Cherche logiciel de nettoyage et mise à jour de mes prog&pilotes Fermé

Question

Bonjour à tous,
Je cherche un logiciel fiable et gratuit si possible, qui permettrai de débarrasser mon PC  de programmes inutiles et de mettre à jour mes programmes et pilotes utiles (via un scan, je suppose...?), histoire de soulager "le vieux coucou" auquel je tiens beaucoup... (il est sous windows XP).
Si vos connaissances peuvent m'aider, j'en serai ravie!!
Il est peut être bon de savoir que je ne suis pas très douée dans le domaine, donc un grand MERCI par avance de votre aide.
Gwen

lilidurhone · Answer

Hello Gwen

Ce que je peux te proposer c'est de réaliser un diagnostic pour voir ce qui cloche sur ton petit coucou 


 * Télécharge ZHPDiag (de Nicolas Coolman)
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin 
* Clique sur l'icône représentant une loupe + (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
Pour héberger le rapport, clique sur la flèche bleue ce qui va te diriger vers Pjjoint
pour héberger ce rapport.
Clique sur Parcourir pour chercher le rapport dans ton PC.
Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt
Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
Clique sur envoyer le fichier, puis poste le lien en bleu qu'on va te fournir.
Si problème d'hébergement sur Pjoint passe par cjoint 
Pour t'aider http://www.pc-infopratique.com/forum-informatique/tutoriel-heberger-rapport-vt-67934.html

Tatie Gwendy · Answer

MERCI BEAUCOUP Lilydyrhone!
C'est en cour mais pjjoint est un site de dépot de fichiers de document et il me demande et me conseil de choisir de rendre mon dossier public, là je suis un peu méfiante... c'est normal?

lilidurhone · Answer

Hello

Rassures toi y a rien de confidentiel dans ton rapport

Tatie Gwendy · Answer

Hello!

Voici le lien: 
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20130531_i5s6z7o11y8

OK ça c'est fait! et j'espere que c'est bien fait, c'était pas compliqué mais déja super technique pour moi... lol 
Et maintenant?
MERCI Lilidurhone!

lilidurhone · Answer

Hello Gwen

Et bien maintenant ton topic va être transférer dans la section virus/sécurité car tu es infecté par des logiciels potentiellement indésirable et peut être par une infection USB mais rassures toi ça ne change rien pour toi :)

En premier on traite l'infection USB


Recherche :
* Télécharge http://general-changelog-team.fr/downloads/viewdownload/15-outils-de-el-desaparecido/79-usbfix (créé par El Desaparecido) sur ton Bureau. Si ton antivirus affiche une alerte, ignore le et désactive le temporairement.
* Si le premier lien ne marche pas utilises le second https://www.commentcamarche.net/download/s/USBfix
* Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir
* Lance USBFix (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur).
* Au menu principal, clique sur "Recherche"
* Laisse travailler l'outil
* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur)

Tatie Gwendy · Answer

Ok! Merci beaucoup, voici le rapport:

############################## | UsbFix V 7.126 | [Recherche]

Utilisateur: Administrateur (Administrateur) # SWEET-51822340B
Mis à jour le 13/05/2013 par El Desaparecido
Lancé à 14:13:18 | 31/05/2013

Site Web: https://www.sosvirus.net/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org

PC: Compaq Presario 061 (EP098AA-ABF SR1701FR FR610) (X86-based PC)
CPU: AMD Sempron(tm) Processor 3000+ (1790)
RAM -> [Total : 958 | Free : 293]
BIOS: Phoenix - Award BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [(!) Disabled]
FW: Windows FireWall Service [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 149 Go (80 Go libre(s) - 54%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM

################## | Processus Actif |

C:\WINDOWS\System32\smss.exe (652)
C:\WINDOWS\system32\winlogon.exe (1208)
C:\WINDOWS\system32\services.exe (1316)
C:\WINDOWS\system32\lsass.exe (1340)
C:\WINDOWS\system32\Ati2evxx.exe (1528)
C:\WINDOWS\system32\svchost.exe (1548)
C:\WINDOWS\System32\svchost.exe (1808)
C:\WINDOWS\system32\Ati2evxx.exe (1836)
C:\WINDOWS\system32\svchost.exe (1892)
C:\WINDOWS\Explorer.EXE (752)
C:\WINDOWS\system32\spoolsv.exe (832)
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (952)
C:\Program Files\Google\Update\GoogleUpdate.exe (1680)
C:\Program Files\Java\jre6\bin\jqs.exe (1904)
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (176)
C:\Program Files\McAfee.com\Agent\mcagent.exe (224)
C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe (292)
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (536)
C:\WINDOWS\system32\mfevtps.exe (568)
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (640)
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (788)
C:\Program Files\FilesFrog Update Checker\update_checker.exe (804)
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1004)
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe (1036)
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe (1048)
C:\Program Files\SoftwareUpdater\UpdaterService.exe (1084)
C:\WINDOWS\system32\svchost.exe (2500)
C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe (3636)
C:\WINDOWS\system32\wbem\wmiapsrv.exe (4088)
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (3392)
C:\WINDOWS\system32\rundll32.exe (1640)
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (1632)
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (3976)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (3888)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (5972)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (1820)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (2912)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (5824)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (4792)
C:\UsbFix\Go.exe (1348)

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM\SOFTWARE | Run : [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [] - 
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [BHO Update] - C:\Program Files\Internet Explorer\Updater.exe "C:\Program Files\Internet Explorer\IEAddon.dll"
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [] - 
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [SDP] - C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto 
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [Acxia] - "C:\Documents and Settings\Administrateur\Application Data\Utotxu\paney.exe"
HKU\S-1-5-20\SOFTWARE | RunOnce : [JkDefrag] - rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N
HKU\S-1-5-20\SOFTWARE | RunOnce : [SweetRegistry] - rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub
HKU\S-1-5-18\SOFTWARE | RunOnce : [JkDefrag] - rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N
HKU\S-1-5-18\SOFTWARE | RunOnce : [SweetRegistry] - rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Policies\Explorer\run : [techPowerUp] - C:\Documents and Settings\Administrateur\Application Data\jjccbidv\ragvrfjd.exe

################## | Éléments infectieux |

Présent! C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1369869183itinstallerp.exe
Présent! C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\25623-667949-ccleaner.exe
Présent! E:\autorun.inf

################## | Registre |

Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{263f3b0c-f59f-11df-936c-0013d3ff59b3}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c41faceb-4b0a-11e0-939e-0013d3ff59b3}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e2790352-874c-11df-931c-0013d3ff59b3}
Shell\AutoRun\Command = M:\PMBP_Win.exe



################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | https://www.sosvirus.net/ |

lilidurhone · Answer

Hello Gwen 

C'est pas mal du tout!

Suppression
* Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir
* Lance USBFix (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur).
* Clique sur "Suppression"
* Laisse travailler l'outil
* Ton Bureau va disparaitre puis l'ordinateur va redémarrer : c'est normal
* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur) 

Si ça bloque en mode normal passe Usbfix en mode sans échec (F8  entre la fin de la page du bios et juste avant l'apparition du logo windows)

Tatie Gwendy · Answer

OK, voici le rapport: ^^ c'est vraiment cool d'avoir votre aide!

############################## | UsbFix V 7.126 | [Suppression]

Utilisateur: Administrateur (Administrateur) # SWEET-51822340B
Mis à jour le 13/05/2013 par El Desaparecido
Lancé à 15:14:49 | 31/05/2013

Site Web: https://www.sosvirus.net/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org

PC: Compaq Presario 061 (EP098AA-ABF SR1701FR FR610) (X86-based PC)
CPU: AMD Sempron(tm) Processor 3000+ (1790)
RAM -> [Total : 958 | Free : 363]
BIOS: Phoenix - Award BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [(!) Disabled]
FW: Windows FireWall Service [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 149 Go (80 Go libre(s) - 54%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM\SOFTWARE | Run : [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [] - 
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [BHO Update] - C:\Program Files\Internet Explorer\Updater.exe "C:\Program Files\Internet Explorer\IEAddon.dll"
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [] - 
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [SDP] - C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto 
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Run : [Acxia] - "C:\Documents and Settings\Administrateur\Application Data\Utotxu\paney.exe"
HKU\S-1-5-20\SOFTWARE | RunOnce : [JkDefrag] - rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N
HKU\S-1-5-20\SOFTWARE | RunOnce : [SweetRegistry] - rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub
HKU\S-1-5-18\SOFTWARE | RunOnce : [JkDefrag] - rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N
HKU\S-1-5-18\SOFTWARE | RunOnce : [SweetRegistry] - rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub
HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE | Policies\Explorerun : [techPowerUp] - C:\Documents and Settings\Administrateur\Application Data\jjccbidvagvrfjd.exe

################## | Processus Stoppés |

Stoppé! C:\WINDOWS\system32\Ati2evxx.exe (1528)
Stoppé! C:\WINDOWS\system32\Ati2evxx.exe (1836)
Stoppé! C:\WINDOWS\Explorer.EXE (752)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (832)
Stoppé! C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (952)
Stoppé! C:\Program Files\Google\Update\GoogleUpdate.exe (1680)
Stoppé! C:\Program Files\Java\jre6\bin\jqs.exe (1904)
Stoppé! C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (176)
Stoppé! C:\Program Files\McAfee.com\Agent\mcagent.exe (224)
Stoppé! C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe (292)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (536)
Stoppé! C:\WINDOWS\system32\mfevtps.exe (568)
Stoppé! C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (640)
Stoppé! C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (788)
Stoppé! C:\Program Files\FilesFrog Update Checker\update_checker.exe (804)
Stoppé! C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1004)
Stoppé! C:\Program Files\NETGEAR\WG111v3\WG111v3.exe (1036)
Stoppé! C:\Program Files\NETGEAR\WG111v3\WG111v3.exe (1048)
Stoppé! C:\Program Files\SoftwareUpdater\UpdaterService.exe (1084)
Stoppé! C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe (3636)
Stoppé! C:\WINDOWS\system32\wbem\wmiapsrv.exe (4088)
Stoppé! C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (3392)
Stoppé! C:\WINDOWS\system32undll32.exe (1640)
Stoppé! C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (1632)
Stoppé! C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (3976)
Stoppé! C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (3888)
Stoppé! C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (5972)
Stoppé! C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (1820)
Stoppé! C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (2912)

################## | Éléments infectieux |

Supprimé! C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1369869183itinstallerp.exe
Supprimé! C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\25623-667949-ccleaner.exe
Non supprimé ! E:\autorun.inf

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{263f3b0c-f59f-11df-936c-0013d3ff59b3}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c41faceb-4b0a-11e0-939e-0013d3ff59b3}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{e2790352-874c-11df-931c-0013d3ff59b3}

################## | Listing |

[02/02/2009 - 20:19:42 | D ] 	C:\ATI
[01/02/2009 - 17:03:20 | N | 0] 	C:\AUTOEXEC.BAT
[29/05/2013 - 14:58:26 | N | 224] 	C:\boot.ini
[14/04/2008 - 14:00:00 | N | 4952] 	C:\Bootfont.bin
[23/09/2008 - 06:01:14 |  | 1364] 	C:\changelog_MassStorage.txt
[30/05/2013 - 01:37:57 | D ] 	C:\Config.Msi
[01/02/2009 - 17:03:20 | N | 0] 	C:\CONFIG.SYS
[11/01/2013 - 16:24:35 | D ] 	C:\Documents and Settings
[01/02/2009 - 17:03:20 | N | 0] 	C:\IO.SYS
[31/05/2013 - 15:09:13 | D ] 	C:\Lilidurhone
[01/02/2009 - 17:03:20 | N | 0] 	C:\MSDOS.SYS
[27/02/2009 - 19:38:21 | RHD ] 	C:\MSOCache
[14/04/2008 - 14:00:00 | N | 47564] 	C:\NTDETECT.COM
[14/04/2008 - 14:00:00 | N | 252240] 	C:
tldr
[22/09/2010 - 13:40:02 | D ] 	C:\OEMSettings
[31/05/2013 - 12:58:22 | ASH | 1409286144] 	C:\pagefile.sys
[30/05/2013 - 13:21:43 | N | 512] 	C:\PhysicalDisk0_MBR.bin
[30/05/2013 - 12:50:28 | D ] 	C:\Program Files
[10/05/2013 - 10:37:30 | SHD ] 	C:\RECYCLER
[01/02/2009 - 23:20:52 | N | 90] 	C:\Setup.log
[28/05/2013 - 17:04:25 | SHD ] 	C:\System Volume Information
[31/05/2013 - 15:21:21 | D ] 	C:\UsbFix
[31/05/2013 - 15:10:40 | N | 2729] 	C:\UsbFix [Clean 1] SWEET-51822340B.txt
[31/05/2013 - 15:21:53 | A | 6943] 	C:\UsbFix [Clean 2] SWEET-51822340B.txt
[28/05/2013 - 14:40:16 | D ] 	C:\USMT2.UNC
[31/05/2013 - 12:59:20 | D ] 	C:\WINDOWS
[30/05/2013 - 13:21:46 | D ] 	C:\ZHP
[23/06/2003 - 19:03:53 | RD ] 	E:\AUDIO_TS
[23/06/2003 - 18:37:23 | R | 44] 	E:\autorun.inf
[23/06/2003 - 18:37:23 | RD ] 	E:\internet
[23/06/2003 - 18:37:23 | R | 3881] 	E:	f1video.htm
[23/06/2003 - 19:03:53 | RD ] 	E:\VIDEO_TS

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ |

lilidurhone · Answer

Hello

Est ce normal que tes mises à jour ainsi que le parefeu et le centre de sécurité de Windows soient désactivés?

Tatie Gwendy · Answer

Je ne sais pas... Apparemment non puisque ça vous semble suspect.
Je vais aller activer tout ça! :-)

lilidurhone · Answer

Hello

Ok donc le parefeu n'est pas actif mais  c'est normal puisque tu possèdes Macfee internet security qui comporte un parefeu intégré :)


On va faire un scan généralisé pour voir si d'autres infections ne se cachent pas

Télécharge MalwareBytes' anti-malware sur le bureau
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Cliques droit sur l'icône Download_mbam-setup.exe afin de l'exécuter en tant qu'admin pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwareBytes, accepte
Décoche pour la version d'essai pour malwarebytes pro
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour poursuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur tout supprimer
MalwareBytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malwarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur MalwareBytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition
en haut du bloc-note puis sur sélectionner tout
Reviens sur édition, puis sur copier et reviens
sur le forum dans ta réponse
Clic droit dans le cadre de la réponse et coller

Bonne chance

Tatie Gwendy · Answer

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.05.31.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrateur :: SWEET-51822340B [administrateur]

31/05/2013 16:03:39
mbam-log-2013-05-31 (16-03-39).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 264349
Temps écoulé: 2 heure(s), 5 minute(s), 28 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKCR\AppID\IEAddon.DLL (Rogue.UnVirex) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Données: 1 -> Mis en quarantaine et supprimé avec succès.

Elément(s) de données du Registre détecté(s): 8
HKCU\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKCU\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKCU\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Mauvais: (0) Bon: (1) -> Mis en quarantaine et réparé avec succès
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDrives (PUM.Hijack.Drives) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|ANTIVIRUSDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|FIREWALLDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès

Dossier(s) détecté(s): 1
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Lollipop (Adware.LolliPop.IT) -> Mis en quarantaine et supprimé avec succès.

Fichier(s) détecté(s): 11
c:ecycler\s-1-5-18\$2fa0b2ac07dcf41d24080761f3dcd2a0
 (Trojan.0Access) -> Mis en quarantaine et supprimé avec succès.
c:ecycler\s-1-5-21-606747145-362288127-1177238915-500\$r25bd7a27 (Trojan.Ransom.REL) -> Mis en quarantaine et supprimé avec succès.
c:ecycler\s-1-5-21-606747145-362288127-1177238915-500\$r72be874c (Trojan.Ransom.REL) -> Mis en quarantaine et supprimé avec succès.
c:ecycler\s-1-5-21-606747145-362288127-1177238915-500\$r96d24f56 (Trojan.Ransom.REL) -> Mis en quarantaine et supprimé avec succès.
c:\system volume information\_restore{84a749d2-d7a1-4f76-8615-5aa945374000}p0\a0000110.ini (Trojan.0access) -> Mis en quarantaine et supprimé avec succès.
c:\system volume information\_restore{84a749d2-d7a1-4f76-8615-5aa945374000}p2\a0000266.ini (Trojan.0access) -> Mis en quarantaine et supprimé avec succès.
c:\system volume information\_restore{84a749d2-d7a1-4f76-8615-5aa945374000}p2\a0000383.ini (Trojan.0access) -> Mis en quarantaine et supprimé avec succès.
c:\system volume information\_restore{84a749d2-d7a1-4f76-8615-5aa945374000}p7\a0000753.exe (Trojan.Inject.ED) -> Mis en quarantaine et supprimé avec succès.
C:\WINDOWS\assembly\GAC\Desktop.ini (Rootkit.0access) -> Mis en quarantaine et supprimé avec succès.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Lollipop\lollipop.bat (Adware.LolliPop.IT) -> Mis en quarantaine et supprimé avec succès.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Lollipop\Lollipop.exe (Adware.LolliPop.IT) -> Mis en quarantaine et supprimé avec succès.

(fin)

lilidurhone · Answer

Yep ;)

Mais au moins il y aura un autre outil à passer

lilidurhone · Answer

Hello 
Fais ceci s il te plaît


Télécharge sur le bureau https://www.luanagames.com/index.fr.html
Quitte tous tes programmes en cours.
Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur
Sinon lance simplement RogueKiller.exe
Patiente pendant le pre-scan, puis clique sur le bouton Scan
Un rapport RKreport.txt a du se créer sur le bureau, poste-le.

Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.

Tatie Gwendy · Answer

VOILA: RogueKiller V8.5.4 [Mar 18 2013] par Tigzy mail : tigzyRKgmailcom Remontees : https://www.luanagames.com/index.fr.html Site Web : https://www.luanagames.com/index.fr.html Blog : http://tigzyrk.blogspot.com/ Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur : Administrateur [Droits d'admin] Mode : Recherche -- Date : 31/05/2013 18:34:43 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 10 ¤¤¤ [RUN][SUSP PATH] HKCU\[...]\Run : Acxia ("C:\Documents and Settings\Administrateur\Application Data\Utotxu\paney.exe") [x] -> TROUVÉ [RUN][SUSP PATH] HKUS\S-1-5-21-606747145-362288127-1177238915-500[...]\Run : Acxia ("C:\Documents and Settings\Administrateur\Application Data\Utotxu\paney.exe") [x] -> TROUVÉ [RUN][SUSP PATH] HKCU\[...]\Policies\Explorer\Run : techPowerUp (C:\Documents and Settings\Administrateur\Application Data\jjccbidv\ragvrfjd.exe) -> TROUVÉ [RUN][SUSP PATH] HKUS\S-1-5-21-606747145-362288127-1177238915-500[...]\Policies\Explorer\Run : techPowerUp (C:\Documents and Settings\Administrateur\Application Data\jjccbidv\ragvrfjd.exe) -> TROUVÉ [TASK][SUSP PATH] EPUpdater.job : C:\Documents and Settings\Administrateur\Application Data\BabSolution\Shared\BabMaint.exe [7] -> TROUVÉ [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> TROUVÉ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> TROUVÉ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> TROUVÉ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ [ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-21-606747145-362288127-1177238915-500\$2fa0b2ac07dcf41d24080761f3dcd2a0\@ [-] --> TROUVÉ [ZeroAccess][FOLDER] U : C:\RECYCLER\S-1-5-21-606747145-362288127-1177238915-500\$2fa0b2ac07dcf41d24080761f3dcd2a0\U --> TROUVÉ [ZeroAccess][FOLDER] L : C:\RECYCLER\S-1-5-21-606747145-362288127-1177238915-500\$2fa0b2ac07dcf41d24080761f3dcd2a0\L --> TROUVÉ ¤¤¤ Driver : [CHARGE] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD1600BB-22GUC0 +++++ --- User --- [MBR] 9ad8ad9de9a427b7bd42abac7ebc884d [BSP] 4bc17a43b2a43d6eb62ad239abebb691 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1]_S_31052013_183443.txt >> RKreport[1]_S_31052013_183443.txt

lilidurhone · Answer

Oui tu peux ;)


Comment va ton pc?

Pour le pare-feu on s'en occupe après

Tatie Gwendy · Answer

Mon pc à l'air d'aller très bien, j'en saurai plus en l'utilisant... 
En tout cas merci beaucoup de prendre le temps de m'aider à soulager le coucou!!
Là du coup on peut dire qu'il est ultra clean??

lilidurhone · Answer

Non pas du tout

On a enlevé une grosse infection un rootkit plus précisément

Refais moi un zhpdiag

Tatie Gwendy · Answer

Voici:

Rapport de ZHPDiag v2013.5.29.157 par Nicolas Coolman, Update du 29/05/2013
Run by Administrateur at 31/05/2013 19:07:25
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found


---\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v27.0.1453.94 (Defaut)

---\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Internet Security v11.6.511

---\ System Optimizer

---\ Peer To Peer (P2P)

---\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X

---\ System Information
~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 958 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 80 GB (53%) free of 149 GB

---\ Logged in mode
~ Computer Name: SWEET-51822340B
~ User Name: Administrateur
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Gwen, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 80 Go of 149 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Free 0 Go of 8 Go)



---\ Security Center & Tools Informations
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.BFBBBFE0913E6C9706F97598A6588B8F] - (.Microsoft Corporation - Explorateur Windows.) (.27/09/2008 - 11:24:52.) -- C:\WINDOWS\Explorer.exe [1573888]
[MD5.B0DF02C2326381D64149F3EEFAE5E09D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.04/11/2011 - 20:13:29.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.4BB6301D634C857A5089E8B24C5555E4] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.27/09/2008 - 11:27:21.) -- C:\WINDOWS\system32\Winlogon.exe [593408]
[MD5.744B88B93D2A58A1EB84C11D48CA85C8] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/07/2008 - 12:44:47.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.02/05/2008 - 11:49:39.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.32ECB7D3C03532B4460E09E960A3B72E] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.30/07/2008 - 13:09:57.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [455936]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers
etBT.sys [162816]
[MD5.A0857C97770034FD2AF17DC4014B5ABD] - (.Microsoft Corporation - NT File System Driver.) (.22/04/2008 - 14:45:52.) -- C:\WINDOWS\system32\Drivers
tfs.sys [576384]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.27/09/2008 - 11:31:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.27/09/2008 - 01:58:26.) -- C:\WINDOWS\system32\Driversdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.27/09/2008 - 02:58:26.) -- C:\WINDOWS\system32\Driversedbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/6054
~ Mes musiques (My Musics) : 70/789
~ Mes Videos (My Videos) : 1/32
~ Mes Favoris (My Favorites) : 1/109
~ Mes Documents (My Documents) : 1/6936
~ Mon Bureau (My Desktop) : 0/69
~ Menu demarrer (Programs) : 1/29
~ Hidden Files:  Scanned in 00mn 14s



---\ Processus lancés
[MD5.C49A64D70DD96F1A511F2D2BADFB924F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe   [520192] [PID.1464]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [37664] [PID.824]
[MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [133104] [PID.1508]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe   [153376] [PID.1580]
[MD5.FF23862146A682FCC3DBAA002E22F958] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe   [150040] [PID.1676]
[MD5.ECAB006AC6136F1307E140B633CDB8C2] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe   [167784] [PID.1928]
[MD5.D66A1A16166897A5F7D04961F582F03B] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\WINDOWS\system32\mfevtps.exe   [172416] [PID.2044]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe   [360224] [PID.176]
[MD5.4905E29FE0BE2A4441E4D3AA9D4461C7] - (.Pas de propriétaire - Updater.) -- C:\Program Files\SoftwareUpdater\UpdaterService.exe   [31744] [PID.536]   =>PUP.Eorezo
[MD5.744B13B59F3201DBCB52E469C4798531] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe   [1278064] [PID.872]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe   [39408] [PID.1004]
[MD5.06F39071A9E3635F4258FD7F5E3F5988] - (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe   [1090912] [PID.1108]
[MD5.FF786A74F62361A71AECDB8F8AC95D6F] - (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe   [201808] [PID.1164]   =>Adware.MegaSearch
[MD5.E468D3B49DF3908B725D00942132A593] - (.Pas de propriétaire - NetgearCUv2 MFC Application.) -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe   [1933312] [PID.1824]
[MD5.6FE0532CB16300C09D098F808EAAEE9D] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe   [203840] [PID.360]
[MD5.1A427BB508ACBEE09A88F08D1CA38E2F] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe   [169320] [PID.800]
[MD5.EFA551863AD71A69690A3685145FD378] - (...) -- ystem32undll32.exe   [0] [PID.2912]
[MD5.78F7BB9F4924BE164294C59B8C3FC096] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe   [737616] [PID.2608]
[MD5.5EBE396DB0ED20910A4C51E235539F9F] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe   [179024] [PID.2016]
[MD5.192FBDF64A983CAC149D47D01970CE04] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe   [150864] [PID.3684]
[MD5.51C392EC9DA1119EC86D562FF3E7344F] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe   [825808] [PID.148]
[MD5.68B8D980999DC76367F23F390E8D9E35] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7417344] [PID.2148]
~ Processes Running:  Scanned in 00mn 01s



---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://accounts.google.com8" ]
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.4 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.60.126.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jjbgfbonmdidcihleedajlcaidfhffac] The Simple Life v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lmblfngognklgemafekefcdjcnkdhmdm] 2YourFace v.1.0 (Désactivé)   =>Adware.2YourFace
~ Google Browser: 16 Legitimates Filtered in 00mn 09s



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\prefs.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\user.js
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\babylon.xml   =>Toolbar.Babylon
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\delta.xml
M0 - MFSP: prefs.js [Administrateur - 6i3dfoq5.default] r_pref("browser.startup.homepage", );
M2 - MFEP: prefs.js [Administrateur - 6i3dfoq5.default\{32b29df0-2237-4370-9a29-37cebb730e9b}] [] FreeSoundRecorder Community Toolbar v3.9.0.3 (..)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC
pMcSnFFPl.dll
P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Pas de propriétaire - Nokia Suite Enabler Plugin.) -- C:\Program Files\Nokia\Nokia Suite
pNokiaSuiteEnabler.dll
~ Firefox Browser: 30 Legitimates Filtered in 00mn 01s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {32b29df0-2237-4370-9a29-37cebb730e9b} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: C:\Program Files\2YourFace\bho.dll - {1185823F-F22F-4027-80E5-4F68ACD5DE5E} . (...) -- C:\Program Files\2YourFace\bho.dll   =>Adware.2YourFace
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} . (.APC - Browser Helper Object.) -- C:\Program Files\Internet Explorer\IEAddon.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
~ BHO: 10 Legitimates Filtered in 00mn 01s



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Clé orpheline
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe 
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKCU\..\Run: [BHO Update] . (...) -- C:\Program Files\Internet Explorer\Updater.exe 
O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe 
O4 - HKCU\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe   =>Adware.MegaSearch
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll 
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll 
O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll 
O4 - HKUS\S-1-5-20\..\RunOnce: [SweetRegistry] rundll32 advpack.dll 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [BHO Update] . (...) -- C:\Program Files\Internet Explorer\Updater.exe 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe   =>Adware.MegaSearch
~ Application:  Scanned in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader X.lnk . (...)  -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico 
O4 - GS\Programs: Apple Software Update.lnk . (...)  -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: PMB.lnk . (.Sony Corporation - Browser.)  -- C:\Program Files\Sony\PMB\PMBBrowser.exe 
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.)  -- C:\WINDOWS\system32cimlby.exe 
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.)  -- C:\Program Files\Outlook Express\msimn.exe 
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe 
~ Global Startup:  Scanned in 00mn 00s



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll
~ Winsock: 3 Legitimates Filtered in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - https://www.touslesdrivers.com/index.php?v_page=29
~ Objets ActiveX:  Scanned in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7151444-C732-4EC7-9E4A-FB858B1F0A3C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B7151444-C732-4EC7-9E4A-FB858B1F0A3C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B7151444-C732-4EC7-9E4A-FB858B1F0A3C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain:  Scanned in 00mn 00s



---\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notifications.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Software Updater (SrvUpdater) . (.Pas de propriétaire - Updater.) - C:\Program Files\SoftwareUpdater\UpdaterService.exe   =>PUP.Eorezo
~ Services: 19 Legitimates Filtered in 00mn 06s



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\ Logiciels installés (O42)
O42 - Logiciel: 2YourFace 1.0 - (.2YourFace.com.) [HKLM] -- 2YourFace   =>Adware.2YourFace
~ Logic: 111 Legitimates Filtered in 00mn 01s



---\ HKCU & HKLM Software Keys
[HKCU\Software\2YourFace]   =>Adware.2YourFace
[HKCU\Software\8.1]
[HKCU\Software\BI]
[HKCU\Software\BabSolution]   =>Hijacker.BabSolution
[HKCU\Software\Casino]
[HKCU\Software\DataMngr]   =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar]   =>PUP.Datamngr
[HKCU\Software\FreeSoundRecorder]
[HKCU\Software\OfferBox]   =>PUP.OfferBox
[HKCU\Software\PriceGong]   =>Adware.PriceGong
[HKCU\Software\Smartbar]   =>Hijacker.SmartBar
[HKCU\Software\Somoto]   =>Adware.MegaSearch
[HKCU\Software\TVANTS]
[HKCU\Software\lollipop]   =>Adware.Lollipop
[HKLM\Software\Babylon]   =>Toolbar.Babylon
[HKLM\Software\DataMngr]   =>PUP.Datamngr
[HKLM\Software\OfferBox]   =>PUP.OfferBox
[HKLM\Software\Tarma Installer]   =>Toolbar.Tarma
[HKLM\Software\a6d88ce539e542]
~ Key Software: 224 Legitimates Filtered in 00mn 01s



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/04/2012 - 12:43:13 - [0,627] ----D C:\Program Files\2YourFace   =>Adware.2YourFace
O43 - CFD: 06/01/2011 - 23:49:24 - [0,002] ----D C:\Program Files\Ask.com
O43 - CFD: 06/01/2011 - 23:46:49 - [0,000] ----D C:\Program Files\LimeWire
O43 - CFD: 22/05/2013 - 19:59:54 - [3,491] ----D C:\Documents and Settings\Administrateur\Application Data\Axot
O43 - CFD: 23/05/2013 - 21:12:56 - [1,573] ----D C:\Documents and Settings\Administrateur\Application Data\BabSolution   =>Hijacker.BabSolution
O43 - CFD: 23/05/2013 - 21:11:21 - [0,029] ----D C:\Documents and Settings\Administrateur\Application Data\Babylon   =>Toolbar.Babylon
O43 - CFD: 07/01/2012 - 01:19:49 - [0,006] ----D C:\Documents and Settings\Administrateur\Application Data\Cool Record Edit Pro
O43 - CFD: 29/05/2013 - 12:06:32 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Dyovo
O43 - CFD: 10/05/2013 - 10:37:20 - [0,211] ----D C:\Documents and Settings\Administrateur\Application Data\Faimqu
O43 - CFD: 29/04/2013 - 10:04:03 - [0,014] ----D C:\Documents and Settings\Administrateur\Application Data\IE Addon
O43 - CFD: 11/05/2013 - 03:24:44 - [0] -SH-D C:\Documents and Settings\Administrateur\Application Data\jjccbidv
O43 - CFD: 29/05/2013 - 15:10:31 - [0,376] ----D C:\Documents and Settings\Administrateur\Application Data\OfferBox   =>PUP.OfferBox
O43 - CFD: 19/05/2013 - 15:53:10 - [0,062] ----D C:\Documents and Settings\Administrateur\Application Data\OpenCandy   =>Adware.OpenCandy
O43 - CFD: 26/03/2012 - 19:08:02 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\ul_data
O43 - CFD: 29/05/2013 - 11:47:38 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Utotxu
O43 - CFD: 29/04/2013 - 19:32:28 - [0,211] ----D C:\Documents and Settings\Administrateur\Application Data\Yksa
O43 - CFD: 11/05/2013 - 12:32:03 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Yxky
O43 - CFD: 10/05/2013 - 09:15:08 - [23,787] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\FreeSoundRecorder
O43 - CFD: 16/08/2011 - 04:35:46 - [0,000] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\girls-messenger
~ Program Folder: 167 Legitimates Filtered in 00mn 42s



---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/05/2013 - 18:08:52 ---A- . (...) -- C:\WINDOWS\RTacDbg.txt   [0]
O44 - LFC:[MD5.72E16FE4E90E36F0C689D010ABA440AD] - 31/05/2013 - 17:14:13 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.FB58EC4A1AACB02998E7C94C0460042A] - 31/05/2013 - 17:14:12 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [157]
O44 - LFC:[MD5.CB977252B40C9087E58DE7A60775BEFD] - 31/05/2013 - 14:21:57 ---A- . (...) -- C:\UsbFix [Clean 2] SWEET-51822340B.txt   [7528]
O44 - LFC:[MD5.861A162D82EDAE7107EE9C69A5DA4E63] - 31/05/2013 - 14:10:40 ----- . (...) -- C:\UsbFix [Clean 1] SWEET-51822340B.txt   [2729]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 30/05/2013 - 22:36:24 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini   [116]
O44 - LFC:[MD5.70E3A62E004C29D372B6D5F2595284BC] - 30/05/2013 - 22:27:34 ---A- . (...) -- C:\WINDOWS\wmsetup.log   [134168]
O44 - LFC:[MD5.254FFD9FE6CACC8E9D9EC8547973C924] - 29/05/2013 - 13:58:25 ---A- . (...) -- C:\WINDOWS\system.ini   [246]
O44 - LFC:[MD5.2A44570770236D602FF1C0B51B61FBA1] - 29/05/2013 - 13:58:25 ---A- . (...) -- C:\WINDOWS\win.ini   [507]
O44 - LFC:[MD5.D61E53E3FEC0C92BC8DD3969FAD63F87] - 29/05/2013 - 12:08:19 ---A- . (.McAfee, Inc. - McAfee HIP IPS Driver.) -- C:\WINDOWS\system32\Drivers\HipShieldK.sys   [146872]
O44 - LFC:[MD5.3004E3FE086E76D7D6DFB9A851ED6F10] - 29/05/2013 - 12:07:08 ---A- . (.McAfee, Inc. - McAfee NDIS Intermediate Driver.) -- C:\WINDOWS\system32\Drivers\mfendisk.sys   [84904]
O44 - LFC:[MD5.DFEEF477037659318A20EC31D294BAA6] - 29/05/2013 - 12:07:07 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat   [664]
O44 - LFC:[MD5.FD1E8AE586B0DD619C1E024FDEF1956F] - 29/05/2013 - 12:07:03 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\WINDOWS\system32\Drivers\mfeclnk.sys   [10088]
O44 - LFC:[MD5.375DE90B68533D9D0D7766D4CCB4CA32] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\WINDOWS\system32\Drivers\mfeavfk.sys   [235264]
O44 - LFC:[MD5.5ED806D4DF27AC11236BD9AD2CC10B7E] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\WINDOWS\system32\Drivers\mfebopk.sys   [65928]
O44 - LFC:[MD5.D669ACBE7672819109706C3CFF6BD1DB] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\WINDOWS\system32\Drivers\mferkdet.sys   [92632]
O44 - LFC:[MD5.16BF9475BFCFAA420A8CB29E40284457] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\Drivers\mfefirek.sys   [363080]
O44 - LFC:[MD5.25C323075C5EA4A2555E35355A01F793] - 29/05/2013 - 12:06:48 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\WINDOWS\system32\Drivers\cfwids.sys   [60920]
O44 - LFC:[MD5.D66A1A16166897A5F7D04961F582F03B] - 29/05/2013 - 11:53:46 ---A- . (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\WINDOWS\system32\mfevtps.exe   [172416]
O44 - LFC:[MD5.E97136D362E971E3DF0AF3EB84330529] - 28/05/2013 - 16:34:25 ---A- . (...) -- C:\WINDOWS\FaxSetup.log   [58420]
O44 - LFC:[MD5.6870C22CB02A72BD2346BB6A920B695B] - 28/05/2013 - 16:34:18 ---A- . (...) -- C:\WINDOWS\ocgen.log   [50604]
O44 - LFC:[MD5.67E4A38222FEF783749367723786FC5E] - 23/05/2013 - 23:02:28 ---A- . (...) -- C:\WINDOWS\DPINST.LOG   [423218]
O44 - LFC:[MD5.D34D1DB92FF97C4E477DC0EC8DE3CF96] - 19/05/2013 - 14:53:11 ---A- . (.NCT Company Ltd. - NCTWMAFile2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTWMAFile2.dll   [348160]
O44 - LFC:[MD5.1322B7D39350F31C893697CF5B28D826] - 19/05/2013 - 14:53:10 ---A- . (.Online Media Technologies Ltd. - NCTAudioRecord2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioRecord2.dll   [458752]
O44 - LFC:[MD5.3861E1268367854B74E0EAAD860C97FE] - 19/05/2013 - 14:53:09 ---A- . (.NCT Company Ltd. - NCTAudioFile2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioFile2.dll   [1986560]
O44 - LFC:[MD5.BB825317BCE50FC7D2A05E5DE245AA25] - 19/05/2013 - 14:53:09 ---A- . (.Online Media Technologies Ltd. - NCTAudioEditor2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioEditor2.dll   [880640]
O44 - LFC:[MD5.BDF4A283DE3AB7F9EA53FC3440D5B8AC] - 19/05/2013 - 14:53:09 ---A- . (.Online Media Technologies Ltd. - NCTAudioInformation2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioInformation2.dll   [1212416]
O44 - LFC:[MD5.2FA689F048FECADF3DFE933D7800868F] - 19/05/2013 - 14:53:09 ---A- . (.Online Media Technologies Ltd. - NCTAudioPlayer2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioPlayer2.dll   [458752]
O44 - LFC:[MD5.0C41B286FCB82116E49B076125DDBDDB] - 19/05/2013 - 14:53:08 ---A- . (.NCT - NCTAudioCDGrabber2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll   [835584]
~ Files: 46 Legitimates Filtered in 00mn 16s



---\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=1
~ MWPS: 6 Legitimates Filtered in 00mn 00s



---\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveSearch"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveTrack"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMBalloonTip"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMConfigurePrograms"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuMFUprogramsList"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWelcomeScreen"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "CDRAutoRun"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "HideRunAsVerb"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoInstrumentation"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoNetConnectDisconnect"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsHistory"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRemoteRecursiveEvents"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveTrack"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoStartMenuMFUprogramsList"=1
~ MWPE Keys: 35 Legitimates Filtered in 00mn 00s



---\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.023867B6606FBABCDD52E089C4A507DA] - 20/09/2010 - 19:43:25 ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys   [21361]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
~ Drivers:  Scanned in 00mn 00s



---\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 28/05/2013 - 13:40:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\FASTWiz.html   [1274]
O61 - LFC: 28/05/2013 - 23:43:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML   [10232]
O61 - LFC: 29/05/2013 - 08:30:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_2.wmdb   [1793940]
O61 - LFC: 29/05/2013 - 10:16:56 ---A- C:\Documents and Settings\Administrateur\Mes documents\Papier Gwen\Pole emploi _5008093071.pdf   [846701]
O61 - LFC: 29/05/2013 - 10:21:54 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Modèles\Normal.dot   [97280]
O61 - LFC: 29/05/2013 - 10:26:45 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\pc-cleaner-393.exe   [3476824]
O61 - LFC: 29/05/2013 - 11:00:12 ---A- C:\Documents and Settings\Administrateur\Application Data\Axot\edgag.lyu   [3656975]
O61 - LFC: 29/05/2013 - 11:19:47 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\prefs.js   [2627071]
O61 - LFC: 29/05/2013 - 11:27:23 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\accelererpc_364b312a685441d399a1d4484a4ed9f5_.exe   [3715248]
O61 - LFC: 29/05/2013 - 11:45:26 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\McAfeeSetup-Serial.exe   [4902664]
O61 - LFC: 29/05/2013 - 13:28:25 ---A- C:\Documents and Settings\Administrateur\Bureau\Internet.lnk   [104]
O61 - LFC: 29/05/2013 - 14:09:23 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\installer_ccleaner_French.exe   [1913528]   =>Piriform Ltd
O61 - LFC: 29/05/2013 - 14:10:38 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\update.xml   [418]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:10:39 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\update.sxe   [1213]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:10:40 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\profile.sxe   [4969]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:10:43 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\country.sxe   [357819]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:11:09 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\extracountry.sxe   [1809]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:16:24 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\history.db   [27648]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:16:26 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\config.xml   [190]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:37:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db   [7168]
O61 - LFC: 29/05/2013 - 14:37:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons   [65536]
O61 - LFC: 29/05/2013 - 14:54:03 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage   [74752]
O61 - LFC: 29/05/2013 - 14:54:03 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal   [3608]
O61 - LFC: 29/05/2013 - 15:13:06 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000203.sst   [253]
O61 - LFC: 30/05/2013 - 00:08:49 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\setup.exe   [2816352]
O61 - LFC: 30/05/2013 - 00:12:57 ---A- C:\Documents and Settings\Administrateur\Application Data\IE Addon\patterns.data   [14180]
O61 - LFC: 30/05/2013 - 00:15:19 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage   [3072]
O61 - LFC: 30/05/2013 - 00:15:35 ---A- C:\Documents and Settings\Administrateur\Application Data\Babylon\log_file.txt   [30080]   =>Toolbar.Babylon
O61 - LFC: 30/05/2013 - 00:29:42 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\AdbeRdr1014_en_US.exe   [50844096]
O61 - LFC: 30/05/2013 - 00:43:33 -SHA- C:\Documents and Settings\Administrateur\IECompatCache\index.dat   [65536]
O61 - LFC: 30/05/2013 - 00:43:33 -SHA- C:\Documents and Settings\Administrateur\PrivacIE\index.dat   [16187392]
O61 - LFC: 30/05/2013 - 11:48:46 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage   [3072]
O61 - LFC: 30/05/2013 - 11:48:46 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage-journal   [3608]
O61 - LFC: 30/05/2013 - 11:50:53 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\Dépot de rapport & partage\MBRCheck.lnk   [673]
O61 - LFC: 30/05/2013 - 11:50:53 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\Dépot de rapport & partage\ZHPDiag.lnk   [1523]
O61 - LFC: 30/05/2013 - 11:50:53 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\Dépot de rapport & partage\ZHPFix.lnk   [1628]
O61 - LFC: 30/05/2013 - 12:25:51 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\Dépot de rapport & partage\ZHPDiag.txt   [106615]
O61 - LFC: 30/05/2013 - 19:34:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.deezer.com_0.localstorage   [51200]
O61 - LFC: 30/05/2013 - 19:34:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.deezer.com_0.localstorage-journal   [16384]
O61 - LFC: 30/05/2013 - 19:35:12 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager   [13312]
O61 - LFC: 30/05/2013 - 19:35:12 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal   [8768]
O61 - LFC: 30/05/2013 - 22:27:32 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_0.wmdb   [261732]
O61 - LFC: 30/05/2013 - 22:36:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb   [35082240]
O61 - LFC: 30/05/2013 - 22:36:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb   [124872]
O61 - LFC: 30/05/2013 - 22:54:45 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage   [13312]
O61 - LFC: 30/05/2013 - 22:54:45 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal   [5672]
O61 - LFC: 31/05/2013 - 09:57:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites   [204800]
O61 - LFC: 31/05/2013 - 09:57:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal   [16384]
O61 - LFC: 31/05/2013 - 10:12:39 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists   [272904]
O61 - LFC: 31/05/2013 - 10:12:56 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:12:56 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 10:21:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_bh.contextweb.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:21:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_bh.contextweb.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 10:21:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_connexity.net_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:21:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_connexity.net_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 10:21:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_connexity.net_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:21:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_connexity.net_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 12:01:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Background.html   [780]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ContentOnDocStart.js   [862]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ContentScript.js   [3770]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\McChPlg.dll   [119952]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_black.gif   [1200]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\popup.html   [1350]
O61 - LFC: 31/05/2013 - 12:01:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_black_lock.gif   [1200]
O61 - LFC: 31/05/2013 - 12:01:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_black_small.GIF   [1200]
O61 - LFC: 31/05/2013 - 12:01:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_cashback.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_cashback_lock.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_disabled.gif   [1190]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_green.gif   [1212]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_green_lock.gif   [1212]
O61 - LFC: 31/05/2013 - 12:01:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_grey_lock.gif   [1190]
O61 - LFC: 31/05/2013 - 12:01:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_hs.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_hs_lock.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_red.gif   [1215]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_red_lock.gif   [1215]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_yellow.gif   [1224]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_yellow_lock.gif   [1224]
O61 - LFC: 31/05/2013 - 12:01:54 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_grey.gif   [1101]
O61 - LFC: 31/05/2013 - 12:01:54 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\manifest.json   [1046]
O61 - LFC: 31/05/2013 - 12:05:07 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\UsbFix.exe   [1047575]
O61 - LFC: 31/05/2013 - 12:24:41 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000222.sst   [231]
O61 - LFC: 31/05/2013 - 13:27:40 ---A- C:\Documents and Settings\Administrateur\Bureau\Bloc-notes.lnk   [1519]
O61 - LFC: 31/05/2013 - 13:56:54 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\vlc-2.0.6-win32.exe   [22948790]
O61 - LFC: 31/05/2013 - 14:03:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.free.fr_0.localstorage   [9216]
O61 - LFC: 31/05/2013 - 14:03:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.free.fr_0.localstorage-journal   [9800]
O61 - LFC: 31/05/2013 - 14:11:31 ---A- C:\Documents and Settings\Administrateur\Application Data\vlc\ml.xspf   [304]
O61 - LFC: 31/05/2013 - 14:11:31 ---A- C:\Documents and Settings\Administrateur\Application Data\vlc\vlcrc   [85002]
O61 - LFC: 31/05/2013 - 14:31:04 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_talkgadget.google.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 14:31:04 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_talkgadget.google.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 14:52:34 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_player.ooyala.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 14:52:34 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_player.ooyala.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 14:53:18 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\mbam-setup-1.75.0.1300.exe   [10285040]
O61 - LFC: 31/05/2013 - 15:00:03 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\mbam-setup-1.75.0.1300 (1).exe   [10285040]
O61 - LFC: 31/05/2013 - 17:13:40 -SHA- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-606747145-362288127-1177238915-500\Credentials   [2634]
O61 - LFC: 31/05/2013 - 17:13:59 -SHA- C:\Documents and Settings\Administrateur\IETldCache\index.dat   [262144]
O61 - LFC: 31/05/2013 - 17:32:11 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\RogueKiller.exe   [816128]
O61 - LFC: 31/05/2013 - 17:54:38 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 31/05/2013 - 17:54:42 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks.bak   [40831]
O61 - LFC: 31/05/2013 - 17:54:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000400.sst   [146]
O61 - LFC: 31/05/2013 - 17:54:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old   [780]
O61 - LFC: 31/05/2013 - 17:54:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts   [32768]
O61 - LFC: 31/05/2013 - 17:54:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts-journal   [12824]
O61 - LFC: 31/05/2013 - 17:56:20 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity   [1654]
O61 - LFC: 31/05/2013 - 18:05:33 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05   [8138752]
O61 - LFC: 31/05/2013 - 18:05:33 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05-journal   [33344]
O61 - LFC: 31/05/2013 - 18:05:44 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_dub113.mail.live.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:05:44 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_dub113.mail.live.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 18:05:46 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Tabs   [270912]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache   [448284]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session   [2322282]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 31/05/2013 - 18:05:57 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 31/05/2013 - 18:05:57 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000250   [900]
O61 - LFC: 31/05/2013 - 18:05:58 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG   [148]
O61 - LFC: 31/05/2013 - 18:05:58 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal   [6680]
O61 - LFC: 31/05/2013 - 18:05:59 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Custom Dictionary.txt   [98]
O61 - LFC: 31/05/2013 - 18:05:59 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Custom Dictionary.txt.backup   [72]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT   [16]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-000002   [50]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data   [12288]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data-journal   [8736]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor   [251904]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data   [96256]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal   [10792]
O61 - LFC: 31/05/2013 - 18:06:02 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks   [40831]
O61 - LFC: 31/05/2013 - 18:06:03 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG   [47]
O61 - LFC: 31/05/2013 - 18:06:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 31/05/2013 - 18:06:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000402.sst   [678402]
O61 - LFC: 31/05/2013 - 18:06:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 31/05/2013 - 18:06:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000401   [164]
O61 - LFC: 31/05/2013 - 18:06:08 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:06:08 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal   [512]
O61 - LFC: 31/05/2013 - 18:06:09 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG   [272]
O61 - LFC: 31/05/2013 - 18:06:22 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History   [512000]
O61 - LFC: 31/05/2013 - 18:06:29 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3   [458752]
O61 - LFC: 31/05/2013 - 18:06:29 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal   [16384]
O61 - LFC: 31/05/2013 - 18:06:59 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal   [33344]
O61 - LFC: 31/05/2013 - 18:10:05 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download   [1287012]
O61 - LFC: 31/05/2013 - 18:10:10 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom   [10496520]
O61 - LFC: 31/05/2013 - 18:10:11 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1531490]
O61 - LFC: 31/05/2013 - 18:10:11 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [134972]
O61 - LFC: 31/05/2013 - 18:10:11 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19756]
O61 - LFC: 31/05/2013 - 18:10:11 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [5024]
O61 - LFC: 31/05/2013 - 18:10:34 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 31/05/2013 - 18:10:34 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 31/05/2013 - 18:11:27 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:11:27 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 18:11:40 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies   [259072]
O61 - LFC: 31/05/2013 - 18:11:40 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 31/05/2013 - 18:12:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences   [135440]
O61 - LFC: 31/05/2013 - 18:12:31 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Local State   [44857]
~ 23 Fichiers temporaires (Temporary files)
~ 34 Fichiers cookies (Cookies files)

lilidurhone · Answer

N oublies pas de poster le rapport de suppression avec roguekiller

Tatie Gwendy · Answer

Rapport de suppression: RogueKiller V8.5.4 [Mar 18 2013] par Tigzy mail : tigzyRKgmailcom Remontees : https://www.luanagames.com/index.fr.html Site Web : https://www.luanagames.com/index.fr.html Blog : http://tigzyrk.blogspot.com/ Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur : Administrateur [Droits d'admin] Mode : Suppression -- Date : 31/05/2013 18:47:28 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD1600BB-22GUC0 +++++ --- User --- [MBR] 9ad8ad9de9a427b7bd42abac7ebc884d [BSP] 4bc17a43b2a43d6eb62ad239abebb691 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2]_D_31052013_184728.txt >> RKreport[1]_D_31052013_184610.txt ; RKreport[2]_D_31052013_184728.txt

lilidurhone · Answer

Yes ;)

Un nouveau rapport zhpdiag ;)

Tatie Gwendy · Answer

C'est bon signe???

Tatie Gwendy · Answer

Que voici:

Rapport de ZHPDiag v2013.5.29.157 par Nicolas Coolman, Update du 29/05/2013
Run by Administrateur at 31/05/2013 19:37:54
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found


---\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v27.0.1453.94 (Defaut)

---\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Internet Security v11.6.511

---\ System Optimizer

---\ Peer To Peer (P2P)

---\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X

---\ System Information
~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 958 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 80 GB (53%) free of 149 GB

---\ Logged in mode
~ Computer Name: SWEET-51822340B
~ User Name: Administrateur
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Gwen, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 80 Go of 149 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Free 0 Go of 8 Go)
F:\ Hard drive, Flash drive, Thumb drive (Free 35 Go of 298 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\ Security Center & Tools Informations
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.BFBBBFE0913E6C9706F97598A6588B8F] - (.Microsoft Corporation - Explorateur Windows.) (.27/09/2008 - 11:24:52.) -- C:\WINDOWS\Explorer.exe [1573888]
[MD5.B0DF02C2326381D64149F3EEFAE5E09D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.04/11/2011 - 20:13:29.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.4BB6301D634C857A5089E8B24C5555E4] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.27/09/2008 - 11:27:21.) -- C:\WINDOWS\system32\Winlogon.exe [593408]
[MD5.744B88B93D2A58A1EB84C11D48CA85C8] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/07/2008 - 12:44:47.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.02/05/2008 - 11:49:39.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.32ECB7D3C03532B4460E09E960A3B72E] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.30/07/2008 - 13:09:57.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [455936]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers
etBT.sys [162816]
[MD5.A0857C97770034FD2AF17DC4014B5ABD] - (.Microsoft Corporation - NT File System Driver.) (.22/04/2008 - 14:45:52.) -- C:\WINDOWS\system32\Drivers
tfs.sys [576384]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.27/09/2008 - 11:31:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.27/09/2008 - 01:58:26.) -- C:\WINDOWS\system32\Driversdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.27/09/2008 - 02:58:26.) -- C:\WINDOWS\system32\Driversedbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/6054
~ Mes musiques (My Musics) : 70/789
~ Mes Videos (My Videos) : 1/32
~ Mes Favoris (My Favorites) : 1/109
~ Mes Documents (My Documents) : 1/6936
~ Mon Bureau (My Desktop) : 0/70
~ Menu demarrer (Programs) : 1/29
~ Hidden Files:  Scanned in 00mn 08s



---\ Processus lancés
[MD5.C49A64D70DD96F1A511F2D2BADFB924F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe   [520192] [PID.1464]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [37664] [PID.824]
[MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [133104] [PID.1508]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe   [153376] [PID.1580]
[MD5.FF23862146A682FCC3DBAA002E22F958] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe   [150040] [PID.1676]
[MD5.ECAB006AC6136F1307E140B633CDB8C2] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe   [167784] [PID.1928]
[MD5.D66A1A16166897A5F7D04961F582F03B] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\WINDOWS\system32\mfevtps.exe   [172416] [PID.2044]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe   [360224] [PID.176]
[MD5.4905E29FE0BE2A4441E4D3AA9D4461C7] - (.Pas de propriétaire - Updater.) -- C:\Program Files\SoftwareUpdater\UpdaterService.exe   [31744] [PID.536]   =>PUP.Eorezo
[MD5.744B13B59F3201DBCB52E469C4798531] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe   [1278064] [PID.872]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe   [39408] [PID.1004]
[MD5.06F39071A9E3635F4258FD7F5E3F5988] - (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe   [1090912] [PID.1108]
[MD5.FF786A74F62361A71AECDB8F8AC95D6F] - (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe   [201808] [PID.1164]   =>Adware.MegaSearch
[MD5.E468D3B49DF3908B725D00942132A593] - (.Pas de propriétaire - NetgearCUv2 MFC Application.) -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe   [1933312] [PID.1824]
[MD5.6FE0532CB16300C09D098F808EAAEE9D] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe   [203840] [PID.360]
[MD5.1A427BB508ACBEE09A88F08D1CA38E2F] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe   [169320] [PID.800]
[MD5.EFA551863AD71A69690A3685145FD378] - (...) -- ystem32undll32.exe   [0] [PID.2912]
[MD5.78F7BB9F4924BE164294C59B8C3FC096] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe   [737616] [PID.2608]
[MD5.5EBE396DB0ED20910A4C51E235539F9F] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe   [179024] [PID.2016]
[MD5.192FBDF64A983CAC149D47D01970CE04] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe   [150864] [PID.3684]
[MD5.AF8C0AF46F9CCAC8D36F574E2163B554] - (.McAfee, Inc. - McAfee VirusScan Alerter.) -- C:\Program Files\McAfee\VirusScan\McVsShld.exe   [252696] [PID.3328]
[MD5.68B8D980999DC76367F23F390E8D9E35] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7417344] [PID.4756]
~ Processes Running:  Scanned in 00mn 01s



---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://accounts.google.com8" ]
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.4 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.60.126.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jjbgfbonmdidcihleedajlcaidfhffac] The Simple Life v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lmblfngognklgemafekefcdjcnkdhmdm] 2YourFace v.1.0 (Désactivé)   =>Adware.2YourFace
~ Google Browser: 16 Legitimates Filtered in 00mn 10s



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\prefs.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\user.js
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\babylon.xml   =>Toolbar.Babylon
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\delta.xml
M0 - MFSP: prefs.js [Administrateur - 6i3dfoq5.default] r_pref("browser.startup.homepage", );
M2 - MFEP: prefs.js [Administrateur - 6i3dfoq5.default\{32b29df0-2237-4370-9a29-37cebb730e9b}] [] FreeSoundRecorder Community Toolbar v3.9.0.3 (..)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC
pMcSnFFPl.dll
P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Pas de propriétaire - Nokia Suite Enabler Plugin.) -- C:\Program Files\Nokia\Nokia Suite
pNokiaSuiteEnabler.dll
~ Firefox Browser: 30 Legitimates Filtered in 00mn 01s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {32b29df0-2237-4370-9a29-37cebb730e9b} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: C:\Program Files\2YourFace\bho.dll - {1185823F-F22F-4027-80E5-4F68ACD5DE5E} . (...) -- C:\Program Files\2YourFace\bho.dll   =>Adware.2YourFace
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} . (.APC - Browser Helper Object.) -- C:\Program Files\Internet Explorer\IEAddon.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
~ BHO: 10 Legitimates Filtered in 00mn 01s



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Clé orpheline
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe 
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKCU\..\Run: [BHO Update] . (...) -- C:\Program Files\Internet Explorer\Updater.exe 
O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe 
O4 - HKCU\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe   =>Adware.MegaSearch
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll 
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll 
O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll 
O4 - HKUS\S-1-5-20\..\RunOnce: [SweetRegistry] rundll32 advpack.dll 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [BHO Update] . (...) -- C:\Program Files\Internet Explorer\Updater.exe 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe 
O4 - HKUS\S-1-5-21-606747145-362288127-1177238915-500\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files\FilesFrog Update Checker\update_checker.exe   =>Adware.MegaSearch
~ Application:  Scanned in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader X.lnk . (...)  -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico 
O4 - GS\Programs: Apple Software Update.lnk . (...)  -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: PMB.lnk . (.Sony Corporation - Browser.)  -- C:\Program Files\Sony\PMB\PMBBrowser.exe 
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.)  -- C:\WINDOWS\system32cimlby.exe 
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.)  -- C:\Program Files\Outlook Express\msimn.exe 
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe 
~ Global Startup:  Scanned in 00mn 00s



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll
~ Winsock: 3 Legitimates Filtered in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - https://www.touslesdrivers.com/index.php?v_page=29
~ Objets ActiveX:  Scanned in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7151444-C732-4EC7-9E4A-FB858B1F0A3C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B7151444-C732-4EC7-9E4A-FB858B1F0A3C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B7151444-C732-4EC7-9E4A-FB858B1F0A3C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain:  Scanned in 00mn 00s



---\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notifications.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Software Updater (SrvUpdater) . (.Pas de propriétaire - Updater.) - C:\Program Files\SoftwareUpdater\UpdaterService.exe   =>PUP.Eorezo
~ Services: 19 Legitimates Filtered in 00mn 06s



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\ Logiciels installés (O42)
O42 - Logiciel: 2YourFace 1.0 - (.2YourFace.com.) [HKLM] -- 2YourFace   =>Adware.2YourFace
~ Logic: 111 Legitimates Filtered in 00mn 01s



---\ HKCU & HKLM Software Keys
[HKCU\Software\2YourFace]   =>Adware.2YourFace
[HKCU\Software\8.1]
[HKCU\Software\BI]
[HKCU\Software\BabSolution]   =>Hijacker.BabSolution
[HKCU\Software\Casino]
[HKCU\Software\DataMngr]   =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar]   =>PUP.Datamngr
[HKCU\Software\FreeSoundRecorder]
[HKCU\Software\OfferBox]   =>PUP.OfferBox
[HKCU\Software\PriceGong]   =>Adware.PriceGong
[HKCU\Software\Smartbar]   =>Hijacker.SmartBar
[HKCU\Software\Somoto]   =>Adware.MegaSearch
[HKCU\Software\TVANTS]
[HKCU\Software\lollipop]   =>Adware.Lollipop
[HKLM\Software\Babylon]   =>Toolbar.Babylon
[HKLM\Software\DataMngr]   =>PUP.Datamngr
[HKLM\Software\OfferBox]   =>PUP.OfferBox
[HKLM\Software\Tarma Installer]   =>Toolbar.Tarma
[HKLM\Software\a6d88ce539e542]
~ Key Software: 224 Legitimates Filtered in 00mn 01s



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/04/2012 - 12:43:13 - [0,627] ----D C:\Program Files\2YourFace   =>Adware.2YourFace
O43 - CFD: 06/01/2011 - 23:49:24 - [0,002] ----D C:\Program Files\Ask.com
O43 - CFD: 06/01/2011 - 23:46:49 - [0,000] ----D C:\Program Files\LimeWire
O43 - CFD: 22/05/2013 - 19:59:54 - [3,491] ----D C:\Documents and Settings\Administrateur\Application Data\Axot
O43 - CFD: 23/05/2013 - 21:12:56 - [1,573] ----D C:\Documents and Settings\Administrateur\Application Data\BabSolution   =>Hijacker.BabSolution
O43 - CFD: 23/05/2013 - 21:11:21 - [0,029] ----D C:\Documents and Settings\Administrateur\Application Data\Babylon   =>Toolbar.Babylon
O43 - CFD: 07/01/2012 - 01:19:49 - [0,006] ----D C:\Documents and Settings\Administrateur\Application Data\Cool Record Edit Pro
O43 - CFD: 29/05/2013 - 12:06:32 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Dyovo
O43 - CFD: 10/05/2013 - 10:37:20 - [0,211] ----D C:\Documents and Settings\Administrateur\Application Data\Faimqu
O43 - CFD: 29/04/2013 - 10:04:03 - [0,014] ----D C:\Documents and Settings\Administrateur\Application Data\IE Addon
O43 - CFD: 11/05/2013 - 03:24:44 - [0] -SH-D C:\Documents and Settings\Administrateur\Application Data\jjccbidv
O43 - CFD: 29/05/2013 - 15:10:31 - [0,376] ----D C:\Documents and Settings\Administrateur\Application Data\OfferBox   =>PUP.OfferBox
O43 - CFD: 19/05/2013 - 15:53:10 - [0,062] ----D C:\Documents and Settings\Administrateur\Application Data\OpenCandy   =>Adware.OpenCandy
O43 - CFD: 26/03/2012 - 19:08:02 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\ul_data
O43 - CFD: 29/05/2013 - 11:47:38 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Utotxu
O43 - CFD: 29/04/2013 - 19:32:28 - [0,211] ----D C:\Documents and Settings\Administrateur\Application Data\Yksa
O43 - CFD: 11/05/2013 - 12:32:03 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Yxky
O43 - CFD: 10/05/2013 - 09:15:08 - [23,787] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\FreeSoundRecorder
O43 - CFD: 16/08/2011 - 04:35:46 - [0,000] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\girls-messenger
~ Program Folder: 167 Legitimates Filtered in 00mn 18s



---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/05/2013 - 18:38:49 ---A- . (...) -- C:\WINDOWS\RTacDbg.txt   [0]
O44 - LFC:[MD5.72E16FE4E90E36F0C689D010ABA440AD] - 31/05/2013 - 17:14:13 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.FB58EC4A1AACB02998E7C94C0460042A] - 31/05/2013 - 17:14:12 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [157]
O44 - LFC:[MD5.CB977252B40C9087E58DE7A60775BEFD] - 31/05/2013 - 14:21:57 ---A- . (...) -- C:\UsbFix [Clean 2] SWEET-51822340B.txt   [7528]
O44 - LFC:[MD5.861A162D82EDAE7107EE9C69A5DA4E63] - 31/05/2013 - 14:10:40 ----- . (...) -- C:\UsbFix [Clean 1] SWEET-51822340B.txt   [2729]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 30/05/2013 - 22:36:24 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini   [116]
O44 - LFC:[MD5.70E3A62E004C29D372B6D5F2595284BC] - 30/05/2013 - 22:27:34 ---A- . (...) -- C:\WINDOWS\wmsetup.log   [134168]
O44 - LFC:[MD5.254FFD9FE6CACC8E9D9EC8547973C924] - 29/05/2013 - 13:58:25 ---A- . (...) -- C:\WINDOWS\system.ini   [246]
O44 - LFC:[MD5.2A44570770236D602FF1C0B51B61FBA1] - 29/05/2013 - 13:58:25 ---A- . (...) -- C:\WINDOWS\win.ini   [507]
O44 - LFC:[MD5.D61E53E3FEC0C92BC8DD3969FAD63F87] - 29/05/2013 - 12:08:19 ---A- . (.McAfee, Inc. - McAfee HIP IPS Driver.) -- C:\WINDOWS\system32\Drivers\HipShieldK.sys   [146872]
O44 - LFC:[MD5.3004E3FE086E76D7D6DFB9A851ED6F10] - 29/05/2013 - 12:07:08 ---A- . (.McAfee, Inc. - McAfee NDIS Intermediate Driver.) -- C:\WINDOWS\system32\Drivers\mfendisk.sys   [84904]
O44 - LFC:[MD5.DFEEF477037659318A20EC31D294BAA6] - 29/05/2013 - 12:07:07 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat   [664]
O44 - LFC:[MD5.FD1E8AE586B0DD619C1E024FDEF1956F] - 29/05/2013 - 12:07:03 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\WINDOWS\system32\Drivers\mfeclnk.sys   [10088]
O44 - LFC:[MD5.375DE90B68533D9D0D7766D4CCB4CA32] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\WINDOWS\system32\Drivers\mfeavfk.sys   [235264]
O44 - LFC:[MD5.5ED806D4DF27AC11236BD9AD2CC10B7E] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\WINDOWS\system32\Drivers\mfebopk.sys   [65928]
O44 - LFC:[MD5.D669ACBE7672819109706C3CFF6BD1DB] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\WINDOWS\system32\Drivers\mferkdet.sys   [92632]
O44 - LFC:[MD5.16BF9475BFCFAA420A8CB29E40284457] - 29/05/2013 - 12:06:49 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\Drivers\mfefirek.sys   [363080]
O44 - LFC:[MD5.25C323075C5EA4A2555E35355A01F793] - 29/05/2013 - 12:06:48 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\WINDOWS\system32\Drivers\cfwids.sys   [60920]
O44 - LFC:[MD5.D66A1A16166897A5F7D04961F582F03B] - 29/05/2013 - 11:53:46 ---A- . (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\WINDOWS\system32\mfevtps.exe   [172416]
O44 - LFC:[MD5.E97136D362E971E3DF0AF3EB84330529] - 28/05/2013 - 16:34:25 ---A- . (...) -- C:\WINDOWS\FaxSetup.log   [58420]
O44 - LFC:[MD5.6870C22CB02A72BD2346BB6A920B695B] - 28/05/2013 - 16:34:18 ---A- . (...) -- C:\WINDOWS\ocgen.log   [50604]
O44 - LFC:[MD5.67E4A38222FEF783749367723786FC5E] - 23/05/2013 - 23:02:28 ---A- . (...) -- C:\WINDOWS\DPINST.LOG   [423218]
O44 - LFC:[MD5.D34D1DB92FF97C4E477DC0EC8DE3CF96] - 19/05/2013 - 14:53:11 ---A- . (.NCT Company Ltd. - NCTWMAFile2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTWMAFile2.dll   [348160]
O44 - LFC:[MD5.1322B7D39350F31C893697CF5B28D826] - 19/05/2013 - 14:53:10 ---A- . (.Online Media Technologies Ltd. - NCTAudioRecord2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioRecord2.dll   [458752]
O44 - LFC:[MD5.3861E1268367854B74E0EAAD860C97FE] - 19/05/2013 - 14:53:09 ---A- . (.NCT Company Ltd. - NCTAudioFile2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioFile2.dll   [1986560]
O44 - LFC:[MD5.BB825317BCE50FC7D2A05E5DE245AA25] - 19/05/2013 - 14:53:09 ---A- . (.Online Media Technologies Ltd. - NCTAudioEditor2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioEditor2.dll   [880640]
O44 - LFC:[MD5.BDF4A283DE3AB7F9EA53FC3440D5B8AC] - 19/05/2013 - 14:53:09 ---A- . (.Online Media Technologies Ltd. - NCTAudioInformation2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioInformation2.dll   [1212416]
O44 - LFC:[MD5.2FA689F048FECADF3DFE933D7800868F] - 19/05/2013 - 14:53:09 ---A- . (.Online Media Technologies Ltd. - NCTAudioPlayer2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioPlayer2.dll   [458752]
O44 - LFC:[MD5.0C41B286FCB82116E49B076125DDBDDB] - 19/05/2013 - 14:53:08 ---A- . (.NCT - NCTAudioCDGrabber2 ActiveX DLL.) -- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll   [835584]
~ Files: 46 Legitimates Filtered in 00mn 04s



---\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=1
~ MWPS: 6 Legitimates Filtered in 00mn 00s



---\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveSearch"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveTrack"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMBalloonTip"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMConfigurePrograms"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuMFUprogramsList"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWelcomeScreen"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "CDRAutoRun"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "HideRunAsVerb"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoInstrumentation"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoNetConnectDisconnect"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsHistory"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRemoteRecursiveEvents"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveTrack"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoStartMenuMFUprogramsList"=1
~ MWPE Keys: 35 Legitimates Filtered in 00mn 00s



---\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.023867B6606FBABCDD52E089C4A507DA] - 20/09/2010 - 19:43:25 ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys   [21361]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
~ Drivers:  Scanned in 00mn 00s



---\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 28/05/2013 - 13:40:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\FASTWiz.html   [1274]
O61 - LFC: 28/05/2013 - 23:43:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML   [10232]
O61 - LFC: 29/05/2013 - 08:30:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_2.wmdb   [1793940]
O61 - LFC: 29/05/2013 - 10:16:56 ---A- C:\Documents and Settings\Administrateur\Mes documents\Papier Gwen\Pole emploi _5008093071.pdf   [846701]
O61 - LFC: 29/05/2013 - 10:21:54 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Modèles\Normal.dot   [97280]
O61 - LFC: 29/05/2013 - 10:26:45 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\pc-cleaner-393.exe   [3476824]
O61 - LFC: 29/05/2013 - 11:00:12 ---A- C:\Documents and Settings\Administrateur\Application Data\Axot\edgag.lyu   [3656975]
O61 - LFC: 29/05/2013 - 11:19:47 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\prefs.js   [2627071]
O61 - LFC: 29/05/2013 - 11:27:23 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\accelererpc_364b312a685441d399a1d4484a4ed9f5_.exe   [3715248]
O61 - LFC: 29/05/2013 - 11:45:26 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\McAfeeSetup-Serial.exe   [4902664]
O61 - LFC: 29/05/2013 - 13:28:25 ---A- C:\Documents and Settings\Administrateur\Bureau\Internet.lnk   [104]
O61 - LFC: 29/05/2013 - 14:09:23 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\installer_ccleaner_French.exe   [1913528]   =>Piriform Ltd
O61 - LFC: 29/05/2013 - 14:10:38 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\update.xml   [418]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:10:39 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\update.sxe   [1213]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:10:40 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\profile.sxe   [4969]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:10:43 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\country.sxe   [357819]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:11:09 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\extracountry.sxe   [1809]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:16:24 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\http_app.offerbox.com\history.db   [27648]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:16:26 ---A- C:\Documents and Settings\Administrateur\Application Data\OfferBox\config.xml   [190]   =>PUP.OfferBox
O61 - LFC: 29/05/2013 - 14:37:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db   [7168]
O61 - LFC: 29/05/2013 - 14:37:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons   [65536]
O61 - LFC: 29/05/2013 - 14:54:03 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage   [74752]
O61 - LFC: 29/05/2013 - 14:54:03 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal   [3608]
O61 - LFC: 29/05/2013 - 15:13:06 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000203.sst   [253]
O61 - LFC: 30/05/2013 - 00:08:49 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\setup.exe   [2816352]
O61 - LFC: 30/05/2013 - 00:12:57 ---A- C:\Documents and Settings\Administrateur\Application Data\IE Addon\patterns.data   [14180]
O61 - LFC: 30/05/2013 - 00:15:19 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage   [3072]
O61 - LFC: 30/05/2013 - 00:15:35 ---A- C:\Documents and Settings\Administrateur\Application Data\Babylon\log_file.txt   [30080]   =>Toolbar.Babylon
O61 - LFC: 30/05/2013 - 00:29:42 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\AdbeRdr1014_en_US.exe   [50844096]
O61 - LFC: 30/05/2013 - 00:43:33 -SHA- C:\Documents and Settings\Administrateur\IECompatCache\index.dat   [65536]
O61 - LFC: 30/05/2013 - 00:43:33 -SHA- C:\Documents and Settings\Administrateur\PrivacIE\index.dat   [16187392]
O61 - LFC: 30/05/2013 - 11:48:46 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage   [3072]
O61 - LFC: 30/05/2013 - 11:48:46 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage-journal   [3608]
O61 - LFC: 30/05/2013 - 11:50:53 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\ZHPDiag\MBRCheck.lnk   [673]
O61 - LFC: 30/05/2013 - 11:50:53 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\ZHPDiag\ZHPDiag.lnk   [1523]
O61 - LFC: 30/05/2013 - 11:50:53 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\ZHPDiag\ZHPFix.lnk   [1628]
O61 - LFC: 30/05/2013 - 12:25:51 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\ZHPDiag\ZHPDiag.txt   [106615]
O61 - LFC: 30/05/2013 - 19:34:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.deezer.com_0.localstorage   [51200]
O61 - LFC: 30/05/2013 - 19:34:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.deezer.com_0.localstorage-journal   [16384]
O61 - LFC: 30/05/2013 - 19:35:12 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager   [13312]
O61 - LFC: 30/05/2013 - 19:35:12 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal   [8768]
O61 - LFC: 30/05/2013 - 22:27:32 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_0.wmdb   [261732]
O61 - LFC: 30/05/2013 - 22:36:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb   [35082240]
O61 - LFC: 30/05/2013 - 22:36:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb   [124872]
O61 - LFC: 30/05/2013 - 22:54:45 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage   [13312]
O61 - LFC: 30/05/2013 - 22:54:45 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal   [5672]
O61 - LFC: 31/05/2013 - 09:57:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites   [204800]
O61 - LFC: 31/05/2013 - 09:57:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal   [16384]
O61 - LFC: 31/05/2013 - 10:12:39 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists   [272904]
O61 - LFC: 31/05/2013 - 10:12:56 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:12:56 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 10:21:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_bh.contextweb.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:21:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_bh.contextweb.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 10:21:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_connexity.net_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:21:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_connexity.net_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 10:21:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_connexity.net_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 10:21:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_connexity.net_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 12:01:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Background.html   [780]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ContentOnDocStart.js   [862]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ContentScript.js   [3770]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\McChPlg.dll   [119952]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_black.gif   [1200]
O61 - LFC: 31/05/2013 - 12:01:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\popup.html   [1350]
O61 - LFC: 31/05/2013 - 12:01:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_black_lock.gif   [1200]
O61 - LFC: 31/05/2013 - 12:01:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_black_small.GIF   [1200]
O61 - LFC: 31/05/2013 - 12:01:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_cashback.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_cashback_lock.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_disabled.gif   [1190]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_green.gif   [1212]
O61 - LFC: 31/05/2013 - 12:01:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_green_lock.gif   [1212]
O61 - LFC: 31/05/2013 - 12:01:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_grey_lock.gif   [1190]
O61 - LFC: 31/05/2013 - 12:01:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_hs.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:51 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_hs_lock.gif   [1216]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_red.gif   [1215]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_red_lock.gif   [1215]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_yellow.gif   [1224]
O61 - LFC: 31/05/2013 - 12:01:52 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_yellow_lock.gif   [1224]
O61 - LFC: 31/05/2013 - 12:01:54 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\Resources\button_grey.gif   [1101]
O61 - LFC: 31/05/2013 - 12:01:54 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\manifest.json   [1046]
O61 - LFC: 31/05/2013 - 12:05:07 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\UsbFix.exe   [1047575]
O61 - LFC: 31/05/2013 - 12:24:41 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000222.sst   [231]
O61 - LFC: 31/05/2013 - 13:27:40 ---A- C:\Documents and Settings\Administrateur\Bureau\Bloc-notes.lnk   [1519]
O61 - LFC: 31/05/2013 - 13:56:54 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\vlc-2.0.6-win32.exe   [22948790]
O61 - LFC: 31/05/2013 - 14:03:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.free.fr_0.localstorage   [9216]
O61 - LFC: 31/05/2013 - 14:03:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.free.fr_0.localstorage-journal   [9800]
O61 - LFC: 31/05/2013 - 14:11:31 ---A- C:\Documents and Settings\Administrateur\Application Data\vlc\ml.xspf   [304]
O61 - LFC: 31/05/2013 - 14:11:31 ---A- C:\Documents and Settings\Administrateur\Application Data\vlc\vlcrc   [85002]
O61 - LFC: 31/05/2013 - 14:31:04 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_talkgadget.google.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 14:31:04 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_talkgadget.google.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 14:52:34 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_player.ooyala.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 14:52:34 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_player.ooyala.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 14:53:18 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\mbam-setup-1.75.0.1300.exe   [10285040]
O61 - LFC: 31/05/2013 - 15:00:03 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\mbam-setup-1.75.0.1300 (1).exe   [10285040]
O61 - LFC: 31/05/2013 - 17:13:40 -SHA- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-606747145-362288127-1177238915-500\Credentials   [2634]
O61 - LFC: 31/05/2013 - 17:13:59 -SHA- C:\Documents and Settings\Administrateur\IETldCache\index.dat   [262144]
O61 - LFC: 31/05/2013 - 17:32:11 ---A- C:\Documents and Settings\Administrateur\Mes documents\Downloads\RogueKiller.exe   [816128]
O61 - LFC: 31/05/2013 - 17:54:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000400.sst   [146]
O61 - LFC: 31/05/2013 - 17:54:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts   [32768]
O61 - LFC: 31/05/2013 - 17:54:49 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts-journal   [12824]
O61 - LFC: 31/05/2013 - 17:56:20 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity   [1654]
O61 - LFC: 31/05/2013 - 18:05:44 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_dub113.mail.live.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:05:44 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_dub113.mail.live.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:05:47 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_secure.shared.live.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor   [251904]
O61 - LFC: 31/05/2013 - 18:06:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal   [16384]
O61 - LFC: 31/05/2013 - 18:06:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000402.sst   [678402]
O61 - LFC: 31/05/2013 - 18:16:14 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old   [148]
O61 - LFC: 31/05/2013 - 18:16:18 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks.bak   [40831]
O61 - LFC: 31/05/2013 - 18:16:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000405.sst   [203032]
O61 - LFC: 31/05/2013 - 18:16:29 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old   [272]
O61 - LFC: 31/05/2013 - 18:17:42 ---A- C:\Documents and Settings\Administrateur\Bureau\Lilidurhone\ZHPDiag.txt   [107731]
O61 - LFC: 31/05/2013 - 18:32:59 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Tabs   [189814]
O61 - LFC: 31/05/2013 - 18:33:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links   [131072]
O61 - LFC: 31/05/2013 - 18:33:02 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session   [145832]
O61 - LFC: 31/05/2013 - 18:33:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT   [16]
O61 - LFC: 31/05/2013 - 18:33:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG   [148]
O61 - LFC: 31/05/2013 - 18:33:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000254   [900]
O61 - LFC: 31/05/2013 - 18:33:14 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal   [6680]
O61 - LFC: 31/05/2013 - 18:33:15 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Custom Dictionary.txt.backup   [72]
O61 - LFC: 31/05/2013 - 18:33:16 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Custom Dictionary.txt   [98]
O61 - LFC: 31/05/2013 - 18:33:17 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data   [12288]
O61 - LFC: 31/05/2013 - 18:33:17 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data-journal   [8736]
O61 - LFC: 31/05/2013 - 18:33:17 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data   [96256]
O61 - LFC: 31/05/2013 - 18:33:17 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal   [10792]
O61 - LFC: 31/05/2013 - 18:33:18 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks   [40831]
O61 - LFC: 31/05/2013 - 18:33:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings   [8]
O61 - LFC: 31/05/2013 - 18:33:31 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000408.sst   [406526]
O61 - LFC: 31/05/2013 - 18:33:31 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT   [16]
O61 - LFC: 31/05/2013 - 18:33:31 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000407   [252]
O61 - LFC: 31/05/2013 - 18:33:36 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage   [3072]
O61 - LFC: 31/05/2013 - 18:33:36 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal   [3608]
O61 - LFC: 31/05/2013 - 18:33:41 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG   [272]
O61 - LFC: 31/05/2013 - 18:34:18 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download   [1287012]
O61 - LFC: 31/05/2013 - 18:34:22 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom   [10498536]
O61 - LFC: 31/05/2013 - 18:34:22 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1531644]
O61 - LFC: 31/05/2013 - 18:34:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [134972]
O61 - LFC: 31/05/2013 - 18:34:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19756]
O61 - LFC: 31/05/2013 - 18:34:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [5024]
O61 - LFC: 31/05/2013 - 18:34:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 31/05/2013 - 18:34:48 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal   [4640]
O61 - LFC: 31/05/2013 - 18:37:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05   [8785920]
O61 - LFC: 31/05/2013 - 18:37:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05-journal   [16384]
O61 - LFC: 31/05/2013 - 18:37:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs   [22752]
O61 - LFC: 31/05/2013 - 18:37:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3   [458752]
O61 - LFC: 31/05/2013 - 18:37:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal   [16384]
O61 - LFC: 31/05/2013 - 18:37:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Local State   [44810]
O61 - LFC: 31/05/2013 - 18:37:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History   [512000]
O61 - LFC: 31/05/2013 - 18:37:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache   [450094]
O61 - LFC: 31/05/2013 - 18:37:24 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal   [16384]
O61 - LFC: 31/05/2013 - 18:37:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies   [259072]
O61 - LFC: 31/05/2013 - 18:37:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal   [16384]
O61 - LFC: 31/05/2013 - 18:37:26 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session   [47036]
O61 - LFC: 31/05/2013 - 18:37:26 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences   [145688]

lilidurhone · Answer

Héberges le il est trop long

lilidurhone · Answer

Gwen

Lis bien cette fiche c est l'outil qu'on va utiliser pour réparer les services de Windows

https://www.commentcamarche.net/faq/29469-utilisation-de-pre-scan

Tatie Gwendy · Answer

Hello!!!
Voici le lien pour le rapport:

https://pjjoint.malekal.com/files.php?id=20130601_k12b11x8c11x8

lilidurhone · Answer

Hello

Ton pc n'est pas encore sorti d'affaire mais on a éliminé une très grave infection :)

Pour l'instant fais les majs windows et ne désinstalles pas les outils on risque d'en avoir besoin


L'outil que je t'ai fait utiliser s'appelle Pre scan le concepteur est Gen h@ckm@n

C'est un outil spécial mais il résout pleins de problème!

Une fois que tu auras fait les majs windows fais un nouveau rapport zhpdiag(en l'hébergeant !)

g3n-h@ckm@n · Answer

salut

relancer Pre_scan ( ou winlogon s'il n'a pas changé de nom ) , cliquer sur diag , heberger le tapport pre_diag qui j'y jette un coup d'oeil :)
n,'oublie pas le lien ^^

Tatie Gwendy · Answer

Le lien:

https://pjjoint.malekal.com/files.php?id=ZHPDiag_20130601_z6d7l15y9e9


J'ai du mal à me connecter et j'ai une drôle de police, toute grasse, ainsi qu'une mise à jour qui refuse de s'installer (M.A.J de sécurité pr Microsoft Silverlight)

Tatie Gwendy · Answer

Pré_Diag:

https://pjjoint.malekal.com/files.php?id=20130601_b12n10b8o7e8

g3n-h@ckm@n · Answer

je supporte pas cet hébergeur , avec cette bannière de 50 km de large.....bref , je regarde ca....

g3n-h@ckm@n · Answer

pas bien le Windows cr@cké !!!!!!!!!!!

====================

 sélectionne ce texte , puis CTRL + C :

Kill::

Key::
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[BHO Update]
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SDP] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[{1E796980-9CC5-11D1-A83F-00C04FC99D61}] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[Theater]
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A83C3565-302C-4BF8-B000-6B6F1811D892}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}]
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}]
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A83C3565-302C-4BF8-B000-6B6F1811D892}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] 
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\2YourFace]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\BabSolution]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\BI]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\Conduit]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\DataMngr] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\DataMngr_Toolbar] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\FreeCompressor]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\lollipop] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\OfferBox] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\PriceGong] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\Smartbar] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\Somoto] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\Spointer] 
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\XingHaoLyrics]     
[HKU\S-1-5-21-606747145-362288127-1177238915-500\Software\YahooPartnerToolbar]     
[HKLM\Software\a6d88ce539e542] 
[HKLM\Software\Babylon]     
[HKLM\Software\Conduit]     
[HKLM\Software\DataMngr] 
[HKLM\Software\OfferBox] 
[HKLM\Software\SoftwareUpdater]     
[HKLM\Software\Tarma Installer]     
[HKLM\Software\Microsoft\windows\CurrentVersion\Uninstall\2YourFace]
[HKLM\Software\Microsoft\windows\CurrentVersion\Uninstall\FilesFrog Update Checker]
[HKLM\Software\Microsoft\windows\CurrentVersion\Uninstall\SoftwareUpdater] 
[HKCR\CLSID\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] 
[HKCR\CLSID\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}] 

File|Fold::
C:\Program Files\Internet Explorer\IEAddon.dll 
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\askcom.xml 
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\babylon.xml     
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\6i3dfoq5.default\searchplugins\delta.xml     
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}     
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} 
C:\b2fc0b025fd088875e56e1 
C:\2438e473fafc80cd7bb0fb7e95 
C:\fed0b876b4b890fecada48517d8328 
C:\WINDOWS\*.tmp     
C:\WINDOWS\Installer\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
C:\WINDOWS\Installer\{1EF93620-4B15-4DB4-B0EA-889E2F187081}
C:\Documents and Settings\All Users\Application Data\Babylon 
C:\Documents and Settings\All Users\Application Data\Tarma Installer     
C:\Documents and Settings\All Users\Application Data\BrowserProtect 
C:\Documents and Settings\Gwen\Local Settings\Application Data\Conduit     
C:\Documents and Settings\Gwen\Local Settings\Application Data\freecompressor Air     
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit     
C:\Documents and Settings\Administrateur\Local Settings\Application Data\freecompressor Air  
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Bundled software uninstaller     
C:\Program Files\Ask.com     
C:\Program Files\*.exe 
C:\Program Files\Conduit     
C:\Program Files\2YourFace     
C:\Program Files\FreeCompressor     
C:\Program Files\FilesFrog Update Checker 
C:\Program Files\SoftwareUpdater     

Driver::
SRVUPDATER

Clean::

MBR::

Reboot::
 
Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille 

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

Tatie Gwendy · Answer

Ha! Je ne savais pas pour le windows cr@ké. Ca craint???



Voici le pré_script:

https://pjjoint.malekal.com/files.php?id=20130604_g15v7k7e9i5

g3n-h@ckm@n · Answer

à tous les coups tu l'as amené faire réparer dans ce cas , et le réparateur t'a refourgué une copie pourrie 

pour le script c'est pas bon t'as pas du desactiver tes protections 
 
¤¤¤¤¤¤¤¤¤¤_Pre_Scan_Concept_¤¤¤¤¤¤¤¤¤¤
Windows 8 => meme flop que Vista X 10

Tatie Gwendy · Answer

Voici le rapport:

https://pjjoint.malekal.com/files.php?id=20130604_y7b12o8p9j11

g3n-h@ckm@n · Answer

oui :)

tu as encore des soucis apparents ?

enumère-les

g3n-h@ckm@n · Answer

Avec ce qu'on à installer pour le désinfecter 

c'est prevu de tout retirer à la fin

toutes les mises à jours, il à du bien s'alourdir.  

ca c'est obligatoire

ton windows est une version SWEET , à lire :

https://www.commentcamarche.net/faq/2981-j-utilise-une-version-piratee-de-windows

g3n-h@ckm@n · Answer

desinstalle reinstalle chrome

g3n-h@ckm@n · Answer

on fait le menage pour finir

 
 https://forums-fec.be/entraide/viewtopic.php?f=11&t=229

g3n-h@ckm@n · Answer

desinstalle -reinstalle chrome

g3n-h@ckm@n · Answer

desinstalle-le en mode avancé avec ceci :

https://www.commentcamarche.net/telecharger/utilitaires/19405-revo-uninstaller/

g3n-h@ckm@n · Answer

change de navigateur ^^

toutes facons google chrome pour ce qui est de la vie privée c'est pas top :)

tout ce qui est lié à google n'est pas top de toutes manières ....t'aimes pasmozilla ?

g3n-h@ckm@n · Answer

mozilla + WOT + ADBlockPlus + ghostery

lilidurhone · Answer

Hello Gwen

Essaie de restaurer par un point de restauration d'avant ta bêtise :) 

Tous les programmes>Accessoires>outils système>restauration du système
 
Si problème il y a il existe toujours une solution 
N'oubliez pas de mettre votre sujet en résolu :)

g3n-h@ckm@n · Answer

Il me semble que j'ai effacé des programmes importants,

  j'ai pourtant fais attention. 

100 x lol !!!

Cherche logiciel de nettoyage et mise à jour de mes prog&pilotes

46 réponses

Discussions similaires