy0pa.default-1386664887361\prefs.js
M3 - MFPP: Plugins - [kader] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [kader] -- C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
~ Firefox Browser: 17 Legitimates Filtered in :0mn صs



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com
~ IE Browser: 13 Legitimates Filtered in :0mn صs



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in :0mn صs



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in :0mn صs



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in :0mn صs
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll (Official).) -- C:\Program Files\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} Clé orpheline =>PUP.Datamngr
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll =>Adware.Bandoo
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
O2 - BHO: WebexpEnhancedV1alpha1008 - {eed56692-cfb1-4851-a55f-ec23aebc43f7} . (.Pas de propriétaire - Webexp Enhanced.) -- C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1008\ie\WebexpEnhancedV1alpha1008.dll
~ BHO: 30 Legitimates Filtered in :0mn صs



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Babylon Toolbar - [HKLM]{98889811-442D-49dd-99D7-DC866BE87DBC} . (...) -- (.not file.) =>PUP.Babylon
O3 - Toolbar: (no name) - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} Clé orpheline
O3 - Toolbar: Ask Toolbar - [HKLM]{D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKLM]{2d38d9ef-b94e-4ed8-8564-3ac2cf8b88f7} Clé orpheline
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll (Official).) -- C:\Program Files\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: Yahoo! Toolbar - [HKLM]{EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in :0mn صs



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Comet Player.lnk . (...) -- C:\Program Files\MpcStar\CometPlayer\cometplayer.exe
O4 - GS\Desktop [Public]: Dicos Encarta.lnk . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe
O4 - GS\Desktop [Public]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: MpcStar.lnk . (...) -- C:\Program Files\MpcStar\mpcstar.exe
O4 - GS\Desktop [Public]: Opera 12.12 1707.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe
O4 - GS\Program [Public]: Grabber Help.lnk . (...) -- C:\Program Files\Internet Download Manager\grabber.chm
O4 - GS\Program [Public]: IDM Help.lnk . (...) -- C:\Program Files\Internet Download Manager\idman.chm
O4 - GS\Program [Public]: license.lnk . (...) -- C:\Program Files\Internet Download Manager\license.txt
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Opera 12.12 1707.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe
O4 - GS\Program [Public]: Remote Control.lnk . (...) -- C:\Windows\Installer\{E103B38A-FB7D-48AC-82CC-99083C28D4C8}\_5B79F43F6451A3DABBF417.exe
O4 - GS\Program [Public]: TUTORIALS.lnk . (...) -- C:\Program Files\Internet Download Manager\tutor.chm =>Spyware.AgenceExclusive
O4 - GS\Program [Public]: Uninstall IDM.lnk . (.Tonec Inc. - Internet Download Manager installer.) -- C:\Program Files\Internet Download Manager\Uninstall.exe
O4 - GS\QuickLaunch [kader]: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - GS\QuickLaunch [kader]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [kader]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [kader]: MiPony.lnk . (...) -- C:\Program Files\MiPony\MiPony.exe (.not file.)
O4 - GS\TaskBar [kader]: dico - Raccourci.lnk . (...) -- C:\Program Files\Anuman Interactive\40000 lettres types & correspondance\dico.exe
O4 - GS\TaskBar [kader]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [kader]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [kader]: Opera12.12 1707.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe
O4 - GS\TaskBar [kader]: Zumas Revenge.lnk . (.PopCap Games, Inc. - Zuma's Revenge!.) -- C:\Program Files\Zuma's Revenge\ZumasRevenge.exe =>Adware.PopCap
O4 - GS\Program [kader]: Grabber Help.lnk . (...) -- C:\Program Files\Internet Download Manager\grabber.chm
O4 - GS\Program [kader]: IDM Help.lnk . (...) -- C:\Program Files\Internet Download Manager\idman.chm
O4 - GS\Program [kader]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [kader]: license.lnk . (...) -- C:\Program Files\Internet Download Manager\license.txt
O4 - GS\Program [kader]: TUTORIALS.lnk . (...) -- C:\Program Files\Internet Download Manager\tutor.chm =>Spyware.AgenceExclusive
O4 - GS\Program [kader]: Uninstall IDM.lnk . (.Tonec Inc. - Internet Download Manager installer.) -- C:\Program Files\Internet Download Manager\Uninstall.exe
O4 - GS\SystemTools [kader]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [kader]: 40000 lettres types & correspondance.lnk . (.Apogée Conception - Conduite de synchronisation.) -- C:\Program Files\Anuman Interactive\40000 lettres types & correspondance\40000_lettres_types_correspondance.exe
O4 - GS\Desktop [kader]: EXCEL - Raccourci.lnk . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\Microsoft Office\Office12\EXCEL.exe
O4 - GS\Desktop [kader]: FreeCell.lnk . (.Microsoft Corporation - Exécutable pour le jeu FreeCell.) -- C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
O4 - GS\Desktop [kader]: GGXX-JEU.lnk . (.Sammy ARC SYSTEM WORKS - GUILTYGEAR XX #RELOAD.) -- C:\Program Files\JEU DE COMBAT\GUILTY GEAR XX #RELOAD\ggxx.exe
O4 - GS\Desktop [kader]: Go - Raccourci.lnk . (...) -- C:\UsbFix\Go.exe
O4 - GS\Desktop [kader]: HP Wireless Assistant.lnk . (.Hewlett-Packard - HP Wireless Assistant.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
O4 - GS\Desktop [kader]: IDMan - Raccourci.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [kader]: Images.lnk . (...) -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [kader]: ImportComponentLibrary - Raccourci.lnk . (...) -- C:\Users\kader\Videos\ImportComponentLibrary
O4 - GS\Desktop [kader]: Journal - Raccourci.lnk . (.Microsoft Corporation - Journal Windows.) -- C:\Program Files\Windows Journal\Journal.exe
O4 - GS\Desktop [kader]: LES FICHIERS.lnk . (...) -- C:\Users\kader\Documents\LES FICHIERS
O4 - GS\Desktop [kader]: Magic Photo Editor.lnk . (...) -- C:\Program Files\Magic Photo Editor\MagicPhoto.exe
O4 - GS\Desktop [kader]: MUSIQUES HAOUSSA ET AUTRES - Raccourci.lnk . (...) -- C:\Users\kader\Videos\MUSIQUES HAOUSSA ET AUTRES
O4 - GS\Desktop [kader]: Spider Solitaire - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [kader]: VIDEOS.lnk . (...) -- C:\Users\kader\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms
O4 - GS\Desktop [kader]: Zumas Revenge.lnk . (.PopCap Games, Inc. - Zuma's Revenge!.) -- C:\Program Files\Zuma's Revenge\ZumasRevenge.exe =>Adware.PopCap
O4 - GS\QuickLaunch [chamsia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [chamsia]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [chamsia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [chamsia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [chamsia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [chamsia]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [chamsia]: EXCEL - Raccourci.lnk . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\Microsoft Office\Office12\EXCEL.exe
~ Global Startup: 119 Legitimates Filtered in :1mn صs



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [kader]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\kader\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Startup [kader]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKLM\..\Run: [XeroxEndeavorBackgroundTask] Clé orpheline
O4 - HKLM\..\Run: [HPWirelessAssistant] . (...) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
O4 - HKLM\..\Run: [YouCam Service] . (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files\CyberLink\YouCam\YouCamService.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application (Official).) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [updat] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKCU\..\Run: [E09FXLRD_1599790] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\kader\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\kader\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [OrionBluetoothRemoteControl] C:\Program Files\Jerome Laban\Remote Control\BTRemoteServer.exe (.not file.)
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_82B7E962D609CC185E85F30D094F304C] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [updat] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [E09FXLRD_1599790] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\kader\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\kader\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [OrionBluetoothRemoteControl] C:\Program Files\Jerome Laban\Remote Control\BTRemoteServer.exe (.not file.)
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [GoogleChromeAutoLaunch_82B7E962D609CC185E85F30D094F304C] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2510005972-2606843454-3353322976-1000\..\Run: [updat] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
~ Application: Scanned in :0mn صs



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} -- Clé orpheline
~ IE Extra Buttons: Scanned in :0mn صs



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B459363-00DB-4974-972E-4A5332039CA5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B459363-00DB-4974-972E-4A5332039CA5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B459363-00DB-4974-972E-4A5332039CA5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in :0mn صs



---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - ViProtocol (Official).) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll =>Toolbar.AVGSearch
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in :0mn صs



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (vToolbarUpdater17.2.0) . (.AVG Secure Search - ToolbarU Application (Official).) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 9 Legitimates Filtered in :3mn صs



---\\ Logiciels installés (O42)
O42 - Logiciel: Yahoo! Toolbar - (.Yahoo! Inc..) [HKLM] -- Yahoo! Companion
~ Logic: 16 Legitimates Filtered in :0mn صs



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AI_RecycleBin]
[HKCU\Software\APN DTX]
[HKCU\Software\APN]
[HKCU\Software\Ask.com]
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\MyWebSearch] =>Adware.MyWebSearch
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Strongvault]
[HKCU\Software\delta LTD]
[HKLM\Software\APN]
[HKLM\Software\AskToolbar]
[HKLM\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\Better Surf Plus]
[HKLM\Software\Better-Surf] =>PUP.BetterSurf
[HKLM\Software\BetterSurf] =>PUP.BetterSurf
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\CursorMania_7l]
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\FocusInteractive]
[HKLM\Software\Fun Web Products] =>Adware.MyWebSearch
[HKLM\Software\LessTabs]
[HKLM\Software\MyWebSearch] =>Adware.MyWebSearch
[HKLM\Software\SOS]
[HKLM\Software\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\VBMZ] =>PUP.Duuqu
[HKLM\Software\iLividSRTB] =>Adware.Bandoo
~ Key Software: 273 Legitimates Filtered in :0mn صs



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/01/2014 - 07:36:07 م - [3.780] ----D C:\Program Files\Ask.com
O43 - CFD: 17/06/2012 - 04:14:21 م - [767.308] ----D C:\Program Files\JEU DE COMBAT
O43 - CFD: 13/04/2012 - 10:52:42 ص - [52.072] ----D C:\Program Files\LETRE DE CORRESPONDANCE
O43 - CFD: 31/12/2013 - 12:33:00 م - [0] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 26/07/2012 - 04:34:10 م - [0.028] ----D C:\Program Files\MyWebSearch =>Adware.MyWebSearch
O43 - CFD: 29/09/2013 - 02:54:01 م - [0.159] ----D C:\Program Files\Photoshine
O43 - CFD: 24/08/2013 - 10:53:25 م - [0.004] ----D C:\ProgramData\19104
O43 - CFD: 12/10/2012 - 10:35:10 ص - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 04/01/2014 - 03:23:37 م - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 26/06/2012 - 04:29:29 م - [7.417] ----D C:\ProgramData\bProtectorForWindows =>PUP.BProtector
O43 - CFD: 15/01/2013 - 08:14:32 م - [0] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 29/09/2013 - 07:51:17 ص - [1.198] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 29/06/2012 - 04:47:52 م - [0] --H-D C:\ProgramData\{743C2E37-D73E-451E-9FB3-39484814399E}
O43 - CFD: 28/12/2012 - 04:45:34 م - [0] --H-D C:\ProgramData\{ABD3832B-66DF-47A0-A937-C841D98A3C75}
O43 - CFD: 26/12/2013 - 11:38:47 ص - [0] ----D C:\Users\kader\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 19/07/2013 - 10:41:13 م - [1.941] ----D C:\Users\kader\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 12/10/2012 - 10:35:10 ص - [0.024] ----D C:\Users\kader\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 14/09/2013 - 11:25:47 ص - [35.042] ----D C:\Users\kader\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 03/05/2013 - 09:39:33 ص - [0] ----D C:\Users\kader\AppData\Roaming\Strongvault
O43 - CFD: 21/04/2013 - 11:02:10 م - [0] ----D C:\Users\kader\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 29/09/2013 - 08:00:51 ص - [0.012] ----D C:\Users\kader\AppData\Local\BearShare =>PUP.BearShare
O43 - CFD: 29/03/2013 - 11:50:39 ص - [0.094] ----D C:\Users\kader\AppData\Local\CursorMania_7l
O43 - CFD: 25/01/2013 - 11:17:10 ص - [0.009] ----D C:\Users\kader\AppData\Local\iLivid =>Adware.Bandoo
O43 - CFD: 02/01/2014 - 02:27:52 م - [0.001] ----D C:\Users\kader\AppData\Local\SwvUpdater =>PUP.Software.Updater
~ Program Folder: 213 Legitimates Filtered in :1mn صs



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 07/01/2014 - 03:45:21 م ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\Drivers\elxstor.sys.bak [453712]
O44 - LFC:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 07/01/2014 - 03:46:54 م ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\Drivers\stexstor.sys.bak [21072]
O44 - LFC:[MD5.D7C850799890A0D9578A46C9E2304151] - 07/01/2014 - 04:32:48 م ---A- . (...) -- C:\UsbFix [Scan 8] ABDOULKADER.txt [5295]
O44 - LFC:[MD5.33EFCF71BA6F78F1796AE8162BC6D31F] - 07/01/2014 - 04:41:36 م ---A- . (...) -- C:\Windows\ntbtlog.txt [842968]
O44 - LFC:[MD5.7C823FE2AF8965AC896DF2DE76C96D70] - 26/12/2013 - 12:59:31 م ---A- . (...) -- C:\Windows\DPINST.LOG [1534]
O44 - LFC:[MD5.4A72BDEDFD26958B7E72248F17E30FC5] - 31/12/2013 - 12:40:41 م ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1660]
~ Files: 330 Legitimates Filtered in :2mn صs



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in :0mn صs



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{35a237ca-c3e3-11e2-8d9f-441ea1cf4ae9}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
O51 - MPSK:{9f7a0432-bdee-11e2-bff2-441ea1cf4ae9}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
O51 - MPSK:{a31b93c5-5fae-11e2-a75d-441ea1cf4ae9}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
O51 - MPSK:{f529057c-2761-11e3-a4ed-441ea1cf4ae9}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.)
~ Keys: Scanned in :0mn صs



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in :0mn صs



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FA72FA503F580C3C628DD8C7D7622E37] - 30/08/2013 - 08:48:12 ص ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.FAF091AA45A6A6CF3CF94FE065950956] - 01/07/2013 - 09:42:55 ص ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.3FFBEE694566CADB0A64D8A1ACD7DBCE] - 01/07/2013 - 09:42:55 ص ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.A5F637D61719D37A5B4868C385E363C0] - 30/08/2013 - 08:48:13 ص ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [177864]
O58 - SDL:[MD5.22EA82FFE8CA4965C1994F24C35DC202] - 01/07/2013 - 09:42:55 ص ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ص ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 07/01/2014 - 03:45:21 م ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys.bak [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 11:54:14 م ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 07/01/2014 - 03:45:28 م ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys.bak [26624]
O58 - SDL:[MD5.2EA89CE0CB9A35A4AD79ACF7EAB9BBE0] - 12/04/2013 - 07:46:50 م ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [40136]
O58 - SDL:[MD5.2EA89CE0CB9A35A4AD79ACF7EAB9BBE0] - 07/01/2014 - 03:45:36 م ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys.bak [40136]
O58 - SDL:[MD5.2AA2C79B9E39C2FCBE0670AECC5B4361] - 27/06/2013 - 10:57:42 ص ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [104928]
O58 - SDL:[MD5.2AA2C79B9E39C2FCBE0670AECC5B4361] - 07/01/2014 - 03:45:43 م ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys.bak [104928]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ص ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 07/01/2014 - 03:46:54 م ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys.bak [21072]
O58 - SDL:[MD5.0C3B2A9C4BD2DD9A6C2E4084314DD719] - 26/03/2012 - 10:45:14 م ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [32768]
O58 - SDL:[MD5.0C3B2A9C4BD2DD9A6C2E4084314DD719] - 07/01/2014 - 03:46:56 م ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys.bak [32768]
O58 - SDL:[MD5.EC364C02F7DB2A40CC304DF75D126A49] - 05/01/2013 - 04:46:10 ص ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [37208]
O58 - SDL:[MD5.EC364C02F7DB2A40CC304DF75D126A49] - 07/01/2014 - 03:46:57 م ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys.bak [37208]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 10:40:41 م ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 10:40:44 م ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 10:40:40 م ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 10:40:43 م ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 10:40:43 م ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 10:40:23 م ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 10:40:31 م ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 10:40:35 م ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 10:40:39 م ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 10:40:27 م ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 10:40:11 م ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 10:40:15 م ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 10:40:17 م ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 10:40:19 م ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 10:40:13 م ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in :1mn صs



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in :0mn صs



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe
~ Keys: Scanned in :0mn صs



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {46DA407E-3B33-4C30-9FE6-A417399F081B} - (Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {8806FAA7-709E-467C-AB7D-0DA52206A5D8} - (Flickr) - http://www.flickr.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} [DefaultScope] - (MyPlayCity) - http://start.myplaycity.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
O69 - SBI: SearchScopes [HKCU] {A5EEABFC-3762-4362-BA2A-0C141772DCE4} - (Yahoo!) - http://search.yahoo.com
~ Keys: Scanned in :0mn صs



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E0DFF75D5B04C030DD245BC5828126AD] [SPRF][05/01/2014] (...) -- C:\Users\kader\AppData\Local\Temp\chart_data.dat [20982]
[MD5.8EA621E156605481DBEB3B7058933238] [SPRF][04/12/2013] (.BluetoothInstaller.com - Bluetooth Driver Installer.) -- C:\Users\kader\Desktop\bluetoothdriverinstaller.exe [1982464]
[MD5.3BA0F8D8754122217026FB72DAB3DF46] [SPRF][20/04/2012] (...) -- C:\Program Files\mpcstar_5.4_setup.exe [21765136]
~ Files: 6 Legitimates Filtered in :0mn صs



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{32CAA575-563C-4FE0-B30F-C665AB5A5EAC}" | In - Public - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr
O87 - FAEL: "{E89EB259-3623-473C-AEB1-8BF0A5E0B87E}" | In - Public - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr
O87 - FAEL: "{542188C8-F539-4137-A573-B73112062DFA}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{249527E3-C2D6-4886-B04D-AE7341B6368B}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{F2371009-6F62-4832-A510-5CC72FF73750}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe (.not file.) =>PUP.SearchResults
O87 - FAEL: "{4102B0B5-A309-4229-9D3E-D153B678575B}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe (.not file.) =>PUP.SearchResults
O87 - FAEL: "{9F6FCEB3-71E1-4873-AD8A-A4EBB166881B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{CDBED9E4-C628-45E3-9F8B-C561FB7F0863}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{D0595ED8-B58D-4DB7-A96D-F4F10E854B00}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{F6CBEC71-6F70-4AD5-A285-193E75F7DA02}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{640505A1-DC8D-4112-971E-DDB1CD703E57}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{4C09A8A9-7B16-470E-BA66-D6EC6CF63C79}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "TCP Query User{14EFFC5B-31E5-4602-ABEB-687812346773}C:\program files\ispy\ispy\ispy.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\ispy\ispy\ispy.exe (.not file.)
O87 - FAEL: "UDP Query User{E55EF7DB-FC74-4F96-8377-A08D4CECD407}C:\program files\ispy\ispy\ispy.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\ispy\ispy\ispy.exe (.not file.)
O87 - FAEL: "TCP Query User{BA6A22A1-5538-4BD0-8A86-18C70C1226E8}C:\program files\jerome laban\remote control\btremoteserver.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\jerome laban\remote control\btremoteserver.exe (.not file.)
O87 - FAEL: "UDP Query User{ADACB013-8585-4299-885D-BBBC0A021DB3}C:\program files\jerome laban\remote control\btremoteserver.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\jerome laban\remote control\btremoteserver.exe (.not file.)
O87 - FAEL: "{2B3179C0-4536-4731-8B87-D74B010D26DD}" |In - None - P6 - TRUE | .(...) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (.not file.)
O87 - FAEL: "{72065031-1BF3-4F91-B949-0DE7443A32EA}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe (.not file.)
O87 - FAEL: "TCP Query User{E37493F8-C5FE-44CF-BE19-A6D716132D7A}E:\programmation\qtchat\release\qtchat.exe" |In - Public - P6 - TRUE | .(...) -- E:\programmation\qtchat\release\qtchat.exe (.not file.)
O87 - FAEL: "UDP Query User{44823339-CF28-4006-8630-458A16074A94}E:\programmation\qtchat\release\qtchat.exe" |In - Public - P17 - TRUE | .(...) -- E:\programmation\qtchat\release\qtchat.exe (.not file.)
O87 - FAEL: "{204A6AA5-9247-4962-B215-AE31E13E695F}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe (.not file.)
O87 - FAEL: "TCP Query User{6D0D83BF-46DD-4AD9-ADAF-FEFDCBDD8796}C:\program files\hexchat\hexchat.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\hexchat\hexchat.exe (.not file.)
O87 - FAEL: "UDP Query User{35CE3A0D-04E0-4137-BD84-AA59DAD8ACD3}C:\program files\hexchat\hexchat.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\hexchat\hexchat.exe (.not file.)
O87 - FAEL: "{75F7ED18-0511-4362-A6A1-FD4D619DE3ED}" |In - Public - P17 - TRUE | .(...) -- C:\program files\hexchat\hexchat.exe (.not file.)
O87 - FAEL: "{4DA3135C-FE3A-4327-9163-37CEA0209ED3}" |In - Public - P6 - TRUE | .(...) -- C:\program files\hexchat\hexchat.exe (.not file.)
~ Firewall: 278 Legitimates Filtered in :1mn صs



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- c:\program files\ask.com\fv_8bbd.ico =>Toolbar.Ask
O90 - PUC: "A83B301ED7BFCA8428CC9980C3824D8C" . (.Remote Control.) -- C:\Windows\Installer\{E103B38A-FB7D-48AC-82CC-99083C28D4C8}\_853F67D554F05449430E7E.exe
O90 - PUC: "D03D33E5698D29D40B33F55418B99273" . (.Strongvault Online Backup.) -- C:\Windows\Installer\{5E33D30D-D896-4D92-B033-5F45819B2937}\SOS_APP_ICON
~ Update Products: 46 Legitimates Filtered in :0mn صs



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.C486CABD40481AA386E9454717D34C5B] [WIS][15/05/2012] (.TuneUp Software (www.tune-up.com) - TuneUp Utilities.) -- C:\Windows\Installer\27fc61c.msi [14605824]
[MD5.27AE6D7137C5568651622E1C71BD2893] [WIS][20/03/2013] (.[|Brand] - Strongvault Online Backup.) -- C:\Windows\Installer\390e95.msi [1996288]
[MD5.A93BEA03669DD4AF82DA0052B0D28EC8] [WIS][12/03/2013] (.Strongvault Online Backup - Strongvault Online Backup.) -- C:\Windows\Installer\390e9c.msi [11210240]
[MD5.277C9E7C42070C17159FAF60A16E76BE] [WIS][06/11/2012] (.Earth Networks, Inc. - Weather.) -- C:\Windows\Installer\759497.msi [2720826]
~ WIS: 50 Legitimates Filtered in :4mn صs



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 14/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/05/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 26/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 | (WinRing0_1_2_0) . (...) - C:\Users\kader\AppData\Local\Temp\tmp820B.tmp

SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 26/01/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 14/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 05/04/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
SR - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 27/12/2010 1817088 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 07/01/2014 1771544 | (vToolbarUpdater17.2.0) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

~ Services: Scanned in :5mn صs



---\\ Scan Additionnel (O88)
Database Version : 13013 - (29/12/2013)
Clés trouvées (Keys found) : 246
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 31
Fichiers trouvés (Files found) : 13

[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Ask^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0] =>Toolbar.AVGSearch^
[HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\{1fc41815-fa4c-4f8b-b143-2c045c8ea2fc}] =>PUP.Kiwee
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{252c2315-cce0-4446-8da7-c00292a690ba}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}] =>PUP.BearShare
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{31F8B21E-8674-4589-A37F-31A4D4B55CC5}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}] =>PUP.BearShare
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}] =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}] =>Adware.BHO
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}] =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}] =>Toolbar.Crawler
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>PUP.Babylon
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}] =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}] =>PUP.Dealio
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}] =>PUP.BearShare
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}] =>PUP.BearShare
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}] =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}] =>PUP.BearShare
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\DiscoveryHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\GIFAnimator.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\IMTrProgress.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\IMWeb.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1] =>PUP.Babylon
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery] =>PUP.iMesh
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1] =>PUP.iMesh
[HKLM\Software\Classes\escort.escrtBtn.1] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1] =>PUP.Babylon
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask
[HKLM\Software\Classes\imweb.imwebcontrol] =>PUP.iMesh
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
[HKCU\Software\APN DTX] =>Toolbar.Ask
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\focusinteractive] =>Adware.MyWebSearch
[HKCU\Software\AppDataLow\Software\Fun Web Products] =>Adware.MyWebSearch
[HKLM\Software\Fun Web Products] =>Adware.MyWebSearch
[HKCU\Software\AppDataLow\Software\FunWebProducts] =>Adware.MyWebSearch
[HKLM\Software\FunWebProducts] =>Adware.MyWebSearch
[HKLM\Software\iLividSRTB] =>Adware.Bandoo
[HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Microsoft\Tracing\Babylon_RASAPI32] =>PUP.Babylon
[HKLM\Software\Microsoft\Tracing\Babylon_RASMANCS] =>PUP.Babylon
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}] =>Toolbar.Conduit
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\VBMZ] =>Toolbar.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}] =>Toolbar.RebateInformer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Tracing\Savings Sidekick_RASAPI32] =>PUP.SavingsSidekick
[HKLM\Software\Microsoft\Tracing\Savings Sidekick_RASMANCS] =>PUP.SavingsSidekick
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter
[HKLM\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{98889811-442D-49dd-99D7-DC866BE87DBC} =>PUP.Babylon^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
C:\Users\kader\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\MyWebSearch =>Adware.MyWebSearch^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\bProtectorForWindows =>PUP.BProtector^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\kader\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\Users\kader\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\kader\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\kader\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\kader\AppData\Local\Babylon =>PUP.Babylon^
C:\Users\kader\AppData\Local\BearShare =>PUP.BearShare^
C:\Users\kader\AppData\Local\iLivid =>Adware.Bandoo^
C:\Users\kader\AppData\Local\SwvUpdater =>PUP.Software.Updater^
C:\Program Files\Ask.com =>Toolbar.AskBar
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar =>Toolbar.Crawler
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer =>Rogue.PCPerformer
C:\Users\kader\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\kader\AppData\Local\UtilityChest_49 =>Adware.MyWebSearch
C:\Users\kader\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\kader\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\kader\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
C:\Users\kader\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch
C:\Users\kader\AppData\LocalLow\MyWebSearch =>Adware.MyWebSearch
C:\Users\kader\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\kader\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
[HKCU\Software\BearShare] =>PUP.BearShare^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\MyWebSearch] =>Adware.MyWebSearch^
[HKLM\Software\Babylon] =>PUP.Babylon^
[HKLM\Software\Better-Surf] =>PUP.BetterSurf^
[HKLM\Software\BetterSurf] =>PUP.BetterSurf^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\DomaIQ] =>Adware.DomaIQ^
[HKLM\Software\MyWebSearch] =>Adware.MyWebSearch^
C:\Windows\System32\searchplugins\bProtect.xml =>
~ Additionnel Scan: 258851 Items scanned in :3mn صs



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/26666257-adware-popcap =>Adware.PopCap
~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare =>PUP.BearShare
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/36340918-pup-bettersurf =>PUP.BetterSurf
~ http://nicolascoolman.webs.com/apps/blog/show/30393137-adware-domaiq =>Adware.DomaIQ
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater
~ http://nicolascoolman.webs.com/apps/blog/show/28863080-toolbar-kiwee =>PUP.Kiwee
~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh =>PUP.iMesh
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ http://nicolascoolman.webs.com/apps/blog/show/29640158-adware-videodownloadconverter =>Adware.VideoDownloadConverter
~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC
~ MSI: 33 link(s) detected in :3mn صs



~ 1505 Legitimates filtered by white list
End of the scan (957 lines in :0mn صs)(0)

Publicité


Signaler le contenu de ce document

Publicité