15 sujets de 1 à 15 (sur un total de 20)
  • Auteur
    Messages
  • Dakapi
    Participant
    Nombre d'articles : 12

    Bonjour
    Ce site m’a été recommandé pour son sérieux et sa réactivité.
    J’ai je crois un problème fréquent:
    Je travaille sur pc avec windows 7
    Les dossiers figurant sur ma clef usb sont transformés en raccourcis (emplacement: cmd: cwindowssystem32) ??
    Je peux travailler dessus sur la clef même mais ils sont non copiables..
    Les sous-dossiers semblent eux normaux et copiables.
    J’ai reformaté la clef, j’ai analysé tout le système ( clef et pc) avec Outpost security suite pro 8.1.2 et il n’a rien trouvé ??
    J’ai visionné le forum et ce cas semble assez fréquent.
    J’ai installé usbfix sur le bureau mais avant tout je préfère être conseillé.
    J’ai effectué différentes analyses, les rapports sont joints.
    D’avance merci et bonne journée à tous.

    [spoiler:3ciw0n63]Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    http://www.malwarebytes.org » onclick= »window.open(this.href);return false;

    Version de la base de données: v2013.11.27.05

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16736
    Daniel :: DANIEL-PC [administrateur]

    Protection: Activé

    27/11/2013 15:39:22
    mbam-log-2013-11-27 (15-39-22).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 232350
    Temps écoulé: 12 minute(s), 36 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 2
    HKCUSoftwareDatamngr (PUP.Optional.DataMngr.A) -> Mis en quarantaine et supprimé avec succès.
    HKLMSOFTWAREBabylonToolbar (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 1
    C:UsersDanielAppDataRoamingBabylon (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.

    Fichier(s) détecté(s): 8
    C:UsersDanielDownloadsPDF-XChange Viewer.exe (PUP.Optional.Firseria) -> Mis en quarantaine et supprimé avec succès.
    C:UsersDanielDownloadsSoftonicDownloader_pour_pdf-xchange-viewer.exe (PUP.Optional.Softonic.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersDanielDownloadsSoftonicDownloader_pour_sweet-home-3d (plan maison).exe (PUP.Optional.Softonic.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersDanielDownloadsDirectX.exe (PUP.AdBundler) -> Mis en quarantaine et supprimé avec succès.
    C:UsersDanielLocal SettingsTemporary Internet FilesContent.IE5X3UWFF43Pass Revelator 1.exe (PUP.BundleInstaller.A) -> Mis en quarantaine et supprimé avec succès.
    C:ProgramDatadsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Mis en quarantaine et supprimé avec succès.
    C:ProgramDatalsass.exe (Trojan.Delf) -> Mis en quarantaine et supprimé avec succès.
    C:UsersDanielAppDataRoamingBabylonlog_file.txt (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.

    2013/11/27 15:38:03 +0100 DANIEL-PC Daniel MESSAGE Executing scheduled update: Daily
    2013/11/27 15:38:09 +0100 DANIEL-PC Daniel MESSAGE Starting protection
    2013/11/27 15:38:09 +0100 DANIEL-PC Daniel MESSAGE Protection started successfully
    2013/11/27 15:38:09 +0100 DANIEL-PC Daniel MESSAGE Starting IP protection
    2013/11/27 15:38:31 +0100 DANIEL-PC Daniel MESSAGE IP Protection started successfully
    2013/11/27 15:38:40 +0100 DANIEL-PC Daniel MESSAGE Starting database refresh
    2013/11/27 15:38:40 +0100 DANIEL-PC Daniel MESSAGE Stopping IP protection
    2013/11/27 15:38:41 +0100 DANIEL-PC Daniel MESSAGE Scheduled update executed successfully: database updated from version v2013.04.04.07 to version v2013.11.27.05
    2013/11/27 15:38:42 +0100 DANIEL-PC Daniel MESSAGE IP Protection stopped successfully
    2013/11/27 15:38:44 +0100 DANIEL-PC Daniel MESSAGE Database refreshed successfully
    2013/11/27 15:38:44 +0100 DANIEL-PC Daniel MESSAGE Starting IP protection
    2013/11/27 15:38:47 +0100 DANIEL-PC Daniel MESSAGE IP Protection started successfully
    2013/11/27 15:57:14 +0100 DANIEL-PC (null) MESSAGE Starting protection
    2013/11/27 15:57:14 +0100 DANIEL-PC (null) MESSAGE Protection started successfully
    2013/11/27 15:57:14 +0100 DANIEL-PC (null) MESSAGE Starting IP protection
    2013/11/27 15:57:17 +0100 DANIEL-PC (null) MESSAGE IP Protection started successfully
    2013/11/27 16:11:43 +0100 DANIEL-PC (null) MESSAGE Starting protection
    2013/11/27 16:11:43 +0100 DANIEL-PC (null) MESSAGE Protection started successfully
    2013/11/27 16:11:43 +0100 DANIEL-PC (null) MESSAGE Starting IP protection
    2013/11/27 16:11:46 +0100 DANIEL-PC Daniel MESSAGE IP Protection started successfully

    (fin)[/spoiler:3ciw0n63]

    Dakapi
    Participant
    Nombre d'articles : 12

    Rapport ZHPdiag début

    [spoiler:msd0ibb0]Rapport de ZHPDiag v2013.11.26.56 – Nicolas Coolman (26/11/2013)
    ~ Lancé par Daniel (27/11/2013 16:17:00)
    ~ Adresse du Site Web http://nicolascoolman.webs.com » onclick= »window.open(this.href);return false;
    ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ » onclick= »window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16736
    MFIE: Mozilla Firefox 24.0
    GCIE: Google Chrome v31.0.1650.57 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    Software Protection Service (Protection logicielle) : KO
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7

    —\ Logiciels d'optimisation du système
    CCleaner v4.06 =>Piriform Ltd

    —\ Logiciels de partage PeerToPeer
    eMule

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 Plugin
    Adobe Reader XI

    —\ Informations sur le système
    ~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3061 MB (42% free)
    System Restore: Activé (Enable)
    System drive C: has 62 GB (13%) free of 466 GB

    —\ Mode de connexion au système
    ~ Computer Name: DANIEL-PC
    ~ User Name: Daniel
    ~ All Users Names: UpdatusUser, HomeGroupUser$, Daniel, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersDanielAppDataRoamingZHP
    ~ %AppData% : C:UsersDanielAppDataRoaming
    ~ %Desktop% : C:UsersDanielDesktop
    ~ %Favorites% : C:UsersDanielFavorites
    ~ %LocalAppData% : C:UsersDanielAppDataLocal
    ~ %StartMenu% : C:UsersDanielAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 62 Go of 466 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 53 Go of 279 Go)
    E: CD-ROM drive (Free 0 Go of 3 Go)
    F: Floppy drive, Flash card reader, USB Key (Free 14 Go of 14 Go)
    G: Floppy drive, Flash card reader, USB Key (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 38 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 06:30:54.) — C:WindowsExplorer.exe [2616320]
    [MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
    [MD5.5FD4335DCD343D0FEA9FA6B18ED408D9] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.12/10/2013 – 08:03:50.) — C:WindowsSystem32wininet.dll [1767936]
    [MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 13:17:54.) — C:WindowsSystem32Winlogon.exe [286720]
    [MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 13:21:24.) — C:WindowsSystem32sppcomapi.dll [193536]
    [MD5.F81BB7E487EDCEAB630A7EE66CF23913] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 01:48:58.) — C:Windowssystem32DriversAFD.sys [338944]
    [MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
    [MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
    [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 09:38:10.) — C:Windowssystem32DriversCdrom.sys [108544]
    [MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 09:42:32.) — C:Windowssystem32DriversDfsC.sys [78336]
    [MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 10:59:29.) — C:Windowssystem32DriversHDAudBus.sys [108544]
    [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
    [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
    [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:17:22.) — C:Windowssystem32DriversMRxSmb.sys [123904]
    [MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 09:39:44.) — C:Windowssystem32DriversnetBT.sys [187904]
    [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 14:45:29.) — C:Windowssystem32Driversntfs.sys [1211752]
    [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
    [MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
    [MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 09:39:17.) — C:Windowssystem32Driverstdx.sys [74752]
    [MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 13:30:16.) — C:Windowssystem32Driversvolsnap.sys [245632]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/72
    ~ Mes musiques (My Musics) : 1/4791
    ~ Mes Videos (My Videos) : 1/18
    ~ Mes Favoris (My Favorites) : 1/50
    ~ Mes Documents (My Documents) : 2/45495
    ~ Mon Bureau (My Desktop) : 1/87
    ~ Menu demarrer (Programs) : 1/35
    ~ Hidden Files: Scanned in 01mn 15s

    —\ Processus lancés
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe [532040] [PID.2548]
    [MD5.8DB62562AA6BB35DCFE4F8DB83AA380C] – (.Microsoft Corporation – IType.exe.) — c:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1105616] [PID.2760]
    [MD5.B8EADA2A80E7A2260559E7DB0199F6A5] – (.Microsoft Corporation – IPoint.exe.) — c:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [1685200] [PID.3296]
    [MD5.9AF8DBF008241E0B48B228A9219337E7] – (.ASUSTeK – ASUSTeKRCAppl.) — C:Program FilesASUSP7131Remote ControlP7131RemoteAppl.exe [65536] [PID.3636]
    [MD5.CC59622DB1F46F1D253C5CA2949C89A6] – (.Space Sciences Laboratory – BOINC Manager for Windows.) — C:Program FilesBOINCboincmgr.exe [3663024] [PID.2580]
    [MD5.3E038E2C97F63E8CE539746F5E81E4FA] – (.Space Sciences Laboratory – BOINC System Tray for Windows.) — C:Program FilesBOINCboinctray.exe [70832] [PID.2776]
    [MD5.C374EE8DE8267DB4206393237B6E940A] – (.Adobe Systems Incorporated – Adobe Creative Cloud.) — C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe [2236816] [PID.3072]
    [MD5.10E89F598469C60D8C87A8218089A87D] – (.Akamai Technologies, Inc. – Akamai NetSession Client.) — C:UsersDanielAppDataLocalAkamainetsession_win.exe [4489472] [PID.3420]
    [MD5.6B06FF37263E4B3978FD358F610FAB92] – (.Hewlett-Packard Co. – ScanToPCActivationApp.) — C:Program FilesHPHP Officejet 6700BinScanToPCActivationApp.exe [1804648] [PID.3516]
    [MD5.D1AB72DB2BEDD2F255D35DA3DA0D4B16] – (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe [141824] [PID.3540]
    [MD5.51138BEEA3E2C21EC44D0932C71762A8] – (…) — ystem32RunDll32.exe [0] [PID.3604]
    [MD5.C64E9B1C9EA057DCECDCB98F34377811] – (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program FilesMicrosoft OfficeOffice14ONENOTEM.exe [228552] [PID.3836]
    [MD5.6D530E8E65A57B45AB9CAD69E4220B53] – (.Hewlett-Packard Co. – HPNetworkCommunicator.) — C:Program FilesHPHP Officejet 6700binHPNetworkCommunicator.exe [643944] [PID.4080]
    [MD5.84B50C4B417C4B2C4F199BC438D8B270] – (.Space Sciences Laboratory – BOINC client.) — C:Program FilesBOINCboinc.exe [930992] [PID.2820]
    [MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] – (.NVIDIA Corporation – NVIDIA Settings.) — C:Program FilesNVIDIA CorporationDisplaynvtray.exe [1821984] [PID.3832]
    [MD5.D3242FF9E28EAFC77EACB2B8956724C3] – (.Adobe Systems Incorporated – Adobe CEP Service Manager.) — C:Program FilesCommon FilesAdobeCEPServiceManager4CEPServiceManager.exe [1039240] [PID.700]
    [MD5.84F821143BAC636723043F284C2FDA75] – (.Pas de propriétaire – Core Sync.) — C:Program FilesAdobeAdobe Creative CloudCoreSyncCoreSync.exe [4578672] [PID.1380]
    [MD5.D7D5768B8A697FCBAEE2CFE137070F02] – (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe [770736] [PID.5136]
    [MD5.BB4F6465EEB9ACAA5C60C36983740219] – (.Google Inc. – Google Toolbar Broker.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser_32.exe [310352] [PID.5180] =>Toolbar.Google
    [MD5.39A26778EC10928572664729F8FEA7DE] – (.Adobe Systems Incorporated – Adobe® Flash® Player Installer/Uninstaller.) — C:Windowssystem32MacromedFlashFlashUtil32_11_9_900_117_ActiveX.exe [829832] [PID.5796]
    [MD5.9E237EB754D86D63B1E39AD3D97292FA] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8253952] [PID.2816]
    [MD5.4860944ABF2F8EAB74039A3A132B9995] – (.Microsoft Corporation – Écran de veille photos Windows Live.) — C:WindowsWLXPGSS.scr [302448] [PID.1176]
    [MD5.E4284FCF99FEA13A7E1836F87AE356F6] – (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 311.0.) — C:Windowssystem32nvvsvc.exe [639776] [PID.784]
    [MD5.5A19667A580B1CE886EAF968B9743F45] – (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) — C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe [383264] [PID.808]
    [MD5.8619BE54EC51A74A2C3F82B313AB445E] – (.NVIDIA Corporation – NVIDIA User Experience Driver Component.) — C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe [873248] [PID.1576]
    [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [65640] [PID.1848]
    [MD5.1778EBA872274C1226D869CD9486847E] – (.InterVideo Inc. – Capture Device Service.) — C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe [198168] [PID.1868]
    [MD5.4F9A19ED19FFFCD985A598C660546E80] – (.Intel Corporation – Intel® PROSet Monitoring Service.) — C:Windowssystem32IProsetMonitor.exe [133280] [PID.1956]
    [MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe [418376] [PID.116]
    [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe [701512] [PID.344]
    [MD5.543A4EF0923BF70D126625B034EF25AF] – (.Protexis Inc. – PsiService PsiService.) — c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [189728] [PID.652]
    [MD5.19470745C30A26C4196256470404BB30] – (…) — C:Program FilesASUSP7131Remote ControlRCService.exe [61440] [PID.1132]
    [MD5.CF7B0E597C1F34E528285495721DEEE9] – (.Google Inc. – Google Crash Handler.) — C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe [237960] [PID.3676]
    ~ Processes Running: Scanned in 00mn 02s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersDanielAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.17.1.2.1 (Désactivé) =>Toolbar.AVGSearch
    ~ Google Browser: 15 Legitimates Filtered in 00mn 05s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride =
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 23

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Consommables HP Officejet 6700.lnk . (.Hewlett-Packard Co. – DesktopSureSupply.) — C:Program FilesHPHP Officejet 6700BinhpqDTSS.exe =>.Hewlett-Packard Co
    O4 – GSDesktop [Public]: eID Viewer.lnk . (.FedICT – eID Viewer.) — C:Program FilesBelgium Identity CardEidViewereID Viewer.exe
    O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Public]: Google Docs.lnk . (.Google – Google Drive.) — C:Program FilesGoogleDrivegoogledrivesync.exe
    O4 – GSDesktop [Public]: Google Sheets.lnk . (.Google – Google Drive.) — C:Program FilesGoogleDrivegoogledrivesync.exe
    O4 – GSDesktop [Public]: Google Slides.lnk . (.Google – Google Drive.) — C:Program FilesGoogleDrivegoogledrivesync.exe
    O4 – GSDesktop [Public]: HP ePrintCenter – HP Officejet 6700.lnk . (.Google – Google Earth.) — C:Program FilesHPHP Officejet 6700ePrintCenterShortcut.url =>.Google Inc
    O4 – GSDesktop [Public]: HP Officejet 6700.lnk . (.Hewlett-Packard Co. – HP Printer Software.) — C:Program FilesHPHP Officejet 6700BinHP Officejet 6700.exe =>.Hewlett-Packard Co
    O4 – GSDesktop [Public]: Inkscape.lnk . (.inkscape.org – Inkscape.) — C:Program FilesInkscapeinkscape.exe
    O4 – GSDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSDesktop [Public]: Speccy.lnk . (.Piriform Ltd – Speccy.) — C:Program FilesSpeccySpeccy.exe
    O4 – GSProgram [Public]: Inkscape.lnk . (.inkscape.org – Inkscape.) — C:Program FilesInkscapeinkscape.exe
    O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSQuickLaunch [UpdatusUser]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [Daniel]: Artisteer 4.lnk . (.ExtenSoft – Artisteer.) — C:Program FilesArtisteer 4binArtisteer.exe
    O4 – GSQuickLaunch [Daniel]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [Daniel]: Inkscape.lnk . (.inkscape.org – Inkscape.) — C:Program FilesInkscapeinkscape.exe
    O4 – GSQuickLaunch [Daniel]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSTaskBar [Daniel]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSProgram [Daniel]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSSystemTools [Daniel]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSDesktop [Daniel]: ArchiFacile.lnk . (…) — C:UsersDanielDownloadsArchiFacile.exe
    O4 – GSDesktop [Daniel]: Artisteer 4.lnk . (.ExtenSoft – Artisteer.) — C:Program FilesArtisteer 4binArtisteer.exe
    O4 – GSDesktop [Daniel]: Audacity.lnk . (.The Audacity Team – Audacity®, the Free, Cross-Platform Sound E.) — C:Program FilesAudacityaudacity.exe =>.The Audacity Team
    O4 – GSDesktop [Daniel]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. – Video Editor.) — C:Program FilesAVS4YOUAVSVideoEditorAVSVideoEditor.exe
    O4 – GSDesktop [Daniel]: Calculator.lnk . (.Microsoft Corporation – Calculatrice de Windows.) — C:Windowssystem32calc.exe =>.Microsoft Corporation
    O4 – GSDesktop [Daniel]: Dreamweaver.lnk . (.Adobe Systems, Inc. – Adobe Dreamweaver CC.) — C:Program FilesAdobeAdobe Dreamweaver CCDreamweaver.exe
    O4 – GSDesktop [Daniel]: EdgeAnimate.lnk . (.Adobe Systems, Incorporated – Adobe Edge Animate.) — C:Program FilesAdobeAdobe Edge Animate CCEdgeAnimate.exe
    O4 – GSDesktop [Daniel]: FileZilla.lnk . (.FileZilla Project – FileZilla FTP Client.) — C:Program FilesFileZilla FTP Clientfilezilla.exe
    O4 – GSDesktop [Daniel]: Fireworks.lnk . (.Adobe Systems Incorporated – Adobe Fireworks CS6.) — C:Program FilesAdobeAdobe Fireworks CS6Fireworks.exe
    O4 – GSDesktop [Daniel]: geek.exe – Raccourci.lnk . (.Geek Uninstaller Software – Geek Unіnstaller.) — C:UsersDanielDownloadsgeekgeek.exe
    O4 – GSDesktop [Daniel]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP – GNU Image Manipulation Program.) — C:Program FilesGIMP 2bingimp-2.8.exe
    O4 – GSDesktop [Daniel]: Illustrator.lnk . (.Adobe Systems Inc. – Adobe Illustrator CC.) — C:Program FilesAdobeAdobe Illustrator CCSupport FilesContentsWindowsIllustrator.exe
    O4 – GSDesktop [Daniel]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSDesktop [Daniel]: Microsoft Word 2010.lnk . (…) — C:WindowsInstaller{90140000-003D-0000-0000-0000000FF1CE}wordicon.exe
    O4 – GSDesktop [Daniel]: Nero – Burning Rom.lnk . (…) — C:WindowsInstaller{A4D7B764-4140-11D4-88EB-0050DA3579C0}_4F17E5CE3D74_48FA_AD81_4AC0C484FCD7.exe
    O4 – GSDesktop [Daniel]: Notepad++.lnk . (.Don HO don.h@free.fr – Notepad++ : a free (GNU) source code editor.) — C:Program FilesNotepad++notepad++.exe
    O4 – GSDesktop [Daniel]: Photoshop.lnk . (.Adobe Systems, Incorporated – Adobe Photoshop CC.) — C:Program FilesAdobeAdobe Photoshop CCPhotoshop.exe
    O4 – GSDesktop [Daniel]: Snipping Tool.lnk . (.Microsoft Corporation – Outil Capture.) — C:Windowssystem32SnippingTool.exe =>.Microsoft Corporation
    O4 – GSDesktop [Daniel]: WampServer.lnk . (.Aestan Software – Aestan Tray Menu.) — C:wampwampmanager.exe
    O4 – GSDesktop [Daniel]: Windows Live Mail.lnk . (.Microsoft Corporation – Windows Live Mail.) — C:Program FilesWindows LiveMailwlmail.exe =>.Microsoft Corporation
    O4 – GSDesktop [Daniel]: ZHPFix.lnk . (.Nicolas Coolman – ZHPDiag Setup.) — C:Program FilesZHPDiagZHPFixZHPhep.exe =>.Nicolas Coolman
    ~ Global Startup: 176 Legitimates Filtered in 00mn 17s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – GSStartup [Daniel]: Alertes de surveillance de l'encre – HP Officejet 6700 (réseau).lnk . (.Hewlett-Packard Co. – Print Driver Status Business Logic.) — C:Program FilesHPHP Officejet 6700binHPStatusBL.dll =>.Hewlett-Packard Co
    O4 – GSStartup [Daniel]: OneNote 2010 – Capture d’écran et lancement.lnk . (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program FilesMicrosoft OfficeOffice14ONENOTEM.exe =>.Microsoft Corporation
    O4 – HKLM..Run: [P7131Appl] . (.ASUSTeK – ASUSTeKRCAppl.) — C:Program FilesASUSP7131Remote ControlP7131RemoteAppl.exe
    O4 – HKLM..Run: [NeroCheck] . (.Ahead Software Gmbh – NeroCheck.) — C:Windowssystem32NeroCheck.exe
    O4 – HKLM..Run: [boincmgr] . (.Space Sciences Laboratory – BOINC Manager for Windows.) — C:Program FilesBOINCboincmgr.exe
    O4 – HKLM..Run: [boinctray] . (.Space Sciences Laboratory – BOINC System Tray for Windows.) — C:Program FilesBOINCboinctray.exe
    O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated – Adobe Creative Cloud.) — C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe
    O4 – HKLM..Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated – Adobe CS6 Service Manager.) — C:Program FilesCommon FilesAdobeCS6ServiceManagerCS6ServiceManager.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] C:UsersDanielAppDataLocalTempcis18EF.exe (.not file.)
    O4 – HKLM..Run: [OutpostMonitor] . (.Agnitum Ltd. – Outpost User Interface.) — C:Program FilesAgnitumOutpost Security Suite Proop_mon.exe
    O4 – HKCU..Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. – Akamai NetSession Client.) — C:UsersDanielAppDataLocalAkamainetsession_win.exe
    O4 – HKCU..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengerMsnMsgr.exe
    O4 – HKCU..Run: [HP Officejet 6700 (NET)] . (.Hewlett-Packard Co. – ScanToPCActivationApp.) — C:Program FilesHPHP Officejet 6700BinScanToPCActivationApp.exe =>.Hewlett-Packard Co
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
    O4 – HKCU..Run: [flashmemory] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. – Akamai NetSession Client.) — C:UsersDanielAppDataLocalAkamainetsession_win.exe
    O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengerMsnMsgr.exe
    O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [HP Officejet 6700 (NET)] . (.Hewlett-Packard Co. – ScanToPCActivationApp.) — C:Program FilesHPHP Officejet 6700BinScanToPCActivationApp.exe =>.Hewlett-Packard Co
    O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
    O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [flashmemory] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation – Windows Live Messenger Companion core resources.) — C:Program FilesWindows LiveCompanioncompanionres.dll
    O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office14ONBttnIE.dll =>.Microsoft Corporation
    O9 – Extra button: Notes &liées OneNote – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office14ONBTTN~1.dll =>.Microsoft Corporation
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 – DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} ((no name)) – https://oas.support.microsoft.com/ActiveX/MSDcode.cab » onclick= »window.open(this.href);return false;
    O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) – http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab » onclick= »window.open(this.href);return false;
    ~ Objets ActiveX: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: NameServer = 8.26.56.26,156.154.70.22
    O17 – HKLMSystemCCSServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: NameServer = 8.26.56.26,156.154.70.22
    O17 – HKLMSystemCS1ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: NameServer = 8.26.56.26,156.154.70.22
    O17 – HKLMSystemCS2ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Windows Live Album Download Protocol Handle.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O18 – Filter: text/xml – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.Agnitum Ltd. – Outpost Hooking Module.) – C:Program FilesAgnitumOutpost Security Suite Prowl_hook.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: RCSERVICE (RCSERVICE) . (…) – C:Program FilesASUSP7131Remote ControlRCService.exe
    O23 – Service: (vToolbarUpdater17.1.2) . (…) – C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
    ~ Services: 12 Legitimates Filtered in 00mn 17s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{6E06B62D-F063-4BC1-BEF1-068B1ACA37A2}] (…) — C:Program FilesComodoCOMODO Internet Securitycmdinstall.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{8D967302-BCF9-4BC8-A399-2CB1B1B0F609}] (…) — C:ADOBE CS2 V.9Adobe_CS2_KeyGenCrack Activation Photoshop CS2 Fr.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{930FAA61-9393-4879-88BD-3FEB8958F3F2}] (…) — E:ADOBE CS2 V.9Crack Activation Photoshop CS2 Fr.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{A9D320A4-CBCA-43C3-9E5B-6C8AF4392C2D}] (…) — E:ADOBE CS2 V.9Adobe(R) Photoshop(R) CS2Crack Activation Photoshop CS2 Fr.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{CF33EFED-1CFF-4C90-ADB4-92E8AF300596}] (…) — C:Program FilesComodoCOMODOCOMODO Internet Securitycmdinstall.exe (.not file.) [0]
    [MD5.1502DC9C274924A6D8025D30BA7A221C] [APT] [{F73BEBE7-8F29-485C-AE10-E28B6AACA272}] (.FedICT.) — C:Program FilesBelgium Identity CardEidViewereID Viewer.exe [10737869]
    ~ Scheduled Task: 23 Legitimates Filtered in 00mn 12s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Pizzicato 3.6 – (…) [HKLM] — Pizzicato 3.6
    ~ Logic: 14 Legitimates Filtered in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareARPEGE]
    [HKLMSoftwareARPEGE]
    [HKLMSoftwareYouyan]
    ~ Key Software: 285 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 19/06/2013 – 12:37:47 – [0,258] —-D C:Program FilesBeID Minidriver
    O43 – CFD: 18/09/2012 – 18:41:29 – [1,163] —-D C:Program FilesImageGrab
    O43 – CFD: 1/10/2012 – 10:10:18 – [52,583] —-D C:Program FilesPizzicato 3.x
    O43 – CFD: 16/11/2013 – 23:23:42 – [2,159] —-D C:ProgramDataPrivacyware
    O43 – CFD: 9/10/2013 – 15:00:57 – [0] -SH-D C:ProgramData{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    O43 – CFD: 30/04/2013 – 08:07:07 – [0] —-D C:UsersDanielAppDataRoamingEhuz
    O43 – CFD: 30/04/2013 – 08:07:06 – [0] —-D C:UsersDanielAppDataRoamingItcyd
    O43 – CFD: 13/11/2013 – 16:48:42 – [0,009] —-D C:UsersDanielAppDataRoamingMicrosoftWindowsStart MenuPrograms3Dsex
    ~ 915 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 1173 Legitimates Filtered in 01mn 54s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.2E5BC4BA91DC1119D7F497727092BCE7] – 16/11/2013 – 18:21:32 —A- . (…) — C:WindowsSystem32Driverssfi.dat [1474832]
    O44 – LFC:[MD5.ED280A0EA3CC38F3CBBC747ACFBEF47D] – 17/11/2013 – 09:54:28 —A- . (…) — C:Windowstransp.gif [49]
    O44 – LFC:[MD5.7CD5907FB7144BC183D1CD15BCD8F680] – 17/11/2013 – 09:55:08 —A- . (.VirusBuster Kft. – VirusBuster Loader SYS for Windows NT/2000/.) — C:WindowsSystem32DriversVBEngNT.sys [266872]
    O44 – LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] – 22/11/2013 – 18:18:21 —A- . (…) — C:WindowsODBC.INI [28]
    O44 – LFC:[MD5.4CB317C311FC08DF4B1A05AE7496A7FD] – 27/11/2013 – 16:18:44 –HA- . (…) — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14832]
    O44 – LFC:[MD5.4CB317C311FC08DF4B1A05AE7496A7FD] – 27/11/2013 – 16:18:44 –HA- . (…) — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14832]
    ~ Files: 53 Legitimates Filtered in 00mn 04s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.7820442553078F065B13D7E392D9BBB2] – 25/11/2013 – 14:33:38 —A- – C:WindowsPrefetchEDGEANIMATE.EXE-2001F246.pf
    O45 – LFCP:[MD5.4C0603DCDE44573C26673CBBADAE4294] – 25/11/2013 – 14:41:02 —A- – C:WindowsPrefetchRECUVA.EXE-1A090312.pf
    O45 – LFCP:[MD5.046B695C74BD04360DB76CFBC10DEB7D] – 27/11/2013 – 14:59:01 —A- – C:WindowsPrefetchGO.EXE-0A7DE786.pf
    O45 – LFCP:[MD5.4F5791CA9F18DAC1EC15F34A3B99357A] – 27/11/2013 – 15:59:46 —A- – C:WindowsPrefetchP7131REMOTEAPPL.EXE-EFB79FB8.pf
    O45 – LFCP:[MD5.C4310483CE71083405090ADF305E0136] – 27/11/2013 – 15:59:55 —A- – C:WindowsPrefetchBOINC.EXE-E1EE3F64.pf
    O45 – LFCP:[MD5.2C5E432C4EAEA4394AE72ED189E82DA1] – 27/11/2013 – 15:59:55 —A- – C:WindowsPrefetchVPROT.EXE-B916796C.pf
    O45 – LFCP:[MD5.25EC97738994DB3D0AB2F15A02FD5ED9] – 27/11/2013 – 16:12:25 —A- – C:WindowsPrefetchBOINCMGR.EXE-9FA32D7A.pf
    O45 – LFCP:[MD5.D21E892591208B1BA60D0601C5850BB6] – 27/11/2013 – 16:12:25 —A- – C:WindowsPrefetchBOINCTRAY.EXE-EEAC685C.pf
    O45 – LFCP:[MD5.9C48D1ED4EE53BB4C165112B9F05A3FC] – 27/11/2013 – 16:12:30 —A- – C:WindowsPrefetchCREATIVE CLOUD.EXE-C158B143.pf
    O45 – LFCP:[MD5.E732CD1C10FF0F4A8A357E37F0268EB5] – 27/11/2013 – 16:12:46 —A- – C:WindowsPrefetchBOINC.SCR-2C83D02F.pf
    O45 – LFCP:[MD5.BED77D1650DD1B93509A7719C5D9700A] – 27/11/2013 – 16:12:46 —A- – C:WindowsPrefetchBOINCSCR.EXE-0FD6C3C4.pf
    O45 – LFCP:[MD5.397A75B62F80A51BEC8DDA2360FE8B39] – 27/11/2013 – 16:13:03 —A- – C:WindowsPrefetchCORESYNC.EXE-060792B2.pf
    O45 – LFCP:[MD5.C90D3BAB3EFD249DB447CD301FBCE44B] – 27/11/2013 – 16:25:12 —A- – C:WindowsPrefetchWLXPGSS.SCR-B6681400.pf
    ~ Prefetcher: 140 Legitimates Filtered in 00mn 00s

    —\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 – MPSK:{2674e3df-b621-11e1-9258-806e6f6e6963}AutoRuncommand. (.Pas de propriétaire – nBrowser.) — E:start.exe
    ~ Keys: Scanned in 00mn 06s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] – 14/07/2009 – 02:20:28 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [453712]
    O58 – SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] – 13/07/2009 – 23:54:14 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [26624]
    O58 – SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] – 14/07/2009 – 02:19:04 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [21072]
    O58 – SDL:[MD5.36565318396A9D0A880687D1BB9C7F79] – 16/04/2010 – 13:59:44 —A- . (.Syntek – Syntek USB 2.0 Video Mini Driver.) — C:WindowsSystem32DriversStkCMini.sys [1521544]
    O58 – SDL:[MD5.77F0BE3C6A752837482C1942E8B8BDAF] – 26/03/2010 – 15:43:32 —A- . (.Syntek America Inc. – Syntek USB 2.0 Video Pipeline Driver.) — C:WindowsSystem32DriversStkCPipe.sys [13874824]
    O58 – SDL:[MD5.5F8DBD5586A13C22100AF5FB20E2E6F6] – 3/05/2009 – 15:04:10 —A- . (…) — C:WindowsSystem32DriversStkCSF.sys [197648]
    O58 – SDL:[MD5.7CD5907FB7144BC183D1CD15BCD8F680] – 20/11/2012 – 13:52:20 —A- . (.VirusBuster Kft. – VirusBuster Loader SYS for Windows NT/2000/XP.) — C:WindowsSystem32DriversVBEngNT.sys [266872]
    O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 13/07/2009 – 22:40:41 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 13/07/2009 – 22:40:44 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] – 13/07/2009 – 22:40:40 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] – 13/07/2009 – 22:40:23 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 13/07/2009 – 22:40:31 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 13/07/2009 – 22:40:35 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 13/07/2009 – 22:40:39 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 13/07/2009 – 22:40:27 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] – 13/07/2009 – 22:40:11 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] – 13/07/2009 – 22:40:15 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] – 13/07/2009 – 22:40:17 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] – 13/07/2009 – 22:40:19 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:[MD5.D86B6435729231C171432B4E77801BDB] – 13/07/2009 – 22:40:13 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 16 Legitimates Filtered in 00mn 38s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.Spotlight-V100.lnk [547]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.TemporaryItems.lnk [547]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.Trashes.lnk [533]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.fseventsd.lnk [537]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.lnk [1415]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaAqua – Barbie Girl.lnk [553]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaChangement_Formulaire.lnk [1417]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaChansons.lnk [533]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaCours 2 DIP.lnk [1405]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaCover letter.lnk [1403]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaCurriculum Vitae.lnk [1411]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 3.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 4.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 5.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 6.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 7.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDROIT SOCIAL IMPRIMER TOUT + RELIER.lnk [615]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDark Horses- Katy Perry ft.lnk [599]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDiapositive 1.lnk [1425]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDiapositive 3 octobre.lnk [1425]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDocument s24 octobres 2013.lnk [581]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit de sécurité sociale.lnk [1437]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit des suretés.lnk [1417]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit fiscal ASSISTANT.lnk [1427]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit fiscal et comptable.lnk [1437]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit international privé .lnk [1439]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFOUND.000.lnk [754]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFOUND.001.lnk [754]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFOUND.002.lnk [754]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFuture Ft Miley Cyrus – Real & True (Snippet).lnk [627]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaInterview .lnk [1395]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaInterview Anglais.lnk [1409]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaKaty Perry – Roar (Lyric Video).lnk [587]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaKaty Perry – Walking On Air (Audio).lnk [599]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaLady Gaga – Do What U Want – Lyric video.lnk [621]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaMaster cours enregistrés.lnk [573]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaMiley Cyrus – Maybe You're Right (Audio).lnk [609]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaMiley Cyrus – Someone Else (Audio).lnk [593]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaPUBLIC INTERNATION LAW .lnk [1433]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaRecycled.lnk [533]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaSpice Girls – Wannabe – Lyrics.lnk [585] =>Adware.AddLyrics
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpadocument.lnk [1391]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpadzenet.lnk [529]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpahoraire examen IMPRIMER.lnk [1429]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaiCampus.lnk [555]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaiDroit fiscal et comptable.lnk [1439]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpakogki.lnk [527]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpamichael.lnk [531]
    O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpamyfolder.lnk [533]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpaSURETE BEST.lnk [1399]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpaTP Sureté.lnk [1397]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpatogethara.lnk [535]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~$CHAUFFOUR EXCEL CALCUL.lnk [1429]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~$immoweb.lnk [1391]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~WRL0001.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~WRL0005.lnk [1389]
    O61 – LFC: 24/11/2013 – 16:36:51 —A- . (…) — C:UsersDanielDocumentsDEMANDE ESTIMATION.docx [39328]
    O61 – LFC: 24/11/2013 – 16:37:56 —A- . (…) — C:UsersDanielDocumentsEvaluationsDEMANDE ESTIMATION.docx [39346]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.eot [38899]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.svg [166979]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.ttf [77944]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.woff [42868]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.eot [23625]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.svg [53628]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.ttf [40400]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.woff [25188]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.eot [19886]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.svg [62308]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.ttf [40276]
    O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.woff [23284]
    O61 – LFC: 24/11/2013 – 16:43:04 —A- . (…) — C:UsersDanielDocumentsWebdesignerBanner 2.zip [238658]
    O61 – LFC: 24/11/2013 – 16:50:05 —A- . (…) — C:UsersDanielDownloadsPIL_Course_Outline_2013-2014_REV.docx [56948]
    O61 – LFC: 24/11/2013 – 16:51:54 -SHA- . (…) — C:UsersDanielThumbs.db [15872]
    O61 – LFC: 25/11/2013 – 16:37:23 —A- . (…) — C:UsersDanielDocumentsEdge5XCLI.lnk [746]
    O61 – LFC: 25/11/2013 – 16:37:23 —A- . (…) — C:UsersDanielDocumentsEdgeParisedge_includesedge.2.0.1.min.js [115474]
    O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2.an [11159]
    O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2.html [530]
    O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2_edge.js [31869]
    O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2_edgeActions.js [1780]
    O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2_edgePreload.js [11183]
    O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisedge_includesjquery-1.7.1.min.js [93871]
    O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.eot [31830]
    O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.svg [99027]
    O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.ttf [76364]
    O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.woff [37216]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusstylesheet.css [405]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.eot [31399]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.svg [117680]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.ttf [61600]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.woff [33844]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnestylesheet.css [427]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.eot [13237]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.svg [26900]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.ttf [32156]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.woff [14432]
    O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiatestylesheet.css [427]
    O61 – LFC: 25/11/2013 – 16:43:19 —A- . (…) — C:UsersDanielDocumentsWebdesignerBarbarinExercice question au client pour la rédaction cdc ifosup.docx [26596]
    O61 – LFC: 25/11/2013 – 16:48:35 —A- . (…) — C:UsersDanielDownloadsdes_13-11-22.zip [575359]
    O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreafrique.html [2897]
    O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreamerique.html [2900]
    O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreantartique.html [2903]
    O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreasie.html [2913]
    O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreeurope.html [2913]
    O61 – LFC: 26/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreindex.html [2963]
    O61 – LFC: 26/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrestylepolices.css [3855]
    O61 – LFC: 26/11/2013 – 16:40:54 —A- . (…) — C:UsersDanielDocumentspartition musiqueles fugitifs thème n°2 thème de jeanne2.zip [4096691]
    O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpde 1 a 100 for.php [176]
    O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpdiv 1 a 100.php [218]
    O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpdiv 1 a 100.txt [225]
    O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpfor n.php [317]
    O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpfor.php [290]
    O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpmultiplication.php [231]
    O61 – LFC: 27/11/2013 – 16:29:54 —A- . (…) — C:UsersDanielAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [261354]
    O61 – LFC: 27/11/2013 – 16:29:58 —A- . (…) — C:UsersDanielAppDataLocalGoogleChromeUser DataLocal State [47327]
    O61 – LFC: 27/11/2013 – 16:29:59 —A- . (…) — C:UsersDanielAppDataLocalGoogleToolbar Bookmarks_bookmarks [3794]
    O61 – LFC: 27/11/2013 – 16:29:59 —A- . (…) — C:UsersDanielAppDataLocalGoogleToolbar Cache7.5.4601.54frtranslate_element.js.content [2381]
    O61 – LFC: 27/11/2013 – 16:33:15 —A- . (…) — C:UsersDanielAppDataRoamingZHPLog.txt [19038] =>.Nicolas Coolman
    O61 – LFC: 27/11/2013 – 16:33:15 —A- . (…) — C:UsersDanielAppDataRoamingZHPTestsZHPDiag.txt [2845] =>.Nicolas Coolman
    O61 – LFC: 27/11/2013 – 16:42:07 —A- . (…) — C:UsersDanielDocumentssos.docx [13723]
    O61 – LFC: 27/11/2013 – 16:43:19 —A- . (.Barmarin Gérard.) — C:UsersDanielDocumentsWebdesignerBarbarincahier-des-charges-vide-exercice-Ifosup-2013-2014.doc [601088]
    O61 – LFC: 27/11/2013 – 16:48:03 –HA- . (…) — C:UsersDanielDocuments~$sos.docx [162]
    ~ 42 Fichiers temporaires (Temporary files)
    ~ Files: 337 Legitimates Filtered in 22mn 07s

    —\ Fichiers Alternate Data Stream (ADS) (O62)
    O62 – ADS:Alternate Data Stream File – C:WindowsSystem3234CoInstaller.dll:Zone.Identifier
    O62 – ADS:Alternate Data Stream File – C:WindowsSystem32Drivers3xHybrid.sys:Zone.Identifier
    ~ ADS: Scanned in 00mn 05s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 20/11/2012 – C:Windowssystem32driversVBEngNT.sys (VBEngNT) .(.VirusBuster Kft. – VirusBuster Loader SYS for Windows NT/2000/.) – LEGACY_VBENGNT
    ~ Legacy: 83 Legitimates Filtered in 00mn 01s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Google) – http://www.google.com » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} – (Yahoo! Search) – http://us.search.yahoo.com » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {B8E088E3-8A00-4E37-A441-128B48F0496E} – (IMVU Inc Customized Web Search) – http://search.conduit.com » onclick= »window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: winmgmt (winmgmt) . (…) — C:Program Filesbqdo1t7v.plz [0]

    ~ Services: 32 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][20/04/2013] (…) — C:ProgramDatayIh5P5.dat [0]
    [MD5.C59BDF3C0E8F946A6D9E8E3934485830] [SPRF][22/11/2013] (…) — C:UsersDanielAppDataLocalTempQuarantine.exe [355225]
    [MD5.9514AB89D37EFEFE607E06D99DA2608C] [SPRF][5/10/2013] (.Tracker Software Products Ltd – PDF-XChange PDF Viewer Setup.) — C:UsersDanielDesktop156-PDF_XChange_Viewer-v2.0.50-mid215-l-ax86.exe [13205912]
    [MD5.AFAFA655CC59872129A32CDE4F60F2DE] [SPRF][27/11/2013] (…) — C:UsersDanielDesktopadwcleaner.exe [1091882]
    [MD5.D33DC34F754DFA47C58526DF26045180] [SPRF][14/09/2012] (.Paul Glagla – ImageGrab de Paul Glagla.) — C:UsersDanielDesktopimagegrab_50fr.exe [2210816]
    ~ Files: 11 Legitimates Filtered in 00mn 01s[/spoiler:msd0ibb0]

    Dakapi
    Participant
    Nombre d'articles : 12

    Rapport zhdiag fin
    [spoiler:13eg2pvw]—\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: « {A4A18C2E-206A-48D8-9330-ABDB0DFE6C35} » |In – Private – P6 – TRUE | .(…) — C:WindowsTempCMC_DRAGONrestart_helper.exe (.not file.)
    O87 – FAEL: « {2D110718-936D-4D2E-AE76-E30991321A4D} » |In – Private – P17 – TRUE | .(…) — C:WindowsTempCMC_DRAGONrestart_helper.exe (.not file.)
    ~ Firewall: 215 Legitimates Filtered in 00mn 06s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: « CFA37D7451CE22B4698DCF4478BEEB75 » . (..) — C:WindowsInstaller{47D73AFC-EC15-4B22-96D8-FC4487EBBE57}ARPPRODUCTICON.exe
    ~ Update Products: 110 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 9/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 14/06/2012 136176 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 14/06/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 16/08/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 17/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SS – | Auto 10/07/1658 0 | (vToolbarUpdater17.1.2) . (…) – C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2ToolbarUpdater.exe =>Toolbar.AVGSearch
    SS – | Demand 23/06/2013 22016 | (wampapache) . (.Apache Software Foundation.) – c:wampbinapacheapache2.4.4binhttpd.exe
    SS – | Demand 23/06/2013 10923520 | (wampmysqld) . (…) – c:wampbinmysqlmysql5.6.12binmysqld.exe

    SR – | Auto 17/10/2013 2494040 | (acssrv) . (.Agnitum Ltd..) – C:Program FilesAgnitumOutpost Security Suite Proacs.exe
    SR – | Auto 5/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SR – | Auto 6/03/2007 198168 | (Capture Device Service) . (.InterVideo Inc..) – C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe
    SR – | Auto 12/03/2012 133280 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) – C:Windowssystem32IProsetMonitor.exe
    SR – | Auto 4/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe
    SR – | Auto 4/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe
    SR – | Auto 14/07/2009 20992 | C:Windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 18/01/2013 639776 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
    SR – | Auto 14/07/2009 20992 | C:Windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) – c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
    SR – | Auto 30/07/2008 61440 | (RCSERVICE) . (…) – C:Program FilesASUSP7131Remote ControlRCService.exe
    SR – | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Demand 29/09/2013 85264 | (VBFilt) . (.Agnitum Ltd..) – C:Windowssystem32FiltVBFilt.dll
    SR – | Auto 14/07/2009 20992 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 14/07/2009 20992 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe

    ~ Services: Scanned in 00mn 33s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net » onclick= »window.open(this.href);return false;

    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
    Run by Daniel at 27/11/2013 16:56:17

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin

    ~ MBR: Scanned in 00mn 04s
    \ Scan Additionnel (O88)
    Database Version : 13000 – (26/11/2013)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 2
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 1

    [HKLMSoftwareGoogleChromeExtensionsndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
    [HKLMSYSTEMCurrentControlSetServicesvToolbarUpdater17.1.2] =>Toolbar.AVGSearch^
    [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:swg =>Toolbar.Google^
    C:UsersDanielAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
    C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser_32.exe =>Toolbar.Google^
    ~ Additionnel Scan: 424439 Items scanned in 00mn 25s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics » onclick= »window.open(this.href);return false; =>Adware.AddLyrics
    ~ MSI: 1 link(s) detected in 00mn 25s

    ~ 2595 Legitimates filtered by white list
    End of the scan (700 lines in 39mn 42s)(0)[/spoiler:13eg2pvw]

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8223

    salut ;D

    lance usbfix et clique sur suppression avec tous tes peripheriques branchés puis poste le rapport obtenu

    Dakapi
    Participant
    Nombre d'articles : 12

    Et enfin le rapport Adwc
    Mais je me pose la question:
    Si on arrive à nettoyer le pc
    Que faut-il faire pour protéger les clefs?
    Je travaille aussi avec un autre pc dont je ne suis pas l’administrateur et qui est probablement également infecté?
    [spoiler:2sayhdkt]# AdwCleaner v3.013 – Rapport créé le 27/11/2013 à 17:44:10
    # Mis à jour le 24/11/2013 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Nom d'utilisateur : Daniel – DANIEL-PC
    # Exécuté depuis : C:UsersDanielDesktopadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:UsersDanielAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16736

    -\ Mozilla Firefox v24.0 (fr)

    [ Fichier : C:UsersDanielAppDataRoamingMozillaFirefoxProfilesub4vovov.defaultprefs.js ]

    -\ Google Chrome v31.0.1650.57

    [ Fichier : C:UsersDanielAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [10788 octets] – [27/11/2013 16:08:06]
    AdwCleaner[R1].txt – [1186 octets] – [27/11/2013 17:40:49]
    AdwCleaner[S0].txt – [10975 octets] – [27/11/2013 16:09:25]
    AdwCleaner[S1].txt – [1109 octets] – [27/11/2013 17:44:10]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [1169 octets] ##########
    (fin)[/spoiler:2sayhdkt]

    Dakapi
    Participant
    Nombre d'articles : 12

    Bonsoir g3n-h@ckm@n

    J’ai installé usbfix sur le bureau , je l’ai ré installé en décochant outpost et il m’affiche toujours
    line 16994 (file »cUsbFixGo.exe »)
    Error: Variable must be of type « object »

    Merci pour ton aide

    Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Essai avec cette version de UsbFix stp : partage/UsbFix.exe

    Dakapi
    Participant
    Nombre d'articles : 12

    Bonjour El Desaparecido
    Désolé j’étais absent ce matin
    J’ai essayé le lien que tu avais indiqué sans succès.
    Ni en désactivant outpost ni en mode sans échec.
    Barre inférieure droit , petit triangle icone cachée, indique « script paused » ?
    Je craque…

    Anonyme
    Nombre d'articles : 0

    Craque pas ;)

    Lance usbfix avec tes clé usb etc connectées, choisi l’option listing et post le rapport stp.

    Dakapi
    Participant
    Nombre d'articles : 12

    Hello :superman:
    Désolé mais j’ai le même problème.
    J’ai pourtant désactivé l’antimalware et outpost.
    J’ai essayé en mode sans échec, même topo :E

    Anonyme
    Nombre d'articles : 0

    Ok ,

    Désinstalle UsbFix.

    Nous allons éffectuer un diagnostic de ton ordinateur :

    • Télécharge OTL de Old_Timer et enregistre le sur le Bureau
    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
    • Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu’adminsitrateur.
    • Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity soient cochées.
    • Dans le cadre Personnalisation, copie-colle l’intégralité de ce qui suit :
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%Application Data*.
    %ALLUSERSPROFILE%Application Data*.exe /s
    %APPDATA%*.
    %APPDATA%*.exe /s
    %temp%*.exe /s
    %SYSTEMDRIVE%*.exe
    %systemroot%*. /mp /s
    %systemroot%system32consrv.dll
    %systemroot%system32*.dll /lockedfiles
    %windir%Tasks*.job /lockedfiles
    %systemroot%system32drivers*.sys /lockedfiles
    %systemroot%System32config*.sav
    /md5start
    explorer.exe
    winlogon.exe
    services.exe
    wininit.exe
    /md5stop
    HKEY_CLASSES_ROOTCLSID{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InprocServer32 /s
    HKEY_LOCAL_MACHINESYSTEMSYSTEMCurrentControlSetServiceslanmanserverparameters /s
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems /s
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerAppCertDlls /s
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileList /s
    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand Processor /s
    HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor /s
    CREATERESTOREPOINT
    nslookup http://www.google.fr /c
    hklmsoftwareclientsstartmenuinternet|command /rs
    hklmsoftwareclientsstartmenuinternet|command /64 /rs
    CREATERESTOREPOINT
    SAVEMBR:0

    • Clique sur Analyse

    • Une fois le scan terminé 1 ou 2 rapports vont s’ouvrir OTL.txt et Extras.txt.
    • Héberge les rapports OTL.txt et Extras.txt sur cjoint.com, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    Dakapi
    Participant
    Nombre d'articles : 12

    Voila
    Désolé ce fut long
    Bonne fin de soirée

    http://cjoint.com/?CKCwgUWMZQq » onclick= »window.open(this.href);return false;

    http://cjoint.com/?CKCwam83bwa » onclick= »window.open(this.href);return false;

    Anonyme
    Nombre d'articles : 0
    • Relance OTL.
    • Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).

      :OTL
      IE - HKUS-1-5-21-1915439914-2980993570-1999574232-1000..SearchScopes{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
      IE - HKUS-1-5-21-1915439914-2980993570-1999574232-1000..SearchScopes{B8E088E3-8A00-4E37-A441-128B48F0496E}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669&CUI=UN33694645616632304&UM=1
      O4 - HKUS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [flashmemory] wscript.exe //B "C:UsersDanielAppDataLocalTempflashmemory.vbe" File not found
      O4 - Startup: C:UsersDanielAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupflashmemory.vbe ()

      :files
      C:UsersDanielAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupflashmemory.vbe
      C:UsersDanielAppDataLocalTempflashmemory.vbe
      C:UsersDanielAppDataLocal{0A631147-A8C8-4E17-9994-AF836159C182}
      C:UsersDanielAppDataLocal{0C5CA8ED-4AC2-411B-9F15-72C1020BCF33}
      C:UsersDanielAppDataLocal{F489381B-256E-445D-A392-30C46D1A0188}
      C:UsersDanielAppDataLocal{416037F7-AF62-4E85-B2EF-45AAFAC692F4}
      C:UsersDanielAppDataLocal{8DF1012F-0134-46D1-A38A-6BDA5BBD3FC5}
      C:UsersDanielAppDataLocal{D8374077-FAB1-4F00-947F-8401FE46A69A}
      C:UsersDanielAppDataLocal{723E3EB2-472E-4C96-B163-1B4CFD91A915}
      C:UsersDanielAppDataLocal{A1E9013B-A0B5-471C-9577-BF206F5C9114}
      C:UsersDanielAppDataLocal{D4C03470-25DB-45F7-9436-0A38E054181F}
      C:UsersDanielAppDataLocal{5F5386D2-3D82-4443-BC9D-7102E56741F0}
      C:UsersDanielAppDataLocal{8D8CB566-99B9-4641-8B71-FD5B2F5454D9}
      C:UsersDanielAppDataLocal{3E320816-E00E-4726-BDF3-A0239323086C}
      C:UsersDanielAppDataLocal{FD4DDCF1-8A7B-4844-AB17-D057AD902A20}
      C:UsersDanielAppDataLocal{DC8A35ED-3464-4033-A881-D75D4E557BFE}
      C:UsersDanielAppDataLocal{E8A24A32-20F8-45A1-A686-AD7D17B2803A}
      C:UsersDanielAppDataLocal{2B7121B0-EBCD-493A-A359-DBB29BE4A40F}
      C:UsersDanielAppDataLocal{C29ED175-370F-4474-84E6-6A3B047586C0}
      C:UsersDanielAppDataLocal{78D168E3-9496-4A3E-9B2B-B3D536E04FB7}
      C:UsersDanielAppDataLocal{4F6EACDD-1D16-4228-9364-C7C2105E0FC4}
      C:UsersDanielAppDataLocal{CBA8505D-EB73-45E4-8AB6-A788FDD9F54D}
      C:ProgramDatav7t1odqb.ctrl
      C:ProgramDatav7t1odqb.pff
      C:ProgramDatayIh5P5.dat
      C:ProgramData3ow8X2Nc.exe_.b
      C:ProgramData3ow8X2Nc.exe.b
      C:UsersDanielAppDataRoamingItcyd

      :Commands
      [emptytemp]
      [emptyflash]
      [reboot]

    • Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
    • Redemarre le pc et poste le rapport dans ta prochaine réponse.
    • Le rapport est sauvegardé sous C:_OTLMovedFilesdate_heure.log
    Dakapi
    Participant
    Nombre d'articles : 12

    Voila le rapport

    http://cjoint.com/?CKDn4Gnz9Lf » onclick= »window.open(this.href);return false;

    Anonyme
    Nombre d'articles : 0

    Les dossiers figurant sur ma clef usb sont transformés en raccourcis (emplacement: cmd: cwindowssystem32) ??
    Je peux travailler dessus sur la clef même mais ils sont non copiables..
    Les sous-dossiers semblent eux normaux et copiables.
    J’ai reformaté la clef,

    Un seule clé est concernée , t’as la possibilité de la formater là ? (pas de donner à sauvegarder dessus)
    Si c’est le cas, connecte cette clé puis formate là sans toucher à son contenu avant ..
    Si c’est pas le cas (des données à récupérer) , me le signaler.

15 sujets de 1 à 15 (sur un total de 20)

Vous devez être connecté pour répondre à ce sujet.