Supression Babylon

Supression Babylon#107383

par kerso4 - dim. 23 févr. 2014 17:08

- dim. 23 févr. 2014 17:08 #107383

Bonjour à tous,

je débarque un peu sur ce forum car je suis complétement perdu avec mon PC qui tourne a 100% en permanence.
Après plusieurs heures sur internet, j'ai installé Ad-Aware qui a détecté le Trojan.PWS.Fareit.AJ localis dans mon fichier svchost.exe.
Ce qui est bizarre, c'est que ce fichier n'a pas été modifié depuis l'installation de Windows.
Donc, j'ai continué a cherché et j'ai lancé ZHPDiag qui a détecté pas mal de chose, notamment dans la partie "scan additionel". Je suis allé effcé les clzfs de registre indiquée et apres une nouvelle passe de Ad-Aware, plus rien.

mais ce qui me chiffone, c'est que ZHPDiag me remonteles lignes suivantes:

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... ar-babylon =PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blo ... bar-igraal =Toolbar.iGraal
~ MSI: 2 link(s) detected in 00mn 18s

Comment faire pour me débarrasser une bonne fois pour toute de Babylon car je pensais que c'était de l'histoire ancienne.

Je vous met ci dessous le rapport de ZHP:
~ Rapport de ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Lancé par Sébastien (23/02/2014 16:55:43)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
GCIE: Google Chrome v33.0.1750.117 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1 Pro with Media Center, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : V8MRQ
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2013
Ad-Aware Antivirus v11.1.5354.0
Spybot - Search Destroy v2.2.25
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.10 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader XI
Java 7 Update 45
Java 7 Update 51

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 10126 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 136 GB (57%) free of 238 GB

---\\ Mode de connexion au système
~ Computer Name: NOTEBOOK_ASUS
~ User Name: Sébastien
~ All Users Names: UpdatusUser, Sébastien, HomeGroupUser$, Guest, arian_000, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Sébastien\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Sébastien\AppData\Roaming\
~ %Desktop% : C:\Users\Sébastien\Desktop\
~ %Favorites% : C:\Users\Sébastien\Favorites\
~ %LocalAppData% : C:\Users\Sébastien\AppData\Local\
~ %StartMenu% : C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 136 Go of 238 Go)
D: CD-ROM drive (Not Inserted)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Explorateur Windows.) (.22/10/2013 - 08:55:27.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) (.22/08/2013 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.79B6F3DF7CDFD12159871FF71464F0CE] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.23/11/2013 - 08:08:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [403456]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.22/08/2013 - 14:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 05:00:32.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22/08/2013 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/23
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 2/13
~ Mon Bureau (My Desktop) : 2/2921
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés
[MD5.D004558CE39AA4F01F207627EECF4CFB] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [12493152] [PID.4740]
[MD5.A2791CF11D1ED52DBCD75D2FFD4D50E7] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848] [PID.3608]
[MD5.2C35624F79B9ADBFE47090879F0D8673] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.1296]
[MD5.29769215DEB6E8418EF3656B0423776E] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352] [PID.5680]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.7040]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.7432]
[MD5.085BE68B52CE5A5FA4621507AD518CF3] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.7444]
[MD5.AF49D1C79EA49A7833017F290EE63B82] - (.Safer-Networking Ltd. - Spybot - Search Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search Destroy 2\SDTray.exe [5624784] [PID.7488]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.7976]
[MD5.F0359F7CE712D69ACEF0886BDB4792ED] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382824] [PID.572]
[MD5.FA713019412C061385F09BD373BF747A] - (.ASUSTek Computer Inc. - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [105120] [PID.1448]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1520]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1548]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1960]
[MD5.F518545E5B7623AD49ABE7F8776EFA46] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1980]
[MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720] [PID.324]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.2172]
[MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280] [PID.2328]
[MD5.98EF79CC2B07398AC525F9EA1AE0366F] - (.Safer-Networking Ltd. - Spybot-SD 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search Destroy 2\SDFSSvc.exe [3921880] [PID.2424]
[MD5.2B29FD3AF7B4FEB272CD1F6EEC8FE4BA] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4915040] [PID.2684]
[MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2776]
[MD5.14BF6B3AB327D519ED007CDDC56F6900] - (.Safer-Networking Ltd. - Spybot-SD 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search Destroy 2\SDUpdSvc.exe [1042272] [PID.2884]
[MD5.820EBE67AB99F033FDE25B2692157991] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search Destroy 2\SDWSCSvc.exe [171416] [PID.3268]
[MD5.8596BF03CE3113E5DDFAF39997B0455D] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [184704] [PID.4484]
[MD5.5CD05A591DC60886812D802E7E03A902] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe [202592] [PID.1180]
[MD5.13C358D27CBFAF537FA7CA48B9052CF3] - (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1112000] [PID.8984]
[MD5.7525C93645FDA8E9D8F677FEA833798A] - (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1124288] [PID.9036]
[MD5.9656F8E29F6C3161A3E99BCD3A472FF9] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856] [PID.9180]
[MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.9204]
[MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.5776]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.babylon.com =PUP.Babylon
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] GoogleÂ Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [hiajdlfgbgnnjakkbnpdhmhfhklkbiol] JavaScript Popup Blocker v.1.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [kmhkepipobnjllejbafajoemahjejdcm] iGraal v.1.6 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleÂ Wallet v.0.0.6.1 (Activé)
~ Google Browser: 21 Legitimates Filtered in 00mn 01s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: mkvmerge GUI.lnk . (...) -- C:\Program Files (x86)\MKVToolNix\mmg.exe
O4 - GS\Desktop [Public]: Pinnacle Studio 12.lnk . (.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
O4 - GS\Desktop [Public]: Pinnacle Studio 17.lnk . (.Pinnacle - PinnacleStudio.) -- C:\Program Files (x86)\Pinnacle\Studio 17\programs\PinnacleStudio.exe
O4 - GS\Desktop [Public]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Spybot-SD Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search Destroy 2\SDWelcome.exe
O4 - GS\Desktop [UpdatusUser]: TimeAdjuster.lnk . (...) -- C:\Program Files (x86)\TimeAdjuster\time_adjuster.exe
O4 - GS\QuickLaunch [Sébastien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Sébastien]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Sébastien]: Pinnacle Studio 12.lnk . (.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
O4 - GS\QuickLaunch [Sébastien]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\TaskBar [Sébastien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Sébastien]: Sonos.lnk . (.Sonos, Inc. - Sonos Desktop Controller.) -- C:\Program Files (x86)\Sonos\Sonos.exe
O4 - GS\Program [Sébastien]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Sébastien]: Ordinateur.lnk - Clé orpheline
O4 - GS\Program [Sébastien]: QNAP-TS409 (2).lnk - Clé orpheline
O4 - GS\Program [Sébastien]: QNAP-TS409.lnk - Clé orpheline
O4 - GS\Desktop [Sébastien]: CyberGestion.lnk . (.Euro-Information - Logiciel de gestion de comptes pour les par.) -- C:\Program Files (x86)\CyberMUT\CyberGestion.exe
O4 - GS\Desktop [Sébastien]: DS413.lnk - Clé orpheline
O4 - GS\Desktop [Sébastien]: GrabIt Download.lnk . (...) -- C:\Users\Sébastien\GrabIt Download
O4 - GS\Desktop [Sébastien]: GrabIt.lnk . (...) -- C:\Program Files (x86)\GrabIt\GrabIt.exe
O4 - GS\Desktop [Sébastien]: inSSIDer 3.lnk . (...) -- C:\Users\Sébastien\AppData\Roaming\Microsoft\Installer\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}\Icon.ico
O4 - GS\Desktop [Sébastien]: MPC-HC 2.0.lnk . (...) -- C:\Program Files (x86)\MPC-HC.1.6.8.x64\mpc-hc64.exe (.not file.)
O4 - GS\Desktop [Sébastien]: Sweet Home 3D.lnk . (.eTeks - Sweet Home 3D.) -- C:\Program Files (x86)\Sweet Home 3D\SweetHome3D.exe
O4 - GS\TaskBar [arian_000]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [arian_000]: TimeAdjuster.lnk . (...) -- C:\Program Files (x86)\TimeAdjuster\time_adjuster.exe
~ Global Startup: 69 Legitimates Filtered in 00mn 00s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
O4 - HKLM\..\Run: [AdAwareTray] . (...) -- C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =.DT Soft Ltd
O4 - HKCU\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search Destroy 2\SDTray.exe
O4 - HKUS\S-1-5-21-1037379460-875535663-1976750924-1001\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =.DT Soft Ltd
O4 - HKUS\S-1-5-21-1037379460-875535663-1976750924-1001\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - HKUS\S-1-5-21-1037379460-875535663-1976750924-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{59B27570-EB3E-436F-8C57-1D47AD03B797}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{59B27570-EB3E-436F-8C57-1D47AD03B797}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Stereo Initialization dll, Version 3.) - C:\Program Files (x86)\NVIDIA~1\3DVISI~1\NVSTIN~1.dll
~ AppInit DLL: Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) . (...) - C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
O23 - Service: Spybot-SD 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search Destroy 2\SDWSCSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: 30 Legitimates Filtered in 00mn 03s

---\\ Logiciels installés (O42)
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr
~ Logic: 25 Legitimates Filtered in 00mn 00s

---\\ HKCU HKLM Software Keys
[HKCU\Software\Curtains]
[HKLM\Software\Wow6432Node\NSCPID]
~ Key Software: 271 Legitimates Filtered in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/08/2013 - 18:40:47 - [0] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 05/12/2013 - 20:59:10 - [116,868] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 23/02/2014 - 13:23:13 - [0] ----D C:\Users\Sébastien\AppData\Roaming\DataWork
O43 - CFD: 18/08/2013 - 09:00:29 - [0] -SH-D C:\Users\Sébastien\AppData\Local\ms-drivers
O43 - CFD: 03/12/2012 - 21:09:13 - [4,401] ----D C:\Users\Sébastien\AppData\Local\Pando_Temp
O43 - CFD: 01/02/2014 - 02:05:42 - [4,980] ----D C:\Users\Sébastien\AppData\Local\PokerStars.FR
~ Program Folder: 180 Legitimates Filtered in 00mn 01s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FF238C79B9D5D887D1C5C9C6743AFB7D] - 09/02/2014 - 19:22:06 ---A- . (...) -- C:\nsinst.log [3072]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/02/2014 - 19:33:21 ---A- . (...) -- C:\extensions.sqlite [0]
O44 - LFC:[MD5.2100B28C34C4FCE916A4A61F58E31198] - 12/02/2014 - 18:31:36 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [9701]
O44 - LFC:[MD5.4B916278E1487A5CD5F8F9A521980026] - 16/02/2014 - 02:00:17 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [385614]
~ Files: 101 Legitimates Filtered in 00mn 01s

---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{17dcd889-5d12-11e3-bebd-c4850845b6c1}\AutoRun\command. (...) -- D:\Welcome\Welcome.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FB88245C1815EB1588DBC364A8D24522] - 17/07/2012 - 00:39:22 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [162344]
O58 - SDL:[MD5.D168AE57558A6174FB35E0F82B32F62B] - 02/12/2012 - 11:27:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswnet.sys.sum [175]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 30/10/2013 - 19:55:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 20:26:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 20:26:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 31/12/2013 - 16:34:25 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 20:26:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 10/12/2013 - 22:32:33 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 17 Legitimates Filtered in 00mn 00s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.AF6EBD8DF166F4F84A941B534DB3687D] [SPRF][15/06/2013] (.MPC-HC Team - Media Player Classic - Home Cinema.) -- C:\Users\Sébastien\Desktop\mpc-hc64.exe [13183328]
~ Files: 1 Legitimates Filtered in 00mn 00s

---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "24BED006A334FA04CB4180E20475B72F" . (.AntimalwareEngine.) -- C:\WINDOWS\Installer\{600DEB42-433A-40AF-BC14-082E40577BF2}\ARPPRODUCTICON.exe
O90 - PUC: "5ADA61A603B0398448BA69B131041DA4" . (.AdAwareUpdater.) -- C:\WINDOWS\Installer\{6A16ADA5-0B30-4893-84AB-961B1340D14A}\ARPPRODUCTICON.exe
O90 - PUC: "76232FFB91D1E444392E5E50B98E50AE" . (.Dazzle Video Capture DVC100 X64 Driver 1.06.) -- C:\WINDOWS\Installer\{BFF23267-1D19-444E-93E2-E5059BE805EA}\ARPPRODUCTICON.exe
O90 - PUC: "A216D7CA50898BB48AACC4FC3E164B7B" . (.AdAwareInstaller.) -- C:\WINDOWS\Installer\{AC7D612A-9805-4BB8-A8CA-4CCFE361B4B7}\ARPPRODUCTICON.exe
~ Update Products: 66 Legitimates Filtered in 00mn 00s

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7ACC6AE8295DCF80AD715BD19AF5BCEB] [WIS][25/10/2013] (.Corel Corporation - Pinnacle Studio.) -- C:\Windows\Installer\1b4cde.msi [23055360]
~ WIS: 69 Legitimates Filtered in 00mn 02s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/10/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 14/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/07/2012 272176 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Auto 01/12/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 17/07/2012 731688 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 23/07/2012 105120 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 15/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 27/08/2012 1112000 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 06/09/2012 1124288 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 02/05/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 01/12/2012 29056 | (DptfParticipantProcessorService) . (...) - C:\Windows\System32\DptfParticipantProcessorService.exe
SR - | Auto 01/12/2012 30592 | (DptfPolicyConfigTDPService) . (...) - C:\Windows\System32\DptfPolicyConfigTDPService.exe
SR - | Auto 18/07/2012 627504 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 20/01/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 23/01/2014 702744 | (LavasoftAdAwareService11) . (...) - C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/08/2013 920864 | (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe
SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SR - | Auto 18/07/2012 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 15/10/2013 3921880 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search Destroy 2\SDFSSvc.exe
SR - | Auto 20/09/2013 1042272 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search Destroy 2\SDUpdSvc.exe
SR - | Auto 13/09/2013 171416 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search Destroy 2\SDWSCSvc.exe
SR - | Auto 02/10/2012 382824 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/02/2014 4915040 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =.Microsoft Corporation
SR - | Auto 18/07/2012 2699568 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

~ Services: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0

C:\Users\Sébastien\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm =Toolbar.iGraal
~ Additionnel Scan: 320246 Items scanned in 00mn 18s

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... ar-babylon =PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blo ... bar-igraal =Toolbar.iGraal
~ MSI: 2 link(s) detected in 00mn 18s

~ 1110 Legitimates filtered by white list
End of the scan (470 lines in 00mn 37s)(0)

Supression Babylon#107387

par 2011N2 - dim. 23 févr. 2014 17:14

- dim. 23 févr. 2014 17:14 #107387

Bonjour,

Fais un nouveau rapport ZHPDiag de la manière suivante (à partir du point 4/) et poste le rapport hébergé : http://www.forum-entraide-informatique. ... g-tutoriel

Et tu peux désinstaller Ad-Aware il est pas super efficace.

Gabriel.

Supression Babylon#115905

par Dori@n - jeu. 27 mars 2014 14:08

- jeu. 27 mars 2014 14:08 #115905

Bonjour,

Ce sujet n'a pas reçu de réponse de l'auteur depuis plus de 15 jours. Il est donc considéré comme archivé.
La prochaine fois, merci de nous tenir au courant de l'évolution de votre problème, ou de faire un UP régulièrement.

Ce sujet est verrouillé, si vous souhaitez le reprendre ou signaler qu'il est résolu, merci de contacter par message privé un membre de l'équipe de modération du forum.

À bientôt sur FEI !

[

Sujet verrouillé

Page 1 sur 1
3 messages

FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Supression Babylon#107383

Supression Babylon#107387

Supression Babylon#115905

Des conseils pour intégrer un chatbot sur mon site e-commerce?

Présentation

Présentation Kev28

Moteur de recherche Google remplacé par Yahoo automatiquement

Forum d'Entraide Informatique (FEI)

Nous suivre sur Twitter @forumFEI

FORUM D’ENTRAIDE INFORMATIQUE (FEI)Site d’assistance et de sécurité informatique

Forum d'Entraide Informatique (FEI)

FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique