Sujet Précédent Sujet Suivant

Tres lent

Fermé
pat - 30 oct. 2013 à 11:40
 pat - 4 nov. 2013 à 18:04
Bonjour, mon ordi et tres lent ,donc j ai fait fichier ZHPDiag herberger et voila le resultat ,~ Rapport de ZHPDiag v2013.10.28.74 - Nicolas Coolman (28/10/2013)
~ Lancé par patrice (29/10/2013 15:49:55)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 24.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Home Edition Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du système
Norton Internet Security v8.0.2.5
Norton AntiVirus 2005 v11.0.8

---\\ Logiciels d'optimisation du système
CCleaner v4.07 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 7.0 - Français

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 31 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 447 MB (13% free)
System Restore: Activé (Enable)
System drive C: has 25 GB (82%) free of 30 GB

---\\ Mode de connexion au système
~ Computer Name: 106646350315
~ User Name: patrice
~ All Users Names: SUPPORT_388945a0, patrice, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : D:\Documents and Settings\patrice.106646350315.002\Application Data\ZHP\
~ %AppData% : D:\Documents and Settings\patrice.106646350315.002\Application Data\
~ %Desktop% : D:\Documents and Settings\patrice.106646350315.002\Bureau\
~ %Favorites% : D:\Documents and Settings\patrice.106646350315.002\Favoris\
~ %LocalAppData% : D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\
~ %StartMenu% : D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 25 Go of 30 Go)
D: Hard drive, Flash drive, Thumb drive (Free 58 Go of 111 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 37 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4C33E5B9A6197B6ED215F6CFBA0A2DAA] - (.Microsoft Corporation - Explorateur Windows.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.BA7CDA9917332A6E1FAA1B46BC3AB5FD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/03/2005 - 09:04:14.) -- C:\WINDOWS\system32\wininet.dll [660992]
[MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/08/2004 - 21:59:44.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.E2168CBC7098FFE963C6F23F472A3593] - (.Microsoft Corporation - IP Network Address Translator.) (.29/09/2004 - 23:28:38.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.5DDC9A1B2EB5A4BF010CE8C019A18C1F] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.19/01/2005 - 05:26:52.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451584]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/2004 - 22:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.03/08/2004 - 23:39:44.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/36
~ Mes Documents (My Documents) : 1/108
~ Mon Bureau (My Desktop) : 0/8
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.ABC57A6F6070BAF9786C318F59F29F0B] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [380928] [PID.784]
[MD5.2F3E468E243FCB7DF663BA6F8241677F] - (.Symantec Corporation - Symantec Network Proxy Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [234616] [PID.1212]
[MD5.97E6A26F4DEF7A2069A46BF55729FD78] - (.Symantec Corporation - Symantec Settings Manager Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [164984] [PID.1520]
[MD5.003F1A73B2B4AFDFB27CB97ACAFDC387] - (.Symantec Corporation - IS Service.) -- C:\Program Files\Norton Internet Security\ISSVC.exe [83088] [PID.1604]
[MD5.AD1844100435E163C36322ACB2492117] - (.Symantec Corporation - Network Driver Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [206048] [PID.1640]
[MD5.08FA56B7C13B4CBF0E5D351AECAD92B1] - (.Symantec Corporation - SPBBC Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe [173160] [PID.1732]
[MD5.9EE1031145AB8A49343DD81916B729C0] - (.Symantec Corporation - Symantec Event Manager Service.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [197752] [PID.1768]
[MD5.6351B9D79370A6795921FA3C3950DED6] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe [77824] [PID.408]
[MD5.8824078BDA1635639AAE125D24B85383] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064] [PID.520]
[MD5.1F6573D67DD5DC06DD29EC7FCF81DC6F] - (.Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [36975] [PID.776]
[MD5.82A3189812B836F6C0A6D714B0CFCC4F] - (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [58488] [PID.876]
[MD5.E13406F701A9B2A7513CD6798A40CECB] - (.America Online, Inc. - AOL Connectivity Service.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe [1135728] [PID.940]
[MD5.CAA71374014DA23AF7E10F15EA975BDF] - (.Ulead Systems, Inc. - AutoDetector.) -- C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [90112] [PID.1032]
[MD5.C31A0AF9B3702C5C2A3FA4BDCC37A76F] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Apps\Powercinema\PCMService.exe [127118] [PID.1068]
[MD5.84DA056C4331B17A5AAFACFF49C3BBA3] - (.NEC Computers International - Activboard Application.) -- C:\apps\ABoard\ABoard.exe [24576] [PID.1140]
[MD5.66C31EC9B966A1D5FFC726A53DC1A137] - (.NEC Computers International - ActivOSD Application.) -- C:\apps\ABoard\AOSD.exe [69632] [PID.1236]
[MD5.4921CB1FAE6978D44A91D0D65D93FA57] - (.Pas de propriétaire - CLCapSvc Module.) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [221266] [PID.1256]
[MD5.BC2DDAF478AAF92F237FB52E35EB53D6] - (.Cyberlink - NT CLMLServer.) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [61440] [PID.1336]
[MD5.69202C049779AE09470370F163363F13] - (...) -- c:\APPS\HIDSERVICE\HIDSERVICE.exe [49152] [PID.1368]
[MD5.C0E569681F74A0C1E5FBEBF914509BF0] - (.Cyberlink - Cyberlink MediaLibrary NT Service.) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe [737381] [PID.1416]
[MD5.4F4F997B91DC40591AF2E729D1346899] - (.Symantec Corporation - Norton AntiVirus Auto-Protect Service.) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe [176768] [PID.1420]
[MD5.CA90D2C55EB3BB90687677BEA3DB0B59] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.1576]
[MD5.58E407DF43CA11ADE8AECFE629FEACD1] - (.Wajam - Auto-updater.) -- C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe [114176] [PID.2192] =>Toolbar.Wajam
[MD5.BFB1A491B7CFAFBD35220537EEE92760] - (.Pas de propriétaire - CLSched Module.) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe [110672] [PID.2228]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [274840] [PID.3448]
[MD5.12FD4EF8F2CBBF98E0A5CED88258DDF3] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17816] [PID.1516]
[MD5.312707A513F86ED20642F43F8EF4DD14] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe [264616] [PID.3244]
[MD5.5E19E0A90219C0B69902334D63C91952] - (.Nicolas Coolman - Zeb Help Process.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [4962304] [PID.3112]
[MD5.D5CDEA452982FC61E21EE978AAB134DD] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe [367016] [PID.2008]
[MD5.3EEA73EA32478100A260CF5ACF952878] - (.IncrediMail, Ltd. - IncrediMail Notifier.) -- C:\Program Files\IncrediMail\Bin\ImNotfy.exe [260520] [PID.2572]
[MD5.3B605772669BDFD6DC266B9320E87B45] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8143872] [PID.3308]
[MD5.74E6E96C6F0E2ECA4EDBB7F7A468F259] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1694208] [PID.244]
~ Processes Running: Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\prefs.js
M2 - MFEP: prefs.js [patrice - bokpemcp.default\***@***] [] LyricsMonkey-15 v (..) =>Adware.AddLyrics
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll =>Adware.MetaStream
~ Firefox Browser: 6 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\fr.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pas de propriétaire - MetaStream 3 Plugin r4.) (No version) -- (.not file.) =>Adware.MetaStream
~ IE Browser: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0043910 - {11111111-1111-1111-1111-110411391110} . (.knaShoel - LyricsMonkey-15 BHO.) -- C:\Program Files\LyricsMonkey-15\LyricsMonkey-15-bho.dll =>Adware.AddLyrics
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files\Wajam\IE\priam_bho.dll =>Toolbar.Wajam
~ BHO: 20 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Norton Internet Security - [HKLM]{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} . (.Symantec Corporation - NIS Shell Extension.) -- C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - [HKLM]{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} . (.Symantec Corporation - Norton AntiVirusNAVShellExt Module.) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] . (.Ulead Systems, Inc. - AutoDetector.) -- C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Apps\Powercinema\PCMService.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [ACTIVBOARD] . (.NEC Computers International - Activboard Application.) -- c:\apps\ABoard\ABoard.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Software updater] . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\FreeSoftwareUpdater\updater.exe =>PUP.Eorezo
O4 - HKCU\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-2573385195-2862984088-841898125-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-2573385195-2862984088-841898125-1006\..\Run: [Software updater] . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\FreeSoftwareUpdater\updater.exe =>PUP.Eorezo
O4 - HKUS\S-1-5-21-2573385195-2862984088-841898125-1006\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} . (...) -- C:\Program Files\Real\RealPlayer\eb_act.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
~ IE Paramètres WEB: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0DF4BB4-8BBB-4E00-8695-2A63E490235C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{B0DF4BB4-8BBB-4E00-8695-2A63E490235C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{B0DF4BB4-8BBB-4E00-8695-2A63E490235C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) . (.Symantec Corporation - Norton AntiVirus Auto-Protect Service.) - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: WajamUpdaterV3 (WajamUpdaterV3) . (.Wajam - Auto-updater.) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe =>Toolbar.Wajam
~ Services: 15 Legitimates Filtered in 00mn 06s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Apps\desktop\bg1280FR.BMP
O24 - Desktop General: WallPaper - .(...) - C:\Apps\desktop\bg1280FR.BMP
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsMonkey-15-codedownloader.job [1260] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsMonkey-15-enabler.job [1160] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsMonkey-15-firefoxinstaller.job [1888] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsMonkey-15-updater.job [1354] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Symantec NetDetect.job [368]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {2CF22C94-1369-4C04-9A5F-A4BC6D91B508}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail
O42 - Logiciel: LyricsMonkey-15 - (.knaShoel.) [HKLM] -- LyricsMonkey-15 =>Adware.AddLyrics
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam =>Toolbar.Wajam
~ Logic: 71 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\IM]
[HKCU\Software\IncrediMail]
[HKCU\Software\Wajam] =>Toolbar.Wajam
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\MetaStream] =>Adware.MetaStream
~ Key Software: 135 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/10/2013 - 12:58:40 - [26,257] ----D C:\Program Files\IncrediMail
O43 - CFD: 26/10/2013 - 19:05:21 - [5,819] ----D C:\Program Files\LyricsMonkey-15 =>Adware.AddLyrics
O43 - CFD: 26/10/2013 - 19:10:33 - [0,751] ----D C:\Program Files\Wajam =>Toolbar.Wajam
O43 - CFD: 30/11/2010 - 16:57:15 - [0,003] ----D D:\Documents and Settings\All Users\Application Data\5ac0000-159a-4549-600e-4eccae576bb9
O43 - CFD: 30/11/2010 - 17:15:01 - [0,019] ----D D:\Documents and Settings\All Users\Application Data\91b50000-2885-4f08-8453-47f3676f89ba
O43 - CFD: 30/11/2010 - 17:25:59 - [0,003] ----D D:\Documents and Settings\All Users\Application Data\e38a0000-6b1c-4f19-cd1-b63fba6e349c
O43 - CFD: 27/10/2013 - 13:00:14 - [0] ----D D:\Documents and Settings\All Users\Application Data\IM
O43 - CFD: 27/10/2013 - 12:58:40 - [6,575] ----D D:\Documents and Settings\All Users\Application Data\IncrediMail
O43 - CFD: 28/11/2010 - 22:13:37 - [0] --H-D D:\Documents and Settings\All Users\Application Data\{74E513D3-4879-4E42-A0B8-F85EE8C789EA}
O43 - CFD: 15/01/2011 - 22:06:00 - [7,602] --H-D D:\Documents and Settings\All Users\Application Data\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
O43 - CFD: 27/10/2013 - 13:06:59 - [91,209] ----D D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM
O43 - CFD: 28/10/2013 - 18:09:45 - [0] ----D D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\LyricsMonkey-15 =>Adware.AddLyrics
O43 - CFD: 27/10/2013 - 01:24:49 - [10,862] ----D D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}
O43 - CFD: 26/10/2013 - 19:09:40 - [0,001] ----D D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\Programmes\Wajam =>Toolbar.Wajam
~ Program Folder: 114 Legitimates Filtered in 00mn 19s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 26/10/2013 - 16:31:51 ---A- . (...) -- C:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.140A3B3D6A119B00CA91BADF24A19DBB] - 26/10/2013 - 16:34:54 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [1009]
O44 - LFC:[MD5.9D714B8A127330573916D14F9E205123] - 26/10/2013 - 19:08:39 ---A- . (...) -- C:\WINDOWS\win.ini [574]
O44 - LFC:[MD5.570C6A4F317DBEA883AE3A35523B8419] - 27/10/2013 - 01:26:00 ---A- . (...) -- C:\WINDOWS\HDReg.ini [7576]
O44 - LFC:[MD5.DFAB4113DE0C7CAEFB0ED57F58EDAAE4] - 27/10/2013 - 01:26:00 ---A- . (...) -- C:\WINDOWS\orun32.ini [829]
O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 29/10/2013 - 12:27:06 ---A- . (...) -- C:\WINDOWS\system32\BDEADMIN.CPL [183808]
O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 29/10/2013 - 12:27:06 ---A- . (...) -- C:\WINDOWS\system32\DBCLIENT.DLL [210032]
~ Files: 25 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.CFF10006DE0B22C2C39E943FE192E386] - 27/10/2013 - 12:59:45 ---A- - C:\WINDOWS\Prefetch\IMPCNT.EXE-1B8C02E4.pf
O45 - LFCP:[MD5.1632D53AD1E5D6F0B4BD7B3CB47CF1BD] - 27/10/2013 - 17:54:21 ---A- - C:\WINDOWS\Prefetch\INCREDIMAILSETUP_FR.EXE-18F250F0.pf
O45 - LFCP:[MD5.C1877B4F1FFC52E37C7DF49C72DD676A] - 28/10/2013 - 16:00:15 ---A- - C:\WINDOWS\Prefetch\NS31.TMP-1EDA4DB7.pf
O45 - LFCP:[MD5.30D105D15423E0DB53C512CC3D8E2C02] - 28/10/2013 - 16:16:26 ---A- - C:\WINDOWS\Prefetch\CCEMFLSV.EXE-068713CF.pf
O45 - LFCP:[MD5.64B7F685654C670538EB6A02414373F9] - 28/10/2013 - 16:52:52 ---A- - C:\WINDOWS\Prefetch\CLMLSERVICE.EXE-345CB2C6.pf
O45 - LFCP:[MD5.A946AD9CB7B5225164CBD49E3C78C44E] - 28/10/2013 - 18:09:38 ---A- - C:\WINDOWS\Prefetch\LYRICSMONKEY-15-BUTTONUTIL.EX-0DFEC8AE.pf =>Adware.AddLyrics
O45 - LFCP:[MD5.4948FD7059E7291DC36778BD7F22D48B] - 28/10/2013 - 18:09:46 ---A- - C:\WINDOWS\Prefetch\LYRICSMONKEY-15-BG.EXE-146F749F.pf =>Adware.AddLyrics
O45 - LFCP:[MD5.050E6EC25E0B022D686733EB53FAABC4] - 28/10/2013 - 18:09:48 ---A- - C:\WINDOWS\Prefetch\NSMDTR.EXE-36A973D5.pf
O45 - LFCP:[MD5.7ECDD4D9E34F2AC310DF9AAD1E7F54F1] - 29/10/2013 - 11:48:28 ---A- - C:\WINDOWS\Prefetch\IMAPP.EXE-244EFD49.pf
O45 - LFCP:[MD5.05FC85EE25109F1A51188853B5DD5731] - 29/10/2013 - 13:28:39 ---A- - C:\WINDOWS\Prefetch\INCMAIL.EXE-2A673D8E.pf
O45 - LFCP:[MD5.3480A1F94E2306EAEC78AFD821E745CD] - 29/10/2013 - 13:30:06 ---A- - C:\WINDOWS\Prefetch\IMNOTFY.EXE-0B3D61EF.pf
O45 - LFCP:[MD5.F00F147C04E7709C5DF6DB236FC45F04] - 29/10/2013 - 13:51:02 ---A- - C:\WINDOWS\Prefetch\NDETECT.EXE-2DABC14D.pf
O45 - LFCP:[MD5.CAE51C3B24E25A21C04D9FA11D0A81E7] - 29/10/2013 - 14:02:10 ---A- - C:\WINDOWS\Prefetch\LYRICSMONKEY-15-FIREFOXINSTAL-004834CF.pf =>Adware.AddLyrics
O45 - LFCP:[MD5.708695070C4CEDC39AB7E94F1E586653] - 29/10/2013 - 14:05:01 ---A- - C:\WINDOWS\Prefetch\LYRICSMONKEY-15-CODEDOWNLOADE-0166F9D3.pf =>Adware.AddLyrics
O45 - LFCP:[MD5.6213510618D833943A7ED2B6BC7F3C44] - 29/10/2013 - 14:05:01 ---A- - C:\WINDOWS\Prefetch\LYRICSMONKEY-15-ENABLER.EXE-01583E62.pf =>Adware.AddLyrics
O45 - LFCP:[MD5.74999C7B15D352FB464623EAB9D68F67] - 29/10/2013 - 15:36:51 ---A- - C:\WINDOWS\Prefetch\OPSCAN.EXE-0E9D5367.pf
~ Prefetcher: 76 Legitimates Filtered in 00mn 00s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install.exe" [Enabled] .(...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(1).exe" [Enabled] .(..) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(1).exe
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(2).exe" [Enabled] .(...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(2).exe (.not file.)
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(3).exe" [Enabled] .(...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(3).exe (.not file.)
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(4).exe" [Enabled] .(...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(4).exe (.not file.)
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(6).exe" [Enabled] .(...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(6).exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\IncMail.exe" [Enabled] .(.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImApp.exe" [Enabled] .(.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" [Enabled] .(.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\Bin\ImpCnt.exe
O47 - AAKE:Key Export SP - "D:\Documents and Settings\patrice.106646350315.002\Mes documents\Téléchargements\incredimail_install.exe" [Enabled] .(..) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Téléchargements\incredimail_install.exe
~ Keys Export: 19 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 17/08/2001 - 20:52:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\Drivers\asc.sys [26496]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 5 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 26/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Address Book\patrice.wab [176604]
O61 - LFC: 26/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Address Book\patrice.wab~ [176604]
O61 - LFC: 26/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [656]
O61 - LFC: 26/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Internet Explorer\brndlog.txt [13861]
O61 - LFC: 26/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20130910160258 [10]
O61 - LFC: 26/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\bookmarkbackups\bookmarks-2013-10-26.json [7284]
O61 - LFC: 26/10/2013 - 15:50:59 -S-A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Crypto\RSA\S-1-5-21-2573385195-2862984088-841898125-1006\984a41a082e9a042d7bfd1f9ed5918fa_5252d10c-8521-4710-b81e-aab4f56fa4b3 [48]
O61 - LFC: 26/10/2013 - 15:50:59 -SHA- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Internet Explorer\Desktop.htt [2562]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\content-prefs.sqlite [229376]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api.js [16973]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\asyncDB.js [4606]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\background.js [1298]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\browserAction.js [8811]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\contextMenu.js [5264]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\dbManager.js [4988]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\dom_bg.js [1892]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\firefox.js [258]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\firefoxNotifications.js [1021]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\firefoxOmnibox.js [1420]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\message.js [4840]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\pageAction.js [11162]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\request.js [2219]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\tabs.js [2781]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\api\webRequest.js [1066]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\background.html [2001]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\baseObject.js [19]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\browser.xul [4683]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\IDBWrapper.js [4073]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\console.js [1658]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\consts.js [2198]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\delegate.js [2085]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\extensionDataStore.js [8162]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\folderIOWrapper.js [3431]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\httpObserver.js [2561]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\installer.js [601]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\logFile.js [1467]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\prefs.js [1554]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\registry.js [1063]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\reloadObserver.js [1432]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\reports.js [3653]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\requestObject.js [1181]
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\searchSettings.js [3426] =>Adware.SearchSettings
O61 - LFC: 26/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\uninstallObserver.js [2372]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome.manifest [732]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\updateManager.js [8073]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\utils.js [19046]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\core\xhr.js [2701]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\dialog.js [1343]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\main.js [16347]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\options.js [1931]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\options.xul [1913]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\chrome\content\search_dialog.xul [2457]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\defaults\preferences\prefs.js [4002]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\125_arcadi2_m.js [930]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\126_revizer_ws_m.js [1340]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\127_revizer_p_m.js [1221]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\128_superfish_pricora_m.js [771] =>Adware.Pricora
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\129_widdit_m.js [593]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\135_arcadi3_m.js [930]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\138_getdeal_m.js [1424]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\141_corticas_ru_m.js.js [720]
O61 - LFC: 26/10/2013 - 15:51:01 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\142_intext_fa_m.js [819]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\155_ibario_pops_m.js [743]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\158_50onred_ads_only_no_fb_m.js [3090]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\159_cortica_rollover_m.js [783]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\170_icm1_5_m.js [6482]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\171_arcadi2_sourceID_m.js [1005]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js [989]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\plugins\175_coolmirage_m.js [3305]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\userCode\background.js [429]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\extensionData\userCode\extension.js [1538]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\install.rdf [1426]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\locale\en-US\translations.dtd [425]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\skin\popup.html [349]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\skin\skin.css [990]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\***@***\skin\update.css [140]
O61 - LFC: 26/10/2013 - 15:51:02 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [152114]
O61 - LFC: 26/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\indexedDB\chrome\.metadata [0]
O61 - LFC: 26/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\indexedDB\chrome\idb\2588645841ssegtnti.sqlite [524288]
O61 - LFC: 26/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\indexedDB\chrome\idb\768971675dbfd2c2n8y3s6a6m-oec2.sqlite [524288]
O61 - LFC: 26/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\secmod.db [16384]
O61 - LFC: 26/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\signons.sqlite [327680]
O61 - LFC: 26/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\times.json [29]
O61 - LFC: 26/10/2013 - 15:51:04 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Symantec\Shared\Sessions\20131026153822274.liveReg [13579]
O61 - LFC: 26/10/2013 - 15:51:04 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Bureau\Lecteur Windows Media.lnk [675] =>.Microsoft Corporation
O61 - LFC: 26/10/2013 - 15:52:42 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk [671]
O61 - LFC: 26/10/2013 - 15:52:42 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk [675] =>.Microsoft Corporation
O61 - LFC: 26/10/2013 - 15:52:42 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\Programmes\Internet Explorer.lnk [656]
O61 - LFC: 26/10/2013 - 15:52:42 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\Programmes\Lecteur Windows Media.lnk [675] =>.Microsoft Corporation
O61 - LFC: 26/10/2013 - 15:52:42 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Menu Démarrer\Programmes\Wajam\uninstall.lnk [579] =>Toolbar.Wajam
O61 - LFC: 26/10/2013 - 15:52:43 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\Firefox_Setup_21.0_fr.exe [640512]
O61 - LFC: 26/10/2013 - 15:52:43 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\avast_free_antivirus_setup01(1).exe.part [91742]
O61 - LFC: 26/10/2013 - 15:52:43 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\avast_free_antivirus_setup01.exe [0]
O61 - LFC: 26/10/2013 - 15:52:43 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Mes documents\Downloads\incredimail_install(1).exe [491784]
O61 - LFC: 27/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk [1619]
O61 - LFC: 27/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [625]
O61 - LFC: 27/10/2013 - 15:50:59 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\bookmarkbackups\bookmarks-2013-10-27.json [7284]
O61 - LFC: 27/10/2013 - 15:51:00 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\cookies.sqlite.bak [524288]
O61 - LFC: 27/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\mimeTypes.rdf [4135]
O61 - LFC: 27/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\pluginreg.dat [6746]
O61 - LFC: 27/10/2013 - 15:51:03 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Application Data\Mozilla\Firefox\Profiles\bokpemcp.default\search.json [11641]
O61 - LFC: 27/10/2013 - 15:51:05 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Animation\letter_fold.ima [14756]
O61 - LFC: 27/10/2013 - 15:51:05 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Animation\page_up.ima [14082]
O61 - LFC: 27/10/2013 - 15:51:05 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Animation\shreds.ima [24115]
O61 - LFC: 27/10/2013 - 15:51:05 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\DomainsFavicons\euskalnet.net.ico [1406]
O61 - LFC: 27/10/2013 - 15:51:06 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\DomainsFavicons\rcn.com.ico [1406]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\birthday_faces.imf [3341]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\birthday_smiles.imf [12588]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\blessings_of_peace.imf [12143]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\bright_smile.imf [5383]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\cute_together.imf [17430]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\happy_ballons.imf [4722]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\have_a_nice_day.imf [2748]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\have_fun.imf [7895]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\hello.imf [3966]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\international_thanks.imf [4386]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\lovely_day.imf [17583]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\simple_but_good_d.imf [10840]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\sunny_day.imf [7736]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Ecard\your_special_day_d.imf [11288]
O61 - LFC: 27/10/2013 - 15:51:07 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Emoticon\signatures.ime [29363]
O61 - LFC: 27/10/2013 - 15:51:07 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\DomainsFavicons\spray.se.ico [15086]
O61 - LFC: 27/10/2013 - 15:51:07 ---A- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\DomainsFavicons\verat.net.ico [1150]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\balloons.imi [3135]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\blooming_rose.imi [2400]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\cake.imi [7233]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\chickadee.imi [2832]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\dancing_flower.imi [2964]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\growing_bouquet.imi [3272]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\growing_heart.imi [4546]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\jumping_around.imi [3324]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\kissing_lips.imi [4884]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\ladybug.imi [6214]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\laughing.imi [4909]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\little_kitten.imi [4846]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\shining_hello.imi [3100]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\smiley_cat.imi [3775]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\teasing.imi [4772]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\thumbs_up.imi [7548]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\trigger_baby.imi [2968]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\trigger_characters.imi [2662]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\trigger_love.imi [2770]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\waving_chicken.imi [3760]
O61 - LFC: 27/10/2013 - 15:51:13 ----- . (...) -- D:\Documents and Settings\patrice.106646350315.002\Local Settings\Application Data\IM\Image\wa

19 réponses

Réponse 1 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
30 oct. 2013 à 11:49
Hello

2 antivirus!

Pas de sp3 IE pas à jour =>faille de sécurité

Rapport trop long héberges le sur cjoint
0
pat
30 oct. 2013 à 11:59
merci , mais que doit je faire
0
Réponse 2 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
Modifié par lilidurhone le 30/10/2013 à 12:08
* Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.

* Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt

* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir

* Choisis le type de diffusion(je te conseille privée 4 jours il sera détruit)

* Puis cliques sur créer le lien cjoint

* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse

* Pour t'aider http://www.pc-infopratique.com/forum-informatique/tutoriel-heberger-rapport-vt-67934.html

Pourquoi l'attribut résolu???



Si problème il y a il existe toujours une solution
N'oubliez pas de mettre votre sujet en résolu
0
pat
30 oct. 2013 à 12:12
je doit refaire un ZHPDiag c est ca que veut dire.
0
Réponse 3 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
30 oct. 2013 à 12:22
Non héberger le rapport sans rien modifier(nom de session)
0
Réponse 4 / 19
pat
30 oct. 2013 à 12:27
http://cjoint.com/?CJEmAMIYBIC
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
30 oct. 2013 à 13:51
Tu as dû installer des logiciels potentiellement indésirables


Pour éviter ce genre de problème :

- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.


- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

* Télécharge cet outil simple d'utlisation

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (de Xplode) sur ton bureau.


* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus

* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]

* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
0
Réponse 6 / 19
pat
30 oct. 2013 à 16:11
voila le resultat de AdwCleaner apres un scanner :# AdwCleaner v3.010 - Rapport créé le 30/10/2013 à 16:02:11
# Mis à jour le 20/10/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
# Nom d'utilisateur : patrice - 106646350315
# Exécuté depuis : D:\Documents and Settings\patrice.106646350315.002\Mes documents\Téléchargements\adwcleaner-3.010(3).exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : D:\Documents and Settings\All Users\Application Data\Viewpoint
Dossier Supprimé : C:\Program Files\Viewpoint
[!] Dossier Supprimé : C:\Program Files\Wajam
[!] Dossier Supprimé : C:\Program Files\LyricsMonkey-15
Dossier Supprimé : C:\Program Files\Software
Fichier Supprimé : D:\END
Fichier Supprimé : C:\WINDOWS\Tasks\LyricsMonkey-15-codedownloader.job
Fichier Supprimé : C:\WINDOWS\Tasks\LyricsMonkey-15-enabler.job
Fichier Supprimé : C:\WINDOWS\Tasks\LyricsMonkey-15-firefoxinstaller.job
Fichier Supprimé : C:\WINDOWS\Tasks\LyricsMonkey-15-updater.job

***** [ Raccourcis ] *****


***** [ Registre ] *****

Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0043910.BHO
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0043910.BHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0043910.Sandbox
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0043910.Sandbox.1
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Software updater]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411391110}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455395510}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466396610}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444394410}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391110}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411391110}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411391110}
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\Wajam
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\LyricsMonkey-15
Clé Supprimée : HKLM\Software\InstalledThirdPartyPrograms
Clé Supprimée : HKLM\Software\MetaStream
Clé Supprimée : HKLM\Software\Viewpoint
Clé Supprimée : HKLM\Software\Wajam
Clé Supprimée : HKLM\Software\LyricsMonkey-15
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LyricsMonkey-15
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\LyricsMonkey-15

***** [ Navigateurs ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v25.0 (fr)

*************************

AdwCleaner[R0].txt - [5356 octets] - [30/10/2013 16:01:10]
AdwCleaner[S0].txt - [5357 octets] - [30/10/2013 16:02:11]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [5417 octets] ##########
0
Réponse 7 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
30 oct. 2013 à 17:14
Il faudrait que tu lances Windows update pour mettre le sp3 et IE8
0
pat
30 oct. 2013 à 17:55
oui , mais comment faire et merci de m aider
0
Réponse 8 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
30 oct. 2013 à 19:09
Menu démarrer>tous les accessoires>windows update>rechercher les mises à jour
0
pat
30 oct. 2013 à 20:46
je ne êut pas alle dans windows update il me met erreur[Numéro d'erreur : 0x80190194 et dans centre de securite la protection antivirus et desactiver et pas moyen de la reactiver
0
Réponse 9 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
30 oct. 2013 à 20:49
Ok

Passe cet outil

=> http://www.security-helpzone.com/gen-hackman/pre_scan-2/canned-speech/
0
Réponse 10 / 19
pat
31 oct. 2013 à 12:50
ok mais moi c est norton internet security et impossible de le desinstaler.
0
Réponse 11 / 19
pat
31 oct. 2013 à 17:10
salut ,grand merci,j ai pu supprimee norton et j ai instaler avast, du coup la protection antivirus et activee , mais j ai toujour le probleme avec windows update ,il me met [Numéro d'erreur : 0x80190194. ese grave si non on laisse tomdee ,tu ma assez aider ,meme beaucoup aider ,merci.
0
Réponse 12 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
31 oct. 2013 à 17:19
https://forums.commentcamarche.net/forum/affich-29003988-tres-lent#13

0
Réponse 13 / 19
pat
31 oct. 2013 à 17:27
ta pages ne donne rien.
0
Réponse 14 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
31 oct. 2013 à 17:51
http://www.security-helpzone.com/gen-hackman/pre_scan-2/canned-speech/
0
Réponse 15 / 19
pat
1 nov. 2013 à 12:25
salut , je ne comprend pas ce que je doit faire.merci
0
Réponse 16 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
2 nov. 2013 à 07:22
Tu dois l'utiliser
0
Réponse 17 / 19
pat
2 nov. 2013 à 16:30
voila cet fait ,j ai desactiver avast et j ai le scan. sa a durer longtemps. et maintenant que doit je faire
0
Réponse 18 / 19
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 19 juillet 2024 3 807
2 nov. 2013 à 16:31
Poster le rapport.....
0
Réponse 19 / 19
pat
4 nov. 2013 à 18:04
voila il y a un probleme ,le scan se fait et bout d un bon moment il arrete et au millieu de l ecran il y a un carree et c est inscrit , UPLOADING VIRUSES TO SERVER. et le scan ne redemare plus.
0

Discussions similaires

clavier subitement lent !
remi18 -
MB -

83 réponses
Téléchargement très lent malgré un bon débit
tpez -
tpez -

6 réponses
Pourquoi le téléchargement dans STEAM est aussi lent ?
steve17 -
Caillou0201 -

250 réponses
Téléchargement vraiment très lent
Foxen_Enzo -
bazfile -

5 réponses
Mon Mac est très lent avec une rosace qui tourne
monick88 -
Utilisateur anonyme -

3 réponses