SearchGold + BitGuard+... collés à Chrome

Question

Bonjour, 

J'ai ce problème, puis passé l'ordinateur à Malwarebyte + CCleaner. Ils ont enlevé BitGuard + un autre + un grand nombre de fichiers infectés.  Mais SearchGold était toujours là. J'ai donc désinstallé Chrome. Mais en le ré-installant j'ai ré-installé BitGard et toute la suite. J'ai de nouveau nettoyé, désinstallé Chrome. Et en ré-installant; idem!
Je me suis souvenu qu'à chaque installation le lancement du fichier d'exécution était toujours suivis de deux téléchargements!  Donc à la troisième ré-installation, j'ai interrompu comme j'ai pu au tout début du deuxième téléchargement. Après, j'ai passé de nouveau Malwarebyte qui m'a détecté quelques fichiers infectés mais beaucoup moins que précédemment. SearchGold n'apparaissait plus dans chrome. Mais Google avait soudain eu  une apparence graphique inhabituelle. Les résultats de recherche sont pourtant bien ceux de Google.
Maintenant, j'hésite à ré-désinstaller Chrome ou à ré-installer mon ordinateur avec Gost. Mais j'ai peur de ré-installer les virus en réinstallant Chrome...
Quelque saurait-il ce qu'il se passe?!

Si quelqu'un sait... Merci de me dire déjà comment trouver un fichier d'installation sans malware

Merci...

Configuration: Windows XP / Chrome 30.0.1599.101

2011N2 · Answer

Bonjour,

Passe AdwCleaner et poste le rapport : http://www.forum-entraide-informatique.com/support/adwcleaner-tutoriel-t875.html

Puis passe SFTGC et poste le rapport hébergé : http://www.forum-entraide-informatique.com/support/sftgc-tutoriel-t8267.html

Gabriel.

GG · Answer

Bonjour

Entre-temps je pense avoir résolu le problème en faisant ceci: désinstaller chrome, re-désinfecter le système, et re-telecharger le navigateur en utilisant Explorer qui lui n'était pas concerné. Nouvelle installation de Chrome sans problème...

J'ai tout de même téléchargé SFTGC en cas d'autre problème. Pour AdwCleaner l'installation  a bloqué avec une fenêtre disant: ce programme nécessite "Microsoft.net Framework 3.5".  J'ai également téléchargé la dernière version de CCleaner car celle que j'avais ne nettoyait pas Chrome; la nouvelle le fait...

En tout cas merci pour ta réponse

GG

2011N2 · Answer

Re,

SFTGC n'aidera pas à résoudre de problèmes, il ne fait que vider les fichiers temporaires, c'était juste pour que les rapports que j'allais te demander par la suite soient plus courts.

Concernant AdwCleaner, essaye avec un autre navigateur si possible.

Et je te conseille tout de même de suivre la désinfection, il y a très probablement des restes même si l'infection n'est plus visible.

Gabriel.

GG · Answer

Hello
Du coup j'ai pu installer AdwCleaner. Et j'ai effectué un nettoyage avec SFTGC. Avec AdwCleaner je n'ai supprimé qu'un seul dossier; j'avais des doutes sur les autres. Voici les rapports + le fichier de quarantaine d'AdwCleaner.
Re - Merci 

SFTGC

Rapport de SFTGC (Pierre13) du Vendredi 25 Octobre 2013 à 19:19:37 version : 2.0.0.55
Mis à jour le 12/09/2013
Outil lancé en Mode normal et En tant qu'administrateur
 Microsoft Windows XP Service Pack 3 32 bits 

Tool start in C:\Documents and Settings\gilles guérin\Mes documents\Téléchargements

 403 éléments supprimés => 29.53 Mo libérés. (54 s)

C:\Documents and Settings\gilles guérin\Local Settings\Temp\1284_7384
C:\Documents and Settings\gilles guérin\Local Settings\Temp\msohtmlclip
C:\Documents and Settings\gilles guérin\Local Settings\Temp\TWAIN.LOG
C:\Documents and Settings\gilles guérin\Local Settings\Temp\Twain001.Mtx
C:\Documents and Settings\gilles guérin\Local Settings\Temp\Twunk001.MTX
C:\Documents and Settings\gilles guérin\Local Settings\Temp\Twunk002.MTX
C:\Documents and Settings\gilles guérin\Local Settings\Temp\_avast_
C:\Documents and Settings\gilles guérin\Local Settings\Temp\~e5d141.tmp
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\styles
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ar
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\bg
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ca
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\cs
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\da
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\de
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\el
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\en
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\en_GB
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\es
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\es_419
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\fi
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\fil
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\fr
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\hi
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\hr
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\hu
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\id
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\it
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\iw
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ja
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ko
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\lt
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\lv
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales
l
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales
o
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\pl
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\pt_BR
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\pt_PT
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_localeso
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_localesu
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sk
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sl
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sr
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sv
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales	h
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales	r
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\uk
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\vi
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\zh_CN
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\zh_TW
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\zh_TW\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\zh_CN\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\vi\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\uk\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales	r\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales	h\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sv\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sr\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sl\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\sk\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_localesu\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_localeso\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\pt_PT\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\pt_BR\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\pl\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales
o\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales
l\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\lv\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\lt\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ko\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ja\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\iw\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\it\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\id\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\hu\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\hr\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\hi\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\fr\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\fil\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\fi\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\es_419\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\es\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\en_GB\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\en\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\el\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\de\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\da\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\cs\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ca\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\bg\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales\ar\messages.json
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\styles\payments.css
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\spinner.gif
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\wallet-icon-sm.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\wallet-icon-tiny.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\amex.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\bank.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\check.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\checkmark.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\close_dialog.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\close_dialog_hover.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\close_dialog_pressed.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\cvc-amex.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\cvc.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\discover.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\info_icon.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\jcb.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\lock.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\mastercard.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\stored_value.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\2x\visa.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\amex.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\bank.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\check.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\checkmark.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\close_dialog.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\close_dialog_hover.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\close_dialog_pressed.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\cvc-amex.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\cvc.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\discover.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\info_icon.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\jcb.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\lock.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\mastercard.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\stored_value.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\images\1x\visa.png
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\load_symbols.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_ar.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_bg.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_ca.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_cs.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_da.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_de.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_el.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_en_gb.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_es.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_es_419.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_fi.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_fil.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_fr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_hi.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_hr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_hu.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_id.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_it.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_iw.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_ja.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_ko.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_lt.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_lv.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_nl.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_no.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_pl.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_pt_br.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_pt_pt.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_ro.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_ru.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_sk.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_sl.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_sr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_sv.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_th.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_tr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_uk.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_vi.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_zh_cn.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\locale_name_zh_tw.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_ar.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_bg.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_ca.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_cs.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_da.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_de.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_el.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_en_gb.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_es.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_es_419.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_fi.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_fil.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_fr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_hi.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_hr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_hu.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_id.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_it.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_iw.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_ja.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_ko.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_lt.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_lv.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_nl.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_no.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_pl.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_pt_br.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_pt_pt.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_ro.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_ru.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_sk.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_sl.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_sr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_sv.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_th.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_tr.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_uk.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_vi.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_zh_cn.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\scoped_dir_3232_20986\CRX_INSTALL\i18n\symbols_zh_tw.js
C:\Documents and Settings\gilles guérin\Local Settings\Temp\msohtmlclip1\01
C:\Documents and Settings\gilles guérin\Local Settings\Temp\msohtmlclip1\01\clip_colorschememapping.xml
C:\Documents and Settings\gilles guérin\Local Settings\Temp\msohtmlclip1\01\clip_themedata.thmx
C:\Documents and Settings\gilles guérin\Local Settings\Temp\IswTmp\Logs\IEDownload.swl
C:\Documents and Settings\gilles guérin\Local Settings\Temp\1284_7384\crl-set
C:\Documents and Settings\gilles guérin\Local Settings\Temp\1284_7384\manifest.fingerprint
C:\Documents and Settings\gilles guérin\Local Settings\Temp\1284_7384\manifest.json
C:\Documents and Settings\gilles guérin\Recent\1-communication-C-Aebersold-Brechbühl.doc.lnk
C:\Documents and Settings\gilles guérin\Recent\Adresses.wdb.lnk
C:\Documents and Settings\gilles guérin\Recent\apartments.htm.lnk
C:\Documents and Settings\gilles guérin\Recent\btfr05tariff.gif.lnk
C:\Documents and Settings\gilles guérin\Recent\btfr05tarifs.gif.lnk
C:\Documents and Settings\gilles guérin\Recent\bureau-2013-10-23.lnk
C:\Documents and Settings\gilles guérin\Recent\campagneEN.txt.lnk
C:\Documents and Settings\gilles guérin\Recent\Desktop.ini
C:\Documents and Settings\gilles guérin\Recent\FAIRE.txt.lnk
C:\Documents and Settings\gilles guérin\Recent\Fichier d'adresses.lnk
C:\Documents and Settings\gilles guérin\Recent\index.htm.lnk
C:\Documents and Settings\gilles guérin\Recent\livre.lnk
C:\Documents and Settings\gilles guérin\Recent\Modeles.lnk
C:\Documents and Settings\gilles guérin\Recent
otes.txt.lnk
C:\Documents and Settings\gilles guérin\Recent\outDesinfection.lnk
C:\Documents and Settings\gilles guérin\Recent\Pages persos giPhotographeParisFr.lnk
C:\Documents and Settings\gilles guérin\Recent\paris-apts.lnk
C:\Documents and Settings\gilles guérin\Recent\pb-virus chrome.txt.lnk
C:\Documents and Settings\gilles guérin\Recent\peoples.htm.lnk
C:\Documents and Settings\gilles guérin\Recent\photobook.lnk
C:\Documents and Settings\gilles guérin\Recent\planete_raison.htm.lnk
C:\Documents and Settings\gilles guérin\Recent\ponct.lnk
C:\Documents and Settings\gilles guérin\Recent\prix.txt.lnk
C:\Documents and Settings\gilles guérin\Recent\scan.txt.lnk
C:\Documents and Settings\gilles guérin\Recent\Tarifs2.xls.lnk
C:\Documents and Settings\gilles guérin\Recent	exte-bulle-java.doc.lnk
C:\Documents and Settings\gilles guérin\Recent\yAdwords.lnk
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\AntiPhishing
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.MSO
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.Word
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\desktop.ini
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\0LCEZ3EJ
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\0NEVAY8L
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\NUVPRXAB
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\a_usersync[1]
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\a_usersync[2]
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\a_usersync[3]
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\a_usersync[4]
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgBoxBodyBlue[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgBoxFootRed[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgBoxHeadBlue[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgBoxHeadlineBlue300[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgBoxHeadRed[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgButtonGreenLogin_fr_FR[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgCheck_fr_FR[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bgInput[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\blank[1].gif
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\bonjour@streetpress[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\chrome-48[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\click1[1].gif
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\columns[1].css
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\DaSXOQ1yXu0Wk1dC0e6QB4q4CC_7p9XKg-cWUsWNofcxUm5qK0roEK9fEA_A6k0gZxBYdRRR5pNIA94jrIOCxq0MF4R6mSvAIUqVP1koAVXorW1078&callback=google.LU[1].loadFeaturemap_473_0
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\Default[1].css
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\desktop.ini
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\error[1]
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\global[1].js
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\google_ads[1].js
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\iconMore[1].png
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\jquery_1.8[1].js
C:\Documents and Settings\gilles guérin\Local Settings\Temporary Internet Files\Content.IE5\Q7YG6ZKG\logo3w[1].png
C:\Documents and Settings\Invité\Local Settings\Temp\BEB71B81.TMP
C:\Documents and Settings\Invité\Local Settings\Temp\jusched.log
C:\Documents and Settings\Invité\Local Settings\Temp\TWAIN.LOG
C:\Documents and Settings\Invité\Local Settings\Temp\Twain001.Mtx
C:\Documents and Settings\Invité\Local Settings\Temp\Twunk001.MTX
C:\Documents and Settings\Invité\Local Settings\Temp\Twunk002.MTX
C:\Documents and Settings\Invité\Local Settings\Temp\_avast4_
C:\Documents and Settings\Invité\Local Settings\Temp\_avast_
C:\Documents and Settings\Invité\Local Settings\Temp\~e5d141.tmp
C:\Documents and Settings\Invité\Recent\Desktop.ini
C:\Documents and Settings\Invité\Recent\desktop.lnk
C:\Documents and Settings\Invité\Recent\Démarrage.lnk
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\desktop.ini
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\index.dat
C:\DOCUME~1\GILLES~1\LOCALS~1\Temp\msohtmlclip1
C:\DOCUME~1\GILLES~1\LOCALS~1\Temp\scoped_dir_3232_20986\CRX_INSTALL\images
C:\DOCUME~1\GILLES~1\LOCALS~1\Temp\scoped_dir_3232_20986\CRX_INSTALL\_locales
C:\WINDOWS\Prefetch\30.0.1599.101_CHROME_INSTALLE-1D4DF486.pf
C:\WINDOWS\Prefetch\ACRORD32.EXE-1CE22EA3.pf
C:\WINDOWS\Prefetch\ACRORD32.EXE-1DA60E8C.pf
C:\WINDOWS\Prefetch\ADOBEARM.EXE-2D5CF26D.pf
C:\WINDOWS\Prefetch\ADOBELMSVC.EXE-1FC5ACB3.pf
C:\WINDOWS\Prefetch\ADWCLEANER.EXE-07E9FDC5.pf
C:\WINDOWS\Prefetch\AU_.EXE-37979A97.pf
C:\WINDOWS\Prefetch\AVAST.SETUP-11F440C6.pf
C:\WINDOWS\Prefetch\CALC.EXE-02A5B4B1.pf
C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf
C:\WINDOWS\Prefetch\CCSETUP407.EXE-0F9BA5F9.pf
C:\WINDOWS\Prefetch\CHRMSTP.EXE-389B8890.pf
C:\WINDOWS\Prefetch\CHROME.EXE-0D4FDFF0.pf
C:\WINDOWS\Prefetch\CHROME.EXE-356F0A7F.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3E4F8D3B.pf
C:\WINDOWS\Prefetch\CHROME.EXE-3FB0DF2E.pf
C:\WINDOWS\Prefetch\CHROME.EXE-E6D89997.pf
C:\WINDOWS\Prefetch\CHROME.EXE-E79A96EA.pf
C:\WINDOWS\Prefetch\CHROMESETUP [1].EXE-1AFBFC63.pf
C:\WINDOWS\Prefetch\CLEANMGR.EXE-31B430FE.pf
C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf
C:\WINDOWS\Prefetch\DNTPSERVICE.EXE-29A0B14A.pf
C:\WINDOWS\Prefetch\DOWNLOAD.EXE-1C04E908.pf
C:\WINDOWS\Prefetch\DRWTSN32.EXE-01DDCF15.pf
C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf
C:\WINDOWS\Prefetch\EXCEL.EXE-1FF53647.pf
C:\WINDOWS\Prefetch\FIREFOX SETUP STUB 24.0.EXE-05C6AD7B.pf
C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf
C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-07D84788.pf
C:\WINDOWS\Prefetch\FTPXPERT.EXE-0CD39E27.pf
C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-0B1F4CED.pf
C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-11A02D15.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-160E1F62.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-171C3991.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-3A7722C1.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-2F4A2F77.pf
C:\WINDOWS\Prefetch\GOOGLEUPDATESETUP_1.3.21.123.-1BA73279.pf
C:\WINDOWS\Prefetch\HELPER.EXE-0324EC74.pf
C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf
C:\WINDOWS\Prefetch\IE4UINIT.EXE-046D13C9.pf
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf
C:\WINDOWS\Prefetch\IFRMEWRK.EXE-02DE6F7E.pf
C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf
C:\WINDOWS\Prefetch\ISWUPDE.EXE-04671704.pf
C:\WINDOWS\Prefetch\Layout.ini
C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf
C:\WINDOWS\Prefetch\MAINTENANCESERVICE.EXE-1F65C76E.pf
C:\WINDOWS\Prefetch\MAINTENANCESERVICE_INSTALLER.-02C72467.pf
C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf
C:\WINDOWS\Prefetch\MMC.EXE-40C583F0.pf
C:\WINDOWS\Prefetch\MSIMN.EXE-183B59AF.pf
C:\WINDOWS\Prefetch\MSMSGS.EXE-0620E8B3.pf
C:\WINDOWS\Prefetch\NMAIN.EXE-1252A0E5.pf
C:\WINDOWS\Prefetch\NOTEPAD.EXE-2DAE2DE6.pf
C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf
C:\WINDOWS\Prefetch\NSABA.TMP-21E34111.pf
C:\WINDOWS\Prefetch\NSABD.TMP-11A48935.pf
C:\WINDOWS\Prefetch\NSAEA.TMP-32A29912.pf
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
C:\WINDOWS\Prefetch\PDFCREATOR.EXE-2A523411.pf
C:\WINDOWS\Prefetch\PDFSPOOL.EXE-05CA4485.pf
C:\WINDOWS\Prefetch\PF-CHROME-W78.EXE-36959A96.pf
C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-09D88D69.pf
C:\WINDOWS\Prefetch\PING.EXE-30F9CA9D.pf
C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-0EB365FC.pf
C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-41FB74E5.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4524B90F.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-45341019.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4E4968D8.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4F118E5B.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-591AA4FD.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-5FC31C68.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-69942D90.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6C7B750F.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6DF739B2.pf
C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf
C:\WINDOWS\Prefetch\SCRNSAVE.SCR-22431769.pf
C:\WINDOWS\Prefetch\SENDBLASTER2.EXE-15957C1C.pf
C:\WINDOWS\Prefetch\SETUP-STUB.EXE-17FDA4FF.pf
C:\WINDOWS\Prefetch\SETUP-STUB.EXE-2E4CD861.pf
C:\WINDOWS\Prefetch\SETUP.EXE-01101141.pf
C:\WINDOWS\Prefetch\SETUP.EXE-2893B3D1.pf
C:\WINDOWS\Prefetch\SETUP.EXE-38FE494A.pf
C:\WINDOWS\Prefetch\SFTGC.EXE-360FF9EE.pf
C:\WINDOWS\Prefetch\SYSTRAY.EXE-0E2413B4.pf
C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf
C:\WINDOWS\Prefetch\UIMAIN.EXE-11EC2597.pf
C:\WINDOWS\Prefetch\UNINST.EXE-1B32283A.pf
C:\WINDOWS\Prefetch\V2IMOUNTSVC.EXE-1EA826A0.pf
C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf
C:\WINDOWS\Prefetch\WEXPERT3.EXE-22C5AFDF.pf
C:\WINDOWS\Prefetch\WINWORD.EXE-15ED065E.pf
C:\WINDOWS\Prefetch\WKDSTORE.EXE-23505CEE.pf
C:\WINDOWS\Prefetch\WKSDB.EXE-2963811E.pf
C:\WINDOWS\Prefetch\WKSSS.EXE-29C28516.pf
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf
C:\WINDOWS\Prefetch\WMPLAYER.EXE-1ACCF80C.pf
C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf
C:\WINDOWS\Prefetch\~E5D141.TMP-20090C51.pf

AdwCleaner

# AdwCleaner v3.010 - Rapport créé le 25/10/2013 à 19:40:28
# Mis à jour le 20/10/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : gilles guérin - GGPORTABLE
# Exécuté depuis : C:\Documents and Settings\gilles guérin\Mes documents\Téléchargements\adwcleaner-3.010.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

[x] Non Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
[x] Non Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\jZip
[x] Non Supprimé : C:\Program Files\jZip
[x] Non Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\jZip
[x] Non Supprimé : C:\Documents and Settings\gilles guérin\Local Settings\Application Data\jZip
[x] Non Supprimé : C:\Documents and Settings\gilles guérin\Application Data\CheckPoint\ZoneAlarm LTD Toolbar
Dossier Supprimé : C:\Documents and Settings\gilles guérin\Application Data\searchgol

***** [ Raccourcis ] *****


***** [ Registre ] *****

[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Prod.cap
[x] Non Supprimé : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[x] Non Supprimé : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[x] Non Supprimé : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[x] Non Supprimé : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[x] Non Supprimé : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[x] Non Supprimé : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5CBB76-7379-4490-AA5B-B037C0A36381}
[x] Non Supprimé : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x] Non Supprimé : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
[x] Non Supprimé : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe]
[x] Non Supprimé : HKCU\Software\MyWaySA
[x] Non Supprimé : HKCU\Software\Softonic
[x] Non Supprimé : HKLM\Software\DataMngr
[x] Non Supprimé : HKLM\Software\jZip
[x] Non Supprimé : HKLM\Software\MyWaySA
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E7559288-223B-453C-9F06-340E3BE21E39}
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E7559288-223B-453C-9F06-340E3BE21E39}
[x] Non Supprimé : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\jZip

***** [ Navigateurs ] *****

-\ Internet Explorer v8.0.6001.18702


-\ Mozilla Firefox v24.0 (fr)

[ Fichier : C:\Documents and Settings\gilles guérin\Application Data\Mozilla\Firefox\Profiles\ulc7ct3o.default\prefs.js ]


-\ Google Chrome v30.0.1599.101

[ Fichier : C:\Documents and Settings\gilles guérin\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6800 octets] - [25/10/2013 19:34:20]
AdwCleaner[S0].txt - [6991 octets] - [25/10/2013 19:40:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7051 octets] ##########


Quarantaine

C:\Documents and Settings\gilles guérin\Application Data\searchgol\sqlite3.dll->C:\AdwCleaner\Quarantine\C\Documents and Settings\gilles guérin\Application Data\searchgol\sqlite3.dll.vir

2011N2 · Answer

Salut,

Ok.

Peux-tu refaire AdwCleaner en laissant tout coché stp ?
Aucun risque pour ton PC.

Gabriel.

2011N2 · Answer

Bonsoir,

Pas grave.

Oui  il y a surement des restes.

Mais ton dernier rapport m'indique qu'AdwCleaner n'a pas tout supprimé...
Peux-tu me faire une recherche voir s'il reste des éléments ?

Gabriel.

GG · Answer

Re...
Voici le rapport....

# AdwCleaner v3.010 - Rapport créé le 01/11/2013 à 10:48:47
# Mis à jour le 20/10/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : gg - GGPORTABLE
# Exécuté depuis : D:\aaLogiciels\antiVirus\outDesinfection\adwcleaner-3.010.exe
# Option : Scanner

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Présent C:\Documents and Settings\gilles guérin\Application Data\CheckPoint\ZoneAlarm LTD Toolbar

***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\ Internet Explorer v8.0.6001.18702


-\ Mozilla Firefox v24.0 (fr)

[ Fichier : C:\Documents and Settings\gilles guérin\Application Data\Mozilla\Firefox\Profiles\ulc7ct3o.default\prefs.js ]


-\ Google Chrome v30.0.1599.101

[ Fichier : C:\Documents and Settings\gilles guérin\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6800 octets] - [25/10/2013 18:34:20]
AdwCleaner[R1].txt - [6726 octets] - [28/10/2013 14:18:26]
AdwCleaner[R2].txt - [6786 octets] - [28/10/2013 14:20:01]
AdwCleaner[R3].txt - [1443 octets] - [01/11/2013 10:30:32]
AdwCleaner[R4].txt - [1503 octets] - [01/11/2013 10:36:20]
AdwCleaner[R5].txt - [1303 octets] - [01/11/2013 10:48:47]
AdwCleaner[S0].txt - [7131 octets] - [25/10/2013 18:40:28]
AdwCleaner[S1].txt - [6841 octets] - [28/10/2013 14:24:00]
AdwCleaner[S2].txt - [1567 octets] - [01/11/2013 10:38:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1543 octets] ##########

2011N2 · Answer

Salut,

Ok, fais un diagnostic de ton PC avec ZHPDiag et poste le rapport hébergé : http://www.forum-entraide-informatique.com/support/zhpdiag-tutoriel-t4831.html

Gabriel.

GG · Answer

Bonsoir
En fait comme j'ai  HijackThis sous la main et comme 'il n'y a pas besoin de l'installer...
Si c'est suffisant voici le rapport (Dans le cas contraire je passerai ZHPDiag)...
Merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39:39, on 04/11/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla	fswctrl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting
etWaiting.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\aaLogiciels\antiVirus\outDesinfection\HiJackThis\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - C:\WINDOWS\Speech\Dragon\web_ie.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla	fswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting
etWaiting.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE R?SEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: iTunesHelper.vbe
O4 - Startup: OneNote 2007 - Capture d'?cran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dell Network Assistant.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Envoyer ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

2011N2 · Answer

Salut,

Non non c'est pas suffisant, on voit pas d'infection, il est totalement obsolète. ^^
ZHPDiag s'installe et se désinstalle très facilement, pas de problème.

Gabriel.

GG · Answer

Salut
J'ai exécuté ZHPDiag et mis le rapport ici: http://cjoint.com/?3Kfpznl0Mgd
Merci

2011N2 · Answer

Salut,

Ok, fais ZHPFix comme ceci avec ces lignes, et poste le rapport.

Gabriel.

GG · Answer

Hello
Toujours en décalé... Voici le rapport...


Rapport de ZHPFix 2013.11.4.1 par Nicolas Coolman, Update du 03/11/2013
Fichier d'export Registre : 
Run by gilles guÈrin at 10/11/2013 10:53:49
High Elevated Privileges : OK
Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidÈe (00mn 04s)

========== ClÈs du Registre ==========
SUPPRIM...: SearchScopes :{FE26CF1C-A9B6-4092-9385-D07351255EDA}
SUPPRIM...: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar
SUPPRIM...: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
SUPPRIM...: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
SUPPRIM...: HKLM\Software\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
SUPPRIM...: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Protection_ZoneAlarm Toolbar
SUPPRIM... CLSID MPSK: {3dc45de1-3156-11dc-b6ea-0015c5aef409}

========== Valeurs du Registre ==========
SUPPRIM... RunValue: CTFMON.EXE

========== ElÈments de donnÈe du Registre ==========
SUPPRIM... Pointeurs: cplfile(cpl) Default=%SystemRoot%\System32\control.exe "%1",%*

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichiers ==========
SUPPRIM...: c:\windows	asks	emp_plus-hd-3.5-enabler.job
SUPPRIM...: C:\Windows\Installer\1223f.msi
SUPPRIM...: c:\windows\prefetch\hp1006sm.exe-0c0d953e.pf
SUPPRIM...: c:\windows\prefetch\p1006ssl.exe-07e87982.pf
SUPPRIM...: c:\windows\prefetch\ftpxpert.exe-0cd39e27.pf
SUPPRIM...: c:\windows\prefetch\wksdb.exe-2963811e.pf
SUPPRIM...: c:\windows\prefetch\symlcsvc.exe-276af009.pf
SUPPRIM...: c:\windows\prefetch\dmxlauncher.exe-268192cb.pf
SUPPRIM...: c:\windows\prefetch\dvdlauncher.exe-1e7a529b.pf
SUPPRIM...: c:\windows\prefetch\scanner.exe-24cac26f.pf
SUPPRIM...: c:\windows\prefetch\wexpert3.exe-22c5afdf.pf
SUPPRIM...: c:\windows\prefetch\~e5d141.tmp-20090c51.pf
SUPPRIM...: c:\windows\prefetch\scrnsave.scr-22431769.pf
SUPPRIM...: c:\windows\prefetch\drwifi.exe-0d0e716b.pf
SUPPRIM...: c:\windows\prefetch
tosboot-b00dfaad.pf
SUPPRIM...: c:\windows\prefetch\fxssvc.exe-140862e7.pf
SUPPRIM...: c:\windows\prefetch\stsystra.exe-250da2ac.pf
SUPPRIM...: c:\windows\prefetch\avgas.exe-02f47b43.pf
SUPPRIM...: c:\windows\prefetch\ghosttray.exe-0dad3251.pf
SUPPRIM...: c:\windows\prefetch\dot1xcfg.exe-008c9a1d.pf
SUPPRIM...: c:\windows\prefetch
etwaiting.exe-350657bf.pf
SUPPRIM...: c:\windows\prefetch\ezi_hnm2.exe-2e324f0c.pf
SUPPRIM...: c:\windows\prefetch	fswctrl.exe-2d67c816.pf
SUPPRIM...: c:\windows\prefetch\avast.setup-11f440c6.pf
SUPPRIM...: c:\windows\prefetch\sendblaster2.exe-15957c1c.pf
SUPPRIM...: c:\windows\prefetch\mpnex40.exe-15cd1a4f.pf
SUPPRIM...: c:\windows\prefetch\wiaacmgr.exe-335c1ee8.pf
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswdmp.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswfwmon.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswgui.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswmenus.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswshex.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswstats.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswuilib.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswul.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswul_min.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\iswupd.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs\sitechecker.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs	rustchecker.swl
SUPPRIM... RedÈmarrage: c:\documents and settings\gg\local settings	emp\iswtmp\logs	rustcheckerieplugin.swl
SUPPRIM...S Temporaires Windows (0) (0 octets)
SUPPRIM...S Flash Cookies (0) (0 octets)

========== Restauration SystËme ==========
Point de restauration du systËme crÈÈ avec succËs


========== RÈcapitulatif ==========
7 : ClÈs du Registre
1 : Valeurs du Registre
1 : ElÈments de donnÈe du Registre
1 : Dossiers
42 : Fichiers
1 : Restauration SystËme


End of clean in 00mn 52s

========== Chemin de fichier rapport ==========
C:\Documents and Settings\gg\Application Data\ZHP\ZHPFix[R1].txt - 10/11/2013 10:53:53 [4596]

2011N2 · Answer

Bonjour,

Bien.
Fais un examen complet sur tous les disques avec MBAM. Tu supprimeras tous les éléments détectés et me posteras le rapport : http://www.forum-entraide-informatique.com/support/malwarebytes-anti-malware-mbam-tutoriel-t6.html

Gabriel.

GG · Answer

Bonsoir
J'ai passé MBAM sur les 2 partitions de mon disque et aucun élément nuisible n'a été détecté. Dois-je les poster quand-même?

2011N2 · Answer

Bonsoir,

Oui poste c'est mieux. :)

Ensuite fais un nouveau rapport ZHPDiag.

Gabriel.

GG · Answer

Re bonjour
Voici le rapport Mbam et ZHPD dans le même fichier
http://cjoint.com/?3KrqKd3fCFC 
Merci

2011N2 · Answer

Bonjour,

Ok accepte la mise à jour ZHPDiag et refais-le comme indiqué dans ce tutoriel (à partir du point 5/ ) : http://www.forum-entraide-informatique.com/support/zhpdiag-tutoriel-t4831.html

Gabriel.

GG · Answer

Bonjour
Toujours tard comme d'habitude. Voici le rapport
http://cjoint.com/?3KDiYvevgSz
Merci

2011N2 · Answer

Salut,

C'est propre, toujours des soucis ?

Il nous reste encore à finaliser, ce n'est pas tout à fait terminé.

Gabriel.

GG · Answer

Bonjour
Pas de soucis, pas de manifestations  apparentes...
Que dois-je faire pour finaliser?

2011N2 · Answer

Bonsoir,

Voici la procédure de finalisation : http://www.forum-entraide-informatique.com/support/finalisation-t8237.html
Tiens moi au courant de ton avancée au fur et à mesure.

Gabriel.

SearchGold + BitGuard+... collés à Chrome

22 réponses

Votre réponse

Discussions similaires

Newsletters