Dois-je faire confiance à ce message

Adeptedufolksale Messages postés 4 Statut Membre -  
 biper -
Bonjour,



Un message de Microsoft security essential alert s'affiche et me dit que je suis potentiellement infectée par Trojan-PSW.Win32.launch par Hack tool:Win32/Welevate.A et par Adware.Win32.Fraud et me propose to clean my computer. Je n'ose pas cliquer sur Clean computer et je ne sais pas quoi faire pour m'assurer de la véracité de ces affirmations. Merci de m'aider.

7 réponses

  1. bigsteck Messages postés 106 Statut Membre 29
     
    clean veux dire nettoyer, a mon avis, tu peux cliquer sans soucis.
    0
  2. Dan57
     
    Je pense que tu devrais oui.Si cela t'enlève quelque chose qui n'est pasun virus,réstaure.
    Sinon,si tu doutes,voici qui te fera moins douter peut être :
    Commence par utiliser ce logiciel de diagnostic :
    Celui-ci est plus complet que Hijackthis.

    - Télécharge ZHPDiag (de Nicolas Coolman)
    - Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
    - Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)
    - Il se lancera automatiquement à la fin de l'installation
    - Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
    - Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
    - Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
    0
  3. Adeptedufolksale Messages postés 4 Statut Membre
     
    Merci à vous deux, j'ai d'abord cliqué sur Clean computer et un truc s'est téléchargé du nom de setup et puis rien de plus ne se passe. De plus, je ne connais pas grand chose à l'informatique mais je trouve bizarre que vos posts et que ce téléchargement se fasse aux heures 16h, 18h alors qu'il est 10:32 am sur mon ordi? Est-ce normal
    0
  4. Adeptedufolksale Messages postés 4 Statut Membre
     
    Finalement voici le report de hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:43:51, on 2012-07-15
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
    C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
    C:\Windows\SysWOW64\mshta.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Users\Eli\AppData\Local\Temp\~nsu.tmp\Au_.exe
    C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/23
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120306083441.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
    O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Inspector] C:\Users\Eli\AppData\Roaming\Protector-odwj.exe
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-3365828270-2866236124-969635882-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-3365828270-2866236124-969635882-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Adeptedufolksale Messages postés 4 Statut Membre
     
    Voici aussi le rapport de ZHP Diag:

    Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012
    Run by Eli at 2012-07-15 11:53:36
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    Web site : http://nicolascoolman.skyrock.com/
    State :

    ---\\ Web Browser
    MSIE: Internet Explorer v

    ---\\ Windows Product Information
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : RMV82
    Windows License : OK
    ~ Windows Remaining Initializations Number : 2
    Software Protection Service (Protection logicielle) : KO
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    ---\\ System Information
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 6038 MB (64% free)
    System Restore: Inconnu (Unknown)
    System drive C: has 630 GB (92%) free of 679 GB

    ---\\ Logged in mode
    ~ Computer Name: ELI-PC
    ~ User Name: Eli
    ~ All Users Names: UpdatusUser, HomeGroupUser$, Eli, Administrateur,
    ~ Unselected Option: ,,,,,,,
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Users\Eli\AppData\Roaming\
    ~ %Desktop% : C:\Users\Eli\Desktop\
    ~ %Favorites% : C:\Users\Eli\Favorites\
    ~ %LocalAppData% : C:\Users\Eli\AppData\Local\
    ~ %StartMenu% : C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\System32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 630 Go of 679 Go)
    D:\ CD-ROM drive (Not Inserted)
    Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    ---\\ Security Center & Tools Informations
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
    ~ Scan Security Center in 00mn 00s

    ---\\
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2012-03-06 - 10:08:31.) -- C:\Windows\Explorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
    [MD5.5A45FA344F4AD99D903F4B20E43B89EC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2012-06-02 - 07:05:28.) -- C:\Windows\System32\wininet.dll [1392128]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.2010-11-20 - 22:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-20 - 22:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
    [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-12-27 - 22:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 22:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 22:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 22:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 19:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2012-03-06 - 10:08:33.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 22:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
    [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2012-03-06 - 10:08:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
    [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 19:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2010-11-20 - 22:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 19:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-20 - 22:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2010-11-20 - 22:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
    ~ Scan Generic Processes in 00mn 00s

    ---\\
    ~ Mes images (My Pictures) : 1/417
    ~ Mes Favoris (My Favorites) : 1/10
    ~ Mon Bureau (My Desktop) : 1/7
    ~ Menu demarrer (Programs) : 1/25
    ~ Scan Hidden Files in 00mn 00s

    ---\\
    [MD5.CC15BC65084C07E41CBE446C4D0B9D35].(.Intel Corporation.Bluetooth Media Player Controller.) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe [846160] [PID.4020]
    [MD5.2EF0B3C51971F51ED700C01CFBC5B82A].(.Creative Technology Ltd.Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942] [PID.5172]
    [MD5.09E050B3CB76151FDD604877965A16C9].(..AccuWeather.com desktop weather widget.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [957440] [PID.5328]
    [MD5.C9F53D264863832F11B5E9AD856DAB22].(.Nero AG.Nero.AndroidServer.exe.) -- C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe [150312] [PID.7852]
    [MD5.A9A5FAED493018CBAC0658CE7E94A2F8].(.TeamViewer GmbH.TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe [7445416] [PID.8616]
    [MD5.0D98EE9F2296576639FD89C6FF92EDD4].(.Google Inc..Google Chrome.) -- C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe [1250328] [PID.]
    [MD5.34B01BBD8F00B6B9C9248DC4F1E3CD01].(.Microsoft Corporation.Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748664] [PID.10152]
    [MD5.7317348C529B501C98330771F8109700].(.Adobe Systems Incorporated.Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe [686280] [PID.10316]
    [MD5.BE955BAB4EFC2A28BE2692D102FFC85A].(...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3838464] [PID.11272]
    ~ Scan Processes Running in 00mn 00s

    ---\\
    C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
    G0 - GCSP: Preference [User Data\Default] https://www.google.com/?gws_rd=ssl
    G1 - GCS: Preference [User Data\Default] None
    ~ Scan Google Browser in 00mn 00s

    ---\\
    P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Eli\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Eli\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    ~ Scan Firefox Browser in 00mn 00s

    ---\\
    R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
    R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
    ~ Scan IE Browser in 00mn 00s

    ---\\
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Scan Proxy management in 00mn 00s

    ---\\
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Scan Hosts File in 00mn 00s
    ~ Nombre de lignes (Lines number): 0

    ---\\
    O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe
    O4 - HKCU\..\Run: [Inspector] . (...) -- C:\Users\Eli\AppData\Roaming\Protector-odwj.exe
    ~ Scan Application in 00mn 00s

    ---\\
    O4 - Global Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Eli\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
    O4 - Global Startup: C:\Users\Eli\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
    O4 - Global Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    ~ Scan Global Startup in 00mn 00s

    ---\\
    O24 - Default MHTML Editor: Last - .(...) - (.not file.)
    ~ Scan Desktop Component in 00mn 00s

    ---\\
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3365828270-2866236124-969635882-1002Core.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3365828270-2866236124-969635882-1002UA.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SystemToolsDailyTest.job
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3365828270-2866236124-969635882-1002Core] (.Google Inc..) -- C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3365828270-2866236124-969635882-1002UA] (.Google Inc..) -- C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe
    [MD5.136CA4AF0B2E0CB6C00FEF31A0A825D3] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
    [MD5.FC0056E5773E0B3D07AE71D024AB5296] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\pcdrcui.exe
    ~ Scan Scheduled Task in 00mn 06s

    ---\\ (None)

    ---\\
    O43 - CFD: 2012-03-06 - 10:37:19 - [455,831] ----D C:\Program Files (x86)\Adobe
    O43 - CFD: 2012-03-06 - 09:56:24 - [6,385] ----D C:\Program Files (x86)\Cisco
    O43 - CFD: 2012-06-14 - 22:17:56 - [270,017] ----D C:\Program Files (x86)\Common Files
    O43 - CFD: 2012-03-06 - 10:24:27 - [1,904] ----D C:\Program Files (x86)\Creative
    O43 - CFD: 2012-03-06 - 10:23:58 - [0,109] ----D C:\Program Files (x86)\Creative Live! Cam
    O43 - CFD: 2012-03-06 - 10:19:37 - [0,064] ----D C:\Program Files (x86)\Cyberlink
    O43 - CFD: 2012-03-06 - 10:44:37 - [247,785] ----D C:\Program Files (x86)\Dell
    O43 - CFD: 2012-07-13 - 10:07:34 - [376,289] ----D C:\Program Files (x86)\Dell DataSafe Local Backup
    O43 - CFD: 2012-03-06 - 10:45:02 - [170,804] ----D C:\Program Files (x86)\Dell Stage
    O43 - CFD: 2012-03-06 - 10:24:04 - [95,160] ----D C:\Program Files (x86)\Dell Webcam
    O43 - CFD: 2012-03-06 - 10:16:14 - [0,891] ----D C:\Program Files (x86)\eBay
    O43 - CFD: 2012-06-10 - 09:02:41 - [145,420] ----D C:\Program Files (x86)\Google
    O43 - CFD: 2012-07-15 - 11:41:12 - [5,977] ----D C:\Program Files (x86)\GridinSoft Trojan Killer
    O43 - CFD: 2012-03-06 - 10:23:59 - [50,992] --H-D C:\Program Files (x86)\InstallShield Installation Information
    O43 - CFD: 2012-03-06 - 09:58:01 - [104,821] ----D C:\Program Files (x86)\Intel
    O43 - CFD: 2012-03-06 - 10:00:39 - [71,096] ----D C:\Program Files (x86)\Intel Corporation
    O43 - CFD: 2012-07-13 - 10:05:30 - [4,918] ----D C:\Program Files (x86)\Internet Explorer
    O43 - CFD: 2012-03-06 - 10:33:42 - [0,072] ----D C:\Program Files (x86)\Jagex
    O43 - CFD: 2012-03-18 - 01:08:04 - [177,682] ----D C:\Program Files (x86)\Java
    O43 - CFD: 2012-03-06 - 10:20:57 - [49,362] ----D C:\Program Files (x86)\K-NFB Reading Technology Inc
    O43 - CFD: 2013-03-14 - 21:26:27 - [1,199] ----D C:\Program Files (x86)\McAfee
    O43 - CFD: 2012-03-06 - 10:34:26 - [0,409] ----D C:\Program Files (x86)\mcafee.com
    O43 - CFD: 2012-03-06 - 10:33:42 - [20,296] ----D C:\Program Files (x86)\Microsoft
    O43 - CFD: 2012-06-18 - 10:12:31 - [12,399] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
    O43 - CFD: 2012-06-14 - 22:17:56 - [6,425] ----D C:\Program Files (x86)\Microsoft Office
    O43 - CFD: 2012-06-18 - 10:29:11 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
    O43 - CFD: 2012-03-06 - 10:31:37 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    O43 - CFD: 2011-02-10 - 11:39:40 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
    O43 - CFD: 2009-07-14 - 01:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
    O43 - CFD: 2012-03-06 - 10:43:53 - [221,417] ----D C:\Program Files (x86)\Nero
    O43 - CFD: 2012-03-06 - 09:27:11 - [26,025] ----D C:\Program Files (x86)\NVIDIA Corporation
    O43 - CFD: 2012-03-06 - 10:20:35 - [1,669] ----D C:\Program Files (x86)\PlayReady
    O43 - CFD: 2009-07-14 - 01:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
    O43 - CFD: 2012-03-06 - 10:15:00 - [16,550] R---D C:\Program Files (x86)\Skype
    O43 - CFD: 2012-07-15 - 11:07:54 - [15,728] ----D C:\Program Files (x86)\TeamViewer
    O43 - CFD: 2012-07-15 - 11:42:21 - [0,378] ----D C:\Program Files (x86)\Trend Micro
    O43 - CFD: 2009-07-14 - 00:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
    O43 - CFD: 2012-03-06 - 10:06:22 - [238,517] ----D C:\Program Files (x86)\WildTangent
    O43 - CFD: 2012-03-06 - 10:06:45 - [8,988] ----D C:\Program Files (x86)\WildTangent Games
    O43 - CFD: 2013-03-16 - 17:56:01 - [0,500] ----D C:\Program Files (x86)\Windows Defender
    O43 - CFD: 2012-03-06 - 10:32:09 - [173,940] ----D C:\Program Files (x86)\Windows Live
    O43 - CFD: 2011-04-07 - 22:13:46 - [5,895] ----D C:\Program Files (x86)\Windows Mail
    O43 - CFD: 2013-03-16 - 17:56:01 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
    O43 - CFD: 2009-07-14 - 01:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
    O43 - CFD: 2013-03-16 - 17:56:01 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
    O43 - CFD: 2010-11-20 - 23:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
    O43 - CFD: 2013-03-16 - 17:56:02 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
    O43 - CFD: 2012-07-15 - 11:52:03 - [12,844] ----D C:\Program Files (x86)\ZHPDiag
    O43 - CFD: 2012-03-06 - 10:37:20 - [4,671] ----D C:\Program Files (x86)\Zinio Reader 4
    O43 - CFD: 2012-03-18 - 01:00:44 - [18,266] ----D C:\Program Files (x86)\Common Files\Adobe
    O43 - CFD: 2012-03-06 - 10:37:19 - [29,675] ----D C:\Program Files (x86)\Common Files\Adobe AIR
    O43 - CFD: 2012-06-14 - 22:17:56 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
    O43 - CFD: 2012-03-06 - 10:23:27 - [1,840] ----D C:\Program Files (x86)\Common Files\InstallShield
    O43 - CFD: 2012-03-06 - 11:19:03 - [13,605] ----D C:\Program Files (x86)\Common Files\Intel
    O43 - CFD: 2012-03-06 - 10:00:59 - [68,647] ----D C:\Program Files (x86)\Common Files\Intel Corporation
    O43 - CFD: 2012-03-06 - 09:52:26 - [1,182] ----D C:\Program Files (x86)\Common Files\Java
    O43 - CFD: 2012-03-06 - 10:34:54 - [3,716] ----D C:\Program Files (x86)\Common Files\mcafee
    O43 - CFD: 2012-06-14 - 22:17:56 - [37,391] ----D C:\Program Files (x86)\Common Files\microsoft shared
    O43 - CFD: 2012-03-06 - 10:43:26 - [46,477] ----D C:\Program Files (x86)\Common Files\Nero
    O43 - CFD: 2012-03-06 - 09:52:56 - [0,155] ----D C:\Program Files (x86)\Common Files\postureAgent
    O43 - CFD: 2009-07-13 - 23:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
    O43 - CFD: 2009-07-13 - 23:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
    O43 - CFD: 2013-03-17 - 03:16:06 - [9,767] ----D C:\Program Files (x86)\Common Files\System
    O43 - CFD: 2012-03-06 - 10:26:14 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
    O43 - CFD: 2013-03-17 - 10:36:43 - [1,722] ----D C:\ProgramData\Adobe
    O43 - CFD: 2009-07-14 - 01:08:56 - [0] --H-D C:\ProgramData\Application Data
    O43 - CFD: 2013-03-14 - 22:02:06 - [0] ----D C:\ProgramData\Creative
    O43 - CFD: 2012-03-06 - 10:33:10 - [6,022] ----D C:\ProgramData\Dell
    O43 - CFD: 2009-07-14 - 01:08:56 - [0] --H-D C:\ProgramData\Desktop
    O43 - CFD: 2009-07-14 - 01:08:56 - [0] --H-D C:\ProgramData\Documents
    O43 - CFD: 2009-07-14 - 01:08:56 - [0] --H-D C:\ProgramData\Favorites
    O43 - CFD: 2012-03-06 - 10:18:53 - [0,017] ----D C:\ProgramData\install_clap
    O43 - CFD: 2012-03-06 - 10:52:20 - [0,013] ----D C:\ProgramData\Intel
    O43 - CFD: 2013-03-14 - 01:29:48 - [11,675] ----D C:\ProgramData\McAfee
    O43 - CFD: 2012-07-09 - 08:42:32 - [1989,109] -S--D C:\ProgramData\Microsoft
    O43 - CFD: 2012-03-06 - 10:43:54 - [2,536] ----D C:\ProgramData\Nero
    O43 - CFD: 2012-07-13 - 10:06:56 - [10,260] ----D C:\ProgramData\NVIDIA
    O43 - CFD: 2012-03-06 - 11:20:37 - [0,920] ----D C:\ProgramData\NVIDIA Corporation
    O43 - CFD: 2012-03-06 - 09:56:57 - [0] ----D C:\ProgramData\Roaming
    O43 - CFD: 2012-03-06 - 10:14:59 - [17,984] ----D C:\ProgramData\Skype
    O43 - CFD: 2009-07-14 - 01:08:56 - [0] --H-D C:\ProgramData\Start Menu
    O43 - CFD: 2012-03-06 - 09:52:27 - [0,000] ----D C:\ProgramData\Sun
    O43 - CFD: 2012-03-06 - 10:19:28 - [0,342] ----D C:\ProgramData\Temp
    O43 - CFD: 2009-07-14 - 01:08:56 - [0] --H-D C:\ProgramData\Templates
    O43 - CFD: 2012-06-15 - 07:46:25 - [0] ----D C:\ProgramData\VirtualizedApplications
    O43 - CFD: 2012-03-06 - 10:09:43 - [1569,319] ----D C:\ProgramData\WildTangent
    O43 - CFD: 2013-03-16 - 18:52:51 - [3,644] ----D C:\Users\Eli\AppData\Roaming\Adobe
    O43 - CFD: 2013-03-14 - 01:36:00 - [0,001] ----D C:\Users\Eli\AppData\Roaming\Creative
    O43 - CFD: 2013-03-14 - 01:35:54 - [1,623] ----D C:\Users\Eli\AppData\Roaming\Dell
    O43 - CFD: 2013-03-14 - 01:36:11 - [0,012] ----D C:\Users\Eli\AppData\Roaming\Fingertapps
    O43 - CFD: 2013-03-14 - 01:35:29 - [0] ----D C:\Users\Eli\AppData\Roaming\Identities
    O43 - CFD: 2013-03-14 - 01:28:57 - [0,001] ----D C:\Users\Eli\AppData\Roaming\Intel
    O43 - CFD: 2012-03-06 - 10:37:19 - [0,064] ----D C:\Users\Eli\AppData\Roaming\Macromedia
    O43 - CFD: 2011-04-07 - 22:37:21 - [0] ----D C:\Users\Eli\AppData\Roaming\Media Center Programs
    O43 - CFD: 2012-07-15 - 11:24:11 - [9,841] -S--D C:\Users\Eli\AppData\Roaming\Microsoft
    O43 - CFD: 2012-07-09 - 09:43:38 - [0,000] ----D C:\Users\Eli\AppData\Roaming\Nero
    O43 - CFD: 2012-06-18 - 01:53:32 - [0,401] ----D C:\Users\Eli\AppData\Roaming\SoftGrid Client
    O43 - CFD: 2012-06-14 - 22:18:51 - [0] ----D C:\Users\Eli\AppData\Roaming\TP
    O43 - CFD: 2013-03-16 - 18:52:51 - [14,165] ----D C:\Users\Eli\AppData\Local\Adobe
    O43 - CFD: 2013-03-14 - 01:28:56 - [0] ----D C:\Users\Eli\AppData\Local\Application Data
    O43 - CFD: 2012-03-18 - 00:41:10 - [1,475] ----D C:\Users\Eli\AppData\Local\Apps
    O43 - CFD: 2013-03-14 - 01:36:47 - [21,743] ----D C:\Users\Eli\AppData\Local\Dell
    O43 - CFD: 2012-03-18 - 00:41:37 - [0] ----D C:\Users\Eli\AppData\Local\Deployment
    O43 - CFD: 2012-06-10 - 09:02:44 - [819,809] ----D C:\Users\Eli\AppData\Local\Google
    O43 - CFD: 2013-03-14 - 01:28:56 - [0] ----D C:\Users\Eli\AppData\Local\Historique
    O43 - CFD: 2012-05-27 - 11:28:51 - [0] ----D C:\Users\Eli\AppData\Local\LogMeIn Rescue Applet
    O43 - CFD: 2012-07-09 - 08:42:57 - [187,586] ----D C:\Users\Eli\AppData\Local\Microsoft
    O43 - CFD: 2012-07-13 - 10:23:00 - [6,830] ----D C:\Users\Eli\AppData\Local\Nero
    O43 - CFD: 2012-07-09 - 09:43:42 - [0,001] ----D C:\Users\Eli\AppData\Local\Nero_AG
    O43 - CFD: 2012-06-14 - 22:18:45 - [0,227] ----D C:\Users\Eli\AppData\Local\SoftGrid Client
    O43 - CFD: 2013-03-14 - 01:29:11 - [0,002] ----D C:\Users\Eli\AppData\Local\SoftThinks
    O43 - CFD: 2012-07-15 - 11:53:00 - [56,141] ----D C:\Users\Eli\AppData\Local\Temp
    O43 - CFD: 2013-03-14 - 01:28:56 - [0] ----D C:\Users\Eli\AppData\Local\Temporary Internet Files
    O43 - CFD: 2013-03-14 - 01:35:25 - [0] ----D C:\Users\Eli\AppData\Local\VirtualStore
    O43 - CFD: 2009-07-14 - 00:54:32 - [0,014] R---D C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    O43 - CFD: 2012-07-13 - 10:07:36 - [0,000] R---D C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    O43 - CFD: 2012-03-18 - 00:42:30 - [0,005] ----D C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    O43 - CFD: 2009-07-14 - 00:49:38 - [0,001] R---D C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    O43 - CFD: 2012-07-13 - 10:07:36 - [0,000] R---D C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    O43 - CFD: 2012-03-06 - 10:37:19 - [455,831] ----D C:\Program Files (x86)\Adobe
    O43 - CFD: 2012-03-06 - 09:56:24 - [6,385] ----D C:\Program Files (x86)\Cisco
    O43 - CFD: 2012-06-14 - 22:17:56 - [270,017] ----D C:\Program Files (x86)\Common Files
    O43 - CFD: 2012-03-06 - 10:24:27 - [1,904] ----D C:\Program Files (x86)\Creative
    O43 - CFD: 2012-03-06 - 10:23:58 - [0,109] ----D C:\Program Files (x86)\Creative Live! Cam
    O43 - CFD: 2012-03-06 - 10:19:37 - [0,064] ----D C:\Program Files (x86)\Cyberlink
    O43 - CFD: 2012-03-06 - 10:44:37 - [247,785] ----D C:\Program Files (x86)\Dell
    O43 - CFD: 2012-07-13 - 10:07:34 - [376,289] ----D C:\Program Files (x86)\Dell DataSafe Local Backup
    O43 - CFD: 2012-03-06 - 10:45:02 - [170,804] ----D C:\Program Files (x86)\Dell Stage
    O43 - CFD: 2012-03-06 - 10:24:04 - [95,160] ----D C:\Program Files (x86)\Dell Webcam
    O43 - CFD: 2012-03-06 - 10:16:14 - [0,891] ----D C:\Program Files (x86)\eBay
    O43 - CFD: 2012-06-10 - 09:02:41 - [145,420] ----D C:\Program Files (x86)\Google
    O43 - CFD: 2012-07-15 - 11:41:12 - [5,977] ----D C:\Program Files (x86)\GridinSoft Trojan Killer
    O43 - CFD: 2012-03-06 - 10:23:59 - [50,992] --H-D C:\Program Files (x86)\InstallShield Installation Information
    O43 - CFD: 2012-03-06 - 09:58:01 - [104,821] ----D C:\Program Files (x86)\Intel
    O43 - CFD: 2012-03-06 - 10:00:39 - [71,096] ----D C:\Program Files (x86)\Intel Corporation
    O43 - CFD: 2012-07-13 - 10:05:30 - [4,918] ----D C:\Program Files (x86)\Internet Explorer
    O43 - CFD: 2012-03-06 - 10:33:42 - [0,072] ----D C:\Program Files (x86)\Jagex
    O43 - CFD: 2012-03-18 - 01:08:04 - [177,682] ----D C:\Program Files (x86)\Java
    O43 - CFD: 2012-03-06 - 10:20:57 - [49,362] ----D C:\Program Files (x86)\K-NFB Reading Technology Inc
    O43 - CFD: 2013-03-14 - 21:26:27 - [1,199] ----D C:\Program Files (x86)\McAfee
    O43 - CFD: 2012-03-06 - 10:34:26 - [0,409] ----D C:\Program Files (x86)\mcafee.com
    O43 - CFD: 2012-03-06 - 10:33:42 - [20,296] ----D C:\Program Files (x86)\Microsoft
    O43 - CFD: 2012-06-18 - 10:12:31 - [12,399] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
    O43 - CFD: 2012-06-14 - 22:17:56 - [6,425] ----D C:\Program Files (x86)\Microsoft Office
    O43 - CFD: 2012-06-18 - 10:29:11 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
    O43 - CFD: 2012-03-06 - 10:31:37 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    O43 - CFD: 2011-02-10 - 11:39:40 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
    O43 - CFD: 2009-07-14 - 01:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
    O43 - CFD: 2012-03-06 - 10:43:53 - [221,417] ----D C:\Program Files (x86)\Nero
    O43 - CFD: 2012-03-06 - 09:27:11 - [26,025] ----D C:\Program Files (x86)\NVIDIA Corporation
    O43 - CFD: 2012-03-06 - 10:20:35 - [1,669] ----D C:\Program Files (x86)\PlayReady
    O43 - CFD: 2009-07-14 - 01:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
    O43 - CFD: 2012-03-06 - 10:15:00 - [16,550] R---D C:\Program Files (x86)\Skype
    O43 - CFD: 2012-07-15 - 11:07:54 - [15,728] ----D C:\Program Files (x86)\TeamViewer
    O43 - CFD: 2012-07-15 - 11:42:21 - [0,378] ----D C:\Program Files (x86)\Trend Micro
    O43 - CFD: 2009-07-14 - 00:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
    O43 - CFD: 2012-03-06 - 10:06:22 - [238,517] ----D C:\Program Files (x86)\WildTangent
    O43 - CFD: 2012-03-06 - 10:06:45 - [8,988] ----D C:\Program Files (x86)\WildTangent Games
    O43 - CFD: 2013-03-16 - 17:56:01 - [0,500] ----D C:\Program Files (x86)\Windows Defender
    O43 - CFD: 2012-03-06 - 10:32:09 - [173,940] ----D C:\Program Files (x86)\Windows Live
    O43 - CFD: 2011-04-07 - 22:13:46 - [5,895] ----D C:\Program Files (x86)\Windows Mail
    O43 - CFD: 2013-03-16 - 17:56:01 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
    O43 - CFD: 2009-07-14 - 01:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
    O43 - CFD: 2013-03-16 - 17:56:01 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
    O43 - CFD: 2010-11-20 - 23:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
    O43 - CFD: 2013-03-16 - 17:56:02 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
    O43 - CFD: 2012-07-15 - 11:52:03 - [12,844] ----D C:\Program Files (x86)\ZHPDiag
    O43 - CFD: 2012-03-06 - 10:37:20 - [4,671] ----D C:\Program Files (x86)\Zinio Reader 4
    O43 - CFD: 2012-03-18 - 01:00:44 - [18,266] ----D C:\Program Files (x86)\Common Files\Adobe
    O43 - CFD: 2012-03-06 - 10:37:19 - [29,675] ----D C:\Program Files (x86)\Common Files\Adobe AIR
    O43 - CFD: 2012-06-14 - 22:17:56 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
    O43 - CFD: 2012-03-06 - 10:23:27 - [1,840] ----D C:\Program Files (x86)\Common Files\InstallShield
    O43 - CFD: 2012-03-06 - 11:19:03 - [13,605] ----D C:\Program Files (x86)\Common Files\Intel
    O43 - CFD: 2012-03-06 - 10:00:59 - [68,647] ----D C:\Program Files (x86)\Common Files\Intel Corporation
    O43 - CFD: 2012-03-06 - 09:52:26 - [1,182] ----D C:\Program Files (x86)\Common Files\Java
    O43 - CFD: 2012-03-06 - 10:34:54 - [3,716] ----D C:\Program Files (x86)\Common Files\mcafee
    O43 - CFD: 2012-06-14 - 22:17:56 - [37,391] ----D C:\Program Files (x86)\Common Files\microsoft shared
    O43 - CFD: 2012-03-06 - 10:43:26 - [46,477] ----D C:\Program Files (x86)\Common Files\Nero
    O43 - CFD: 2012-03-06 - 09:52:56 - [0,155] ----D C:\Program Files (x86)\Common Files\postureAgent
    O43 - CFD: 2009-07-13 - 23:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
    O43 - CFD: 2009-07-13 - 23:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
    O43 - CFD: 2013-03-17 - 03:16:06 - [9,767] ----D C:\Program Files (x86)\Common Files\System
    O43 - CFD: 2012-03-06 - 10:26:14 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
    ~ Scan Program Folder in 00mn 05s

    ---\\
    O44 - LFC:[MD5.19BDADF2332836C49FFE804976D54166] - 2012-06-29 - 06:13:10 ---A- . (...) -- C:\Windows\PFRO.log [27558]
    O44 - LFC:[MD5.B96D473771751B01A8485432FF6D5168] - 2012-07-13 - 09:06:54 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [274464]
    O44 - LFC:[MD5.63C298B6D0036B090057C9BB1E9DBA29] - 2012-07-13 - 09:06:56 ---A- . (...) -- C:\Windows\setupact.log [48717]
    O44 - LFC:[MD5.FF031303CC660D9682277759F4BE8FD3] - 2012-07-15 - 10:00:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
    O44 - LFC:[MD5.4FB1D9B91DE3990A63344BB67E56714C] - 2012-07-15 - 10:00:13 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1214970]
    O44 - LFC:[MD5.E3EBC8856229DDDD522936BFEA6F28BC] - 2012-07-15 - 10:01:11 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1663262]
    O44 - LFC:[MD5.730D8BC023AEF565F54D19DD67CC7841] - 2012-07-15 - 10:01:11 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [121274]
    O44 - LFC:[MD5.56741BD58FB30C929455555DF5EB996C] - 2012-07-15 - 10:01:11 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [148986]
    O44 - LFC:[MD5.13A4287BA13102EFACD20FBCC85B8B3D] - 2012-07-15 - 10:01:11 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [652600]
    O44 - LFC:[MD5.E3EBC8856229DDDD522936BFEA6F28BC] - 2012-07-15 - 10:01:11 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1663262]
    O44 - LFC:[MD5.4ECC1922381AF58690C3441428C69380] - 2012-07-15 - 10:01:12 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [745758]
    ~ Scan Files in 00mn 38s

    ---\\ (None)

    ---\\ (None)

    ---\\ (None)

    ---\\
    O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 2009-07-13 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
    ~ Scan Drivers in 00mn 00s

    ---\\
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
    ~ Scan Keys in 00mn 00s

    ---\\ (None)

    ---\\ (None)

    ---\\
    [MD5.59F57684B93DF6E8FCB60AD69046470C] [SPRF][2012-07-15] (...) -- C:\Users\Eli\AppData\Roaming\Protector-odwj.exe [2498560]
    ~ Scan Files in 00mn 00s

    End of the scan (428 lines in 01mn 06s)(0)
    0
  7. biper
     
    Salut,
    Tu viens de faire ce qu'il ne falait surtout pas faire, en aucun cas microsoft sécurity ne t'aurait fait télecharger un fichier "setup" pour reparer ton ordi? Par contre en télechargeant le fichier ton ordi doit etre maintenant infecté...
    0
  8. biper
     
    http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/i-got-a-pop-up-supposedly-from-microsoft-security/2fdec5d0-23fc-4df4-83ba-7873c71291df?msgId=59901f34-21b9-4130-951f-c5c12428c0e4

    Voilà ca devrait t'aider, "you may have been infected by a fake antivirus program"
    0