dossiers en racourcis sur clé usb 2013-12-29T19:27:43+00:00
  • Auteur
    Messages
  • lilidurhone
    Post count: 0

    Avant de passer en résolu

    Nouvelles majs pour adobe reader,java et flashplayer

  • Telma
    Post count: 0

    [font=Century Gothic:1hqglz9k]et le second :
    # DelFix v10.6 – Rapport créé le 14/01/2014 à 22:26:31
    # Mis à jour le 11/11/2013 par Xplode
    # Nom d'utilisateur : Marie-Estelle – PC-MARIE-ESTELL
    # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

    ~ Suppression des outils de désinfection …

    Supprimé : C:USBFix
    Supprimé : C:AdwCleaner
    Supprimé : C:UsersMarie-EstelleAppDataRoamingZHP
    Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP
    Supprimé : C:Program FilesZHPDiag
    Supprimé : C:PhysicalDisk0_MBR.bin
    Supprimé : C:UsbFix [Clean 1] PC-MARIE-ESTELL.txt
    Supprimé : C:UsbFix [Scan 1] PC-MARIE-ESTELL.txt
    Supprimé : C:UsbFix [Scan 2] PC-MARIE-ESTELL.txt
    Supprimé : C:UsersMarie-EstelleDesktopJRT.txt
    Supprimé : C:UsersMarie-EstelleDesktopSFTGC.txt
    Supprimé : C:UsersMarie-EstelleDesktopZHPDiag.lnk
    Supprimé : C:UsersMarie-EstelleDesktopZHPDiag.txt
    Supprimé : C:UsersMarie-EstelleDesktopZHPFix.lnk
    Supprimé : C:UsersMarie-EstelleDesktopZHPFixReport.txt
    Supprimé : C:UsersMarie-EstelleDownloadsadwcleaner.exe
    Supprimé : C:UsersMarie-EstelleDownloadsJRT.exe
    Supprimé : C:UsersMarie-EstelleDownloadsSFTGC.exe
    Supprimé : C:UsersMarie-EstelleDownloadsUsbFix.exe
    Supprimé : C:UsersMarie-EstelleDownloadsZHPDiag2.exe
    Supprimée : HKCUSoftwareUSBFix
    Supprimée : HKLMSOFTWAREAdwCleaner
    Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallUSBFix
    Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallZHPDiag_is1

    ~ Purge de la restauration système …

    Supprimé : RP #829 [Windows Update | 12/04/2013 14:27:31]
    Supprimé : RP #830 [Windows Update | 12/12/2013 14:38:28]
    Supprimé : RP #831 [Windows Update | 12/12/2013 16:45:50]
    Supprimé : RP #832 [Removed Bonjour | 12/12/2013 19:44:27]
    Supprimé : RP #833 [Windows Update | 12/19/2013 16:03:44]
    Supprimé : RP #834 [Windows Update | 12/22/2013 19:41:18]
    Supprimé : RP #835 [Windows Update | 12/29/2013 11:17:31]
    Supprimé : RP #836 [Point de contrôle planifié | 12/30/2013 22:41:15]
    Supprimé : RP #837 [Point de contrôle planifié | 12/31/2013 12:48:49]
    Supprimé : RP #838 [Point de contrôle planifié | 01/09/2014 11:44:21]
    Supprimé : RP #839 [Windows Update | 01/09/2014 17:36:48]
    Supprimé : RP #841 [ZHPFix Restore System Point | 01/12/2014 20:59:39]
    Supprimé : RP #842 [Windows Update | 01/14/2014 20:50:04]

    Nouveau point de restauration créé !

    ########## – EOF – ##########

    Merci !

    et sinon j'ai remarqué qu'il y avait une fenêtre qui me disait programme .. (jme souviens pu du nom) a cessé de fonctionner qd j'allume mon ordi qui avait pas avant…

    je verrai au prochain démarrage si ça existe encore…[/font:1hqglz9k]

  • Telma
    Post count: 0

    [font=Century Gothic:2a6pjsp5]voici le premier rapport :
    Rapport de SFTGC (Pierre13) du Mardi 14 Janvier 2014 à 22:12:56 version : 2.0.0.60
    Mis à jour le 27/11/2013
    Outil lancé en Mode normal et En tant qu'administrateur
    Windows Vista (TM) Home Premium Service Pack 2 32 bits

    Tool start in C:UsersMarie-EstelleDownloads

    656 éléments supprimés => 760.76 Mo libérés. (11 mn 27 s)

    C:UsersMarie-EstelleAppDataLocalTemp1474786_10202602213876978_1618928504_n.jpg
    C:UsersMarie-EstelleAppDataLocalTempacro_rd_dir
    C:UsersMarie-EstelleAppDataLocalTempAdobeARM.log
    C:UsersMarie-EstelleAppDataLocalTempAdwCleaner.jpg
    C:UsersMarie-EstelleAppDataLocalTempavgnt.exe
    C:UsersMarie-EstelleAppDataLocalTempCCEC5E.tmp
    C:UsersMarie-EstelleAppDataLocalTempCCF94A.tmp
    C:UsersMarie-EstelleAppDataLocalTempCleaning.ico
    C:UsersMarie-EstelleAppDataLocalTempCookies
    C:UsersMarie-EstelleAppDataLocalTempCVR4B0C.tmp.cvr
    C:UsersMarie-EstelleAppDataLocalTempCVR9481.tmp.cvr
    C:UsersMarie-EstelleAppDataLocalTempCVRB672.tmp.cvr
    C:UsersMarie-EstelleAppDataLocalTempDonate.ico
    C:UsersMarie-EstelleAppDataLocalTemphsperfdata_Marie-Estelle
    C:UsersMarie-EstelleAppDataLocalTempJavaDeployReg.log
    C:UsersMarie-EstelleAppDataLocalTempJRT.txt
    C:UsersMarie-EstelleAppDataLocalTempjusched.log
    C:UsersMarie-EstelleAppDataLocalTempLow
    C:UsersMarie-EstelleAppDataLocalTempMarie-Estelle.bmp
    C:UsersMarie-EstelleAppDataLocalTempplugtmp
    C:UsersMarie-EstelleAppDataLocalTempplugtmp-1
    C:UsersMarie-EstelleAppDataLocalTempplugtmp-2
    C:UsersMarie-EstelleAppDataLocalTempQuarantine.exe
    C:UsersMarie-EstelleAppDataLocalTempReport.ico
    C:UsersMarie-EstelleAppDataLocalTempScan.ico
    C:UsersMarie-EstelleAppDataLocalTempSetupExe(20140109183056B0).log
    C:UsersMarie-EstelleAppDataLocalTempSetupExe(20140109224937974).log
    C:UsersMarie-EstelleAppDataLocalTempUninstall.ico
    C:UsersMarie-EstelleAppDataLocalTempUserInfoSetup(20140109183102B0).log
    C:UsersMarie-EstelleAppDataLocalTempUserInfoSetup(20140109224942974).log
    C:UsersMarie-EstelleAppDataLocalTempwmplog00.sqm
    C:UsersMarie-EstelleAppDataLocalTempWPDNSE
    C:UsersMarie-EstelleAppDataLocalTempjrtAPPID_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtAPPID_files.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtappinit64_null.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtappinit_null.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtAPPPATHS.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtAPPROVEDEXTENSIONS_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtask.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtaskCLSID.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtaskregkey_x64.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtaskregkey_x86.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtaskregvalue_x64.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtaskregvalue_x86.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtaskservices.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtbadAPPINIT.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtbadFOLDERS.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtbadFOLDERScom.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtbadFOLDERSstart.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtbadLNK.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtbadvalues.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtBHO_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtBHO_name.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtbrowsermngr_keys.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtbrowsermngr_values.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtCHOICE.DAT
    C:UsersMarie-EstelleAppDataLocalTempjrtchrome.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtCHRregkey_x64.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtCHRregkey_x86.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtCHR_extensions.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtCHR_open_x64.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtCHR_open_x86.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtclean_shortcut.vbs
    C:UsersMarie-EstelleAppDataLocalTempjrtCLSID_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtcurrentmd5.txt
    C:UsersMarie-EstelleAppDataLocalTempjrtCUT.DAT
    C:UsersMarie-EstelleAppDataLocalTempjrtdatamngr_del.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtdefaultscope.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtdelfolders.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtdelorphans.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtELEVATIONPOLICY_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrterunt
    C:UsersMarie-EstelleAppDataLocalTempjrtev_clear.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtEXT.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFbrowsermngr.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFextensions.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFpluginREG.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFplugins.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFprefs.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFregkey_x64.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFregkey_x86.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFwhtlist.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtFFXML.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFFXPI.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFF_open_x64.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtFF_open_x86.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtfirefox.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtFWCLSID.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtFWPolicy.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtget.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtIEwhtlst.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtiexplore.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtIE_open_x64.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtIE_open_x86.reg
    C:UsersMarie-EstelleAppDataLocalTempjrtIFEO.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtINTERFACE_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtJRT.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtmedfos.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtMENUEXT.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtmisc.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtmodules.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtmodules.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtmoduleservices.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtnewmd5.txt
    C:UsersMarie-EstelleAppDataLocalTempjrtNIRCMD.DAT
    C:UsersMarie-EstelleAppDataLocalTempjrtNOTIFY.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtPREAPPROVED_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtprelim.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtPRODUCTS.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtREGhcr.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtREGhkcu_and_hklm_allow.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtREGhkcu_and_hklm_software.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtREGhkcu_software_appdatalow.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtREGhkcu_software_microsoft.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtREGhklm_software_classes.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtREGISTRYUSERSID.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtrunvalues.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtrunvalues_x64.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtrunvalues_x86.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtS1518COMPONENTS.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtsearchlnk.bat
    C:UsersMarie-EstelleAppDataLocalTempjrtSED.DAT
    C:UsersMarie-EstelleAppDataLocalTempjrtsednewline.txt
    C:UsersMarie-EstelleAppDataLocalTempjrtservices.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtserviceseventlog.cfg
    C:UsersMarie-EstelleAppDataLocalTempjrtSETTINGS_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtSHORTCUT.DAT
    C:UsersMarie-EstelleAppDataLocalTempjrtSTATS_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtTDL4.bat
    C:UsersMarie-EstelleAppDataLocalTempjrttemp
    C:UsersMarie-EstelleAppDataLocalTempjrtTRACING.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtTYPELIB_clsid.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtUNINSTALL.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtUpgradeCodes.dat
    C:UsersMarie-EstelleAppDataLocalTempjrtWGET.DAT
    C:UsersMarie-EstelleAppDataLocalTempjrtWOW6432NODE.dat
    C:UsersMarie-EstelleAppDataLocalTempjrttempnull.txt
    C:UsersMarie-EstelleAppDataLocalTempjrteruntERDNT.E_E
    C:UsersMarie-EstelleAppDataLocalTempjrteruntERDNTDOS.LOC
    C:UsersMarie-EstelleAppDataLocalTempjrteruntERDNTWIN.LOC
    C:UsersMarie-EstelleAppDataLocalTempjrteruntERUNT.EXE
    C:UsersMarie-EstelleAppDataLocalTempjrteruntERUNT.EXE.manifest
    C:UsersMarie-EstelleAppDataLocalTempjrteruntERUNT.LOC
    C:UsersMarie-EstelleAppDataLocalTempjrteruntREADME.TXT
    C:UsersMarie-EstelleAppDataLocalTempHistoryHistory.IE5
    C:UsersMarie-EstelleAppDataLocalTempHistoryHistory.IE5desktop.ini
    C:UsersMarie-EstelleAppDataLocalTempHistoryHistory.IE5index.dat
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE54ALHCXVZ
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5desktop.ini
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5index.dat
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5Q4HF0U80
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5SJ8HH5L3
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5UMCU6TUQ
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5UMCU6TUQdesktop.ini
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5SJ8HH5L3desktop.ini
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE5Q4HF0U80desktop.ini
    C:UsersMarie-EstelleAppDataLocalTempFichiers Internet temporairesContent.IE54ALHCXVZdesktop.ini
    C:UsersMarie-EstelleAppDataLocalTempCookiesindex.dat
    C:UsersMarie-EstelleAppDataLocalTempAdobeAcrobat10.0
    C:UsersMarie-EstelleAppDataLocalLowdesktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistorydesktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryLowdesktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryLowHistory.IE5
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryLowHistory.IE5desktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5desktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013123020140106
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012014010620140113
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012014011320140114
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012014011320140114index.dat
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012014010620140113index.dat
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013123020140106index.dat
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.MSO
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet Filesdesktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{2392F8DC-417F-4D10-A78E-92F060C40988}.tmp
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{2A17B47A-AB4A-468C-B942-F72263C9BA9A}.tmp
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{4945E483-853E-4C17-AFC7-8A72151F3813}.tmp
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{9CF3B044-6537-4FAB-AF06-2787C06D7064}.tmp
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{DA774B25-03E7-460A-B32D-A57EAC9307A0}.tmp
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{EB745800-546B-4C6B-91AF-9C56D4AC890A}.tmp
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWE
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAX
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5desktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2104[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2106[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2185[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2BLANK[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2BLANK[2]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2desktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2NEWSTYLES[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2yepp@musiccity[1].xml
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EG5KL3I2ZHPScan[1].txt
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAX104[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXdesktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXie9[1].htm
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXindex-windows-1[1].sucatalog
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXINETPROGRESS[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXleftbanner[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXPOPUPBACKGROUND[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXTOPBANNER[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53Z0UNFAXVersionSFT[1].txt
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6136[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6desktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6fwlink[1].htm
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6fwlink[2].htm
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6indexbiomass[1].htm
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6NEWSTYLES[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6NewStyles[2]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE53S6JXEK6Version[1].txt
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWE106[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWE28016ffcbe8a1939af038a0db8cfb2f471a00311[1].htm
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWEDefault[1].aspx
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWEdesktop.ini
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWEHELP[2]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWEie9[2].htm
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWELeftBanner[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWEPOPUPBACKGROUND[1]
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE51U3BXDWESETTINGS[1]
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecent-1-_grenouille_taureau.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecent-11-_tortue__floride.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecent-9-_ecrevisse_louisiane.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecent2013_Cours_IUP_GdE-2_-Compatibility_Mode-.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecent2013_Cours_IUP_GdE-3_-Compatibility_Mode-.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecent2013_Cours_IUP_GdE-4_-Compatibility_Mode-_-1-.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentAdwCleaner.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentAdwCleaner[S0].lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentArticle de synth-se -1-.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentCours KRIER (2).lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentCours KRIER.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentcours_Diament.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentcours_Jacquemoud1.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentdesktop.ini
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentLettre de motivation Melle Marie-Estelle Courteille.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentLettre motivation Melle Courteille.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentM1 GEI.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentMaster_GEI-IUP.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentObservation de la terre par satellite.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentPollution des eaux.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentPollution des sols.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentSynth–se documentaire PE.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentSynthèse documentaire PE.lnk
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsRecentTéléchargement.lnk
    C:UsersMarie-EstelleAppDataLocalMicrosoftWindowsTemporary Internet FilesLow
    C:UsersInvitéAppDataLocalTempacro_rd_dir
    C:UsersInvitéAppDataLocalTempAdobeARM.log
    C:UsersInvitéAppDataLocalTempAPNLogs
    C:UsersInvitéAppDataLocalTempAskSearch
    C:UsersInvitéAppDataLocalTempAVG_TB_DumpLog.txt
    C:UsersInvitéAppDataLocalTempInvité.bmp
    C:UsersInvitéAppDataLocalTempMSI20d2c.LOG
    C:UsersInvitéAppDataLocalTempsetup.exe
    C:UsersInvitéAppDataLocalTempsvbjj.tmp
    C:UsersInvitéAppDataLocalTempTCDBDB6.tmp
    C:UsersInvitéAppDataLocalTempTCDBDB7.tmp
    C:UsersInvitéAppDataLocalTempTCDBDD9.tmp
    C:UsersInvitéAppDataLocalTempTCDBE58.tmp
    C:UsersInvitéAppDataLocalTempTCDBE79.tmp
    C:UsersInvitéAppDataLocalTempTCDBEAA.tmp
    C:UsersInvitéAppDataLocalTempTCDBEBC.tmp
    C:UsersInvitéAppDataLocalTempTCDBF49.tmp
    C:UsersInvitéAppDataLocalTempTCDBFC8.tmp
    C:UsersInvitéAppDataLocalTempTCDC047.tmp
    C:UsersInvitéAppDataLocalTempTCDC0F5.tmp
    C:UsersInvitéAppDataLocalTempTCDC106.tmp
    C:UsersInvitéAppDataLocalTempTCDC137.tmp
    C:UsersInvitéAppDataLocalTempTCDC168.tmp
    C:UsersInvitéAppDataLocalTempTCDC235.tmp
    C:UsersInvitéAppDataLocalTempTCDC246.tmp
    C:UsersInvitéAppDataLocalTempTCDC286.tmp
    C:UsersInvitéAppDataLocalTempTCDC354.tmp
    C:UsersInvitéAppDataLocalTempTCDC355.tmp
    C:UsersInvitéAppDataLocalTempTCDC6A2.tmp
    C:UsersInvitéAppDataLocalTempTCDC74F.tmp
    C:UsersInvitéAppDataLocalTempTCDC7DE.tmp
    C:UsersInvitéAppDataLocalTempTCDC8AA.tmp
    C:UsersInvitéAppDataLocalTempTCDC987.tmp
    C:UsersInvitéAppDataLocalTempTCDCC86.tmp
    C:UsersInvitéAppDataLocalTempTCDCD90.tmp
    C:UsersInvitéAppDataLocalTempTCDCEBD.tmp
    C:UsersInvitéAppDataLocalTempTCDCECD.tmp
    C:UsersInvitéAppDataLocalTempTCDCF0E.tmp
    C:UsersInvitéAppDataLocalTempTCDCF0F.tmp
    C:UsersInvitéAppDataLocalTempTCDCF71.tmp
    C:UsersInvitéAppDataLocalTempTCDCF92.tmp
    C:UsersInvitéAppDataLocalTempTCDCF93.tmp
    C:UsersInvitéAppDataLocalTempTCDCFB3.tmp
    C:UsersInvitéAppDataLocalTempTCDCFC5.tmp
    C:UsersInvitéAppDataLocalTempTCDCFF5.tmp
    C:UsersInvitéAppDataLocalTemptoolbar_log.txt
    C:UsersInvitéAppDataLocalTempWPDNSE
    C:UsersInvitéAppDataLocalTemp~DF7E1A.tmp
    C:UsersInvitéAppDataLocalTempTCDBDB7.tmpCleanGradient.thmx
    C:UsersInvitéAppDataLocalTempLowGoogle Toolbar
    C:UsersInvitéAppDataLocalTempLowJavaDeployReg.log
    C:UsersInvitéAppDataLocalTempLow~DF2F4D.tmp
    C:UsersInvitéAppDataLocalTempLow~DF6505.tmp
    C:UsersInvitéAppDataLocalTempLow~DFAB94.tmp
    C:UsersInvitéAppDataLocalTempLow~DFF1D5.tmp
    C:UsersInvitéAppDataLocalTempHistoryHistory.IE5MSHist012013090420130905
    C:UsersInvitéAppDataLocalTempHistoryHistory.IE5MSHist012013090420130905index.dat
    C:UsersInvitéAppDataLocalTempAskSearchpartnercobranding.dat
    C:UsersInvitéAppDataLocalTempAPNLogsci.log
    C:UsersInvitéAppDataLocalTempAPNLogsiw.log
    C:UsersInvitéAppDataLocalLowdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistorydesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryLowdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryLowHistory.IE5
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryLowHistory.IE5desktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryLowHistory.IE5index.dat
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5desktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013110420131105
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013110520131106
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013111220131113
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013111220131113index.dat
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013110520131106index.dat
    C:UsersInvitéAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012013110420131105index.dat
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.MSO
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet Filesdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesVirtualizedCUsersInvitéAppDataRoamingMicrosoftWindowsPrivacIELow
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowAntiPhishing
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowMSIMGSIZ.DAT
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE52LJ5E3FE
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE52RGXMP90
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE53R5RS5DB
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE593A4IBRG
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5desktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5index.dat
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5LIP01SH7
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5LWHH6N0P
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5MG8LOPOI
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH08537-francoise-web-esthtiquement-correct[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH181f8026f15879cf47145a17b365afa[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH19755-pict9301-drapeau[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH19807-pict8333-liquidation-17-heures-[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH19974-253387_1586443261_1_o1074720293[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHfd6c98ba9359c79b47128f29cbdaa67[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[3].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[4].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[5].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[6].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[7].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH[8].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH10677[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH10677[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH10677[3].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH10677[4].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH10d7d49dea5e6b7d5371baf9d3751c57[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH111[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH115488[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH118000_300x250[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH11819[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH11890[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH120x60[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1321e7e675bc809ddc8e39678615d5b4[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH138_138_5[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH14550071a88fb38da6e24564e929d9d8[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH14923932b4b442926d4074d3b2347d01[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH14min[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH15983687584901772457[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH192[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1976187637[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1976187637[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA2QS6FU.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA2ZQD0L.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA3D2JSY.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA3XDRQ7.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA461GUZ.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA466SB0.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA4H9UV5.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA4KEJJ4.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CA8K30EU.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CACW1IGO.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAF51ORH.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAICIJ8L.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAIQSKQD.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAP3O6LS.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAQMPNKB.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAU4L8HW.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAXL1TW2.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAY05903.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1CAYDMKEN.js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[10].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[11].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[3].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[4].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[5].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[6].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[7].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[8].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH1[9].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH2011237-jpg_1839271_69x46[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH2093337-jpg_1842102_69x46[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH234x60[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH234x60_VPI_quoideneuf_2013M09[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH2353a017305ae270b2430f0ff474bb86[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH2441920265[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH2441920265[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH246342273[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH2579f189a36a971bea355c47dc801867[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH3-corbeil[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH353_logo[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH35min[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH429582a1046cde8e7caf882e9aa3faff[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH42d552fc9f761cff29354c7577ba6eec[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH4322d283ca258cb1f4ebc139af500c63[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH446[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH450_logo[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH4513174360703831326[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH47SKHH1VEHX[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH482[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH4da1816a-4a2a[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH509310bb-4a2f-4303-8389-701a22decaeb[1].flv
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH58f6c88f19d35d09c97687168a1fc027[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH5adfff56-41b0[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH63934d25-6bf0[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH695bc071fbc3587edf368cc0f2c8deb3[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH6ea31f74b7ddf57b09108084414b44b9[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH706f8d04d10b70884e463c32731ba4f9[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH72961245[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH72961245[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH72961245[3].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH72961245[4].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH7624[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH767dde38fe82be6f012ae3d1ad1821ca[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH7710243c6e7ec349cafa76138777be5a[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH7fd1cbcb7bc0e239cd35fd6daa85d4f8[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH7fe41776a01a2fcf928347d6ecf5b09b[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH80[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH840a5fb6eadf40446260e7a0b315ced1[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH86715_3b5d5439[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH86715_8cca27a6[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH86715_c20e3b9f[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH86715_e0c1b25d[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH877e56da810f2bcb305614a1ffa6d2e4[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH8d9486582ff7a548a47f9208e313def3[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH91371-15[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH91373-15[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH91375-15[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH91375-15[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH91375-2[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH9734250202a86281bbfdb8718a152a7e[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SH9d4f76a5461be3f011df76da4b61a01b_1377681985[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHa23abdf331aa2ea215dd1313f98811b5[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHa26028f59012b40c08ad236b07be0731[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHa8445f82-3b13[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHaa5a1f250643f55e804b3aedcbb21c6f[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHachetez-des-timbres[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHactionF[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHad5a1eadf447656034a80d1cb54a1a56[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHads[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHads[2].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHadview[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHafs[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHafs[2].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHalice[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHall[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHall[3].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHapi_autocompleteplus_com[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHapi_autocompleteplus_com[2].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHarj[1]
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHarj[2]
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHarrow-down[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHarrowShopping[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHartworks[1].css
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHATLAS_PCB_1_Bn3[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHattachment[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHat[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHavira_logo[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHAWiFbACFkKg[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb-agrandir[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb-envoyer[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb-facebook[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb-facebook[2].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb-follow-twitter[1].jpg
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb-twitter[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb2d4edd4fd75520a5a488be33c809810[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb38a223b16f1951e29159f68ef55f157[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb9d3c2b55c6c29146a98393aef62b550[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHb9d3c2b55c6c29146a98393aef62b550[2].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbase[1].css
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbg_footer[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbg_header[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbg_nav_services_left[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbg_separ_vertical[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHblank[1]
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHblue_spinner[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbskDTQQ4srq[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbt_combo_ext3[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbt_combo_ext[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbullet_on[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbullet_vert[1].gif
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHbundle-searchpage[1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHBxvbPN6mYTa7RLUIAvsWow(([1].js
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHc2ee0e1b13b2f0299092a463b15cf24b[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHc2ee0e1b13b2f0299092a463b15cf24b[2].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHc40cc81f12eb3812c4960f01d362fd39[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHc5abb0a6f0486ddc4dc8b4549983fbfd[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5Y9RDT5SHc8c49e260a1b548a4fab9d87719468cb[1].png
    C:UsersInvitéAppDataRoamingMicrosoftWindowsRecentdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesVirtualizedCUsersInvitéAppDataRoamingMicrosoftWindowsPrivacIE
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE57B364N1H
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21IL
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5HH7JTAID
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5HH7JTAIDdata[1].xml
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5HH7JTAIDdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5HH7JTAIDfavicon[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5HH7JTAIDmagnify_search[1].png
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5HH7JTAIDnotifier_avira_com[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26104[1]
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26desktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26favicon[1].ico
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26favicon[2].ico
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26getTbProperties[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5FFL7DJ26IE9CompatViewList[1].xml
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21ILconfig[1].xml
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21ILdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21ILfavicon[1].ico
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21ILH3nktOa7ZMg[1].ico
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21ILLettre motivation-cas d–tude-Marie-Estelle Courteille.docx
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5B7LM21ILss_en[1].htm
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE57B364N1HCV Marie-Estelle Courteille.doc
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE57B364N1Hdesktop.ini
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE57B364N1Hfavicon[1].ico
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE57B364N1Hfavicon[2].ico
    C:UsersInvitéAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE57B364N1Hfavicon[3].ico
    C:UsersMARIE-~1AppDataLocalTempavgnt.exe
    C:UsersMARIE-~1AppDataLocalTempHistory
    C:UsersMARIE-~1AppDataLocalTempjrt
    C:UsersMARIE-~1AppDataLocalTempFichiers Internet temporairesContent.IE5
    C:UsersMARIE-~1AppDataLocalTempAdobeAcrobat
    C:WindowsTEMPCPSSMasterCatalog.ini
    C:WindowsTEMPHPAsset.msi
    C:WindowsTEMPMpCmdRun.log
    C:WindowsTEMPMpSigStub.log
    C:WindowsTEMPMPTelemetrySubmit
    C:WindowsPrefetchACRORD32.EXE-33939BD1.pf
    C:WindowsPrefetchAgAppLaunch.db
    C:WindowsPrefetchAgCx_S1_S-1-5-21-1917961054-784476770-3265431197-1000.snp.db
    C:WindowsPrefetchAgCx_SC1.db
    C:WindowsPrefetchAgCx_SC1.db.trx
    C:WindowsPrefetchAgCx_SC2.db
    C:WindowsPrefetchAgGlFaultHistory.db
    C:WindowsPrefetchAgGlFgAppHistory.db
    C:WindowsPrefetchAgGlGlobalHistory.db
    C:WindowsPrefetchAgGlUAD_P_S-1-5-21-1917961054-784476770-3265431197-1000.db
    C:WindowsPrefetchAgGlUAD_P_S-1-5-21-1917961054-784476770-3265431197-501.db
    C:WindowsPrefetchAgGlUAD_S-1-5-21-1917961054-784476770-3265431197-1000.db
    C:WindowsPrefetchAgGlUAD_S-1-5-21-1917961054-784476770-3265431197-501.db
    C:WindowsPrefetchAgRobust.db
    C:WindowsPrefetchALG.EXE-5BBFFD2F.pf
    C:WindowsPrefetchATBROKER.EXE-FF58B71D.pf
    C:WindowsPrefetchAVSHADOW.EXE-0FF3F930.pf
    C:WindowsPrefetchAVWSC.EXE-877F4F63.pf
    C:WindowsPrefetchBATTERYRECALLDETECTION.EXE-43212A97.pf
    C:WindowsPrefetchCABARC.EXE-CB8F9AC3.pf
    C:WindowsPrefetchCMD.EXE-89305D47.pf
    C:WindowsPrefetchCOM4QLBEX.EXE-6F9FBD83.pf
    C:WindowsPrefetchCONIME.EXE-B273009A.pf
    C:WindowsPrefetchCONSENT.EXE-65F6206D.pf
    C:WindowsPrefetchCSCRIPT.EXE-E4C98DEB.pf
    C:WindowsPrefetchDEFRAG.EXE-738093E8.pf
    C:WindowsPrefetchDFRGNTFS.EXE-4F838A89.pf
    C:WindowsPrefetchDLLHOST.EXE-71214090.pf
    C:WindowsPrefetchDLLHOST.EXE-893DDF55.pf
    C:WindowsPrefetchDLLHOST.EXE-C5C55E89.pf
    C:WindowsPrefetchDLLHOST.EXE-E2054E7F.pf
    C:WindowsPrefetchDWM.EXE-AEABE78B.pf
    C:WindowsPrefetchEXPLORER.EXE-7A3328DA.pf
    C:WindowsPrefetchFIREFOX.EXE-E60C0AA7.pf
    C:WindowsPrefetchFLASHPLAYERPLUGIN_11_9_900_17-A5C185A3.pf
    C:WindowsPrefetchFLASHPLAYERUPDATESERVICE.EXE-0CF170F4.pf
    C:WindowsPrefetchGOOGLEUPDATE.EXE-8973CEDD.pf
    C:WindowsPrefetchGOOGLEUPDATERSERVICE.EXE-600E0B48.pf
    C:WindowsPrefetchHCCOMMANDER.EXE-35D58C93.pf
    C:WindowsPrefetchHPASSET.EXE-71B58925.pf
    C:WindowsPrefetchHPBATCOMMANDER.EXE-3D9921EF.pf
    C:WindowsPrefetchHPCEE.EXE-D44DC0B2.pf
    C:WindowsPrefetchHPDOBJECT.EXE-4E420546.pf
    C:WindowsPrefetchHPDOWNLOAD.EXE-16630A8F.pf
    C:WindowsPrefetchHPHC.EXE-4C6EDC30.pf
    C:WindowsPrefetchHPHC_SERVICE.EXE-B8B935C8.pf
    C:WindowsPrefetchHPQTOASTER.EXE-3B718527.pf
    C:WindowsPrefetchHPSCRIPT.EXE-A7AAF454.pf
    C:WindowsPrefetchIPMGUI.EXE-2BFE8AEE.pf
    C:WindowsPrefetchJAVA.EXE-872FBD82.pf
    C:WindowsPrefetchJAVACPL.EXE-533776FD.pf
    C:WindowsPrefetchJAVAW.EXE-59CBCAE5.pf
    C:WindowsPrefetchJUCHECK.EXE-FC0B4709.pf
    C:WindowsPrefetchLayout.ini
    C:WindowsPrefetchLOGONUI.EXE-1BEE4A84.pf
    C:WindowsPrefetchMPAS-D_BD_1.165.1564.0.EXE-ABA8963C.pf
    C:WindowsPrefetchMPMINISIGSTUB.EXE-3FF10FE6.pf
    C:WindowsPrefetchMPSIGSTUB.EXE-7C60A359.pf
    C:WindowsPrefetchMSCORSVW.EXE-FAA88858.pf
    C:WindowsPrefetchMSIEXEC.EXE-B5AFA339.pf
    C:WindowsPrefetchNOTEPAD.EXE-EB1B961A.pf
    C:WindowsPrefetchNTOSBOOT-B00DFAAD.pf
    C:WindowsPrefetchPfSvPerfStats.bin
    C:WindowsPrefetchPLUGIN-CONTAINER.EXE-1D5F6C6B.pf
    C:WindowsPrefetchPRESENTATIONFONTCACHE.EXE-42767AE9.pf
    C:WindowsPrefetchPRESENTATIONSETTINGS.EXE-6F4C5E34.pf
    C:WindowsPrefetchReadyBoot
    C:WindowsPrefetchREG.EXE-26976709.pf
    C:WindowsPrefetchREGEDIT.EXE-4748FE01.pf
    C:WindowsPrefetchRESETFILETIME.EXE-14D83F34.pf
    C:WindowsPrefetchRUNDLL32.EXE-E447C111.pf
    C:WindowsPrefetchSCHTASKS.EXE-2DE769BF.pf
    C:WindowsPrefetchSEARCHFILTERHOST.EXE-AA7A1FDD.pf
    C:WindowsPrefetchSEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
    C:WindowsPrefetchSFTGC.EXE-BC1C11CF.pf
    C:WindowsPrefetchSVCHOST.EXE-135A30D8.pf
    C:WindowsPrefetchSVCHOST.EXE-8FD92526.pf
    C:WindowsPrefetchSYNTPENH.EXE-4361DC86.pf
    C:WindowsPrefetchSYNTPHELPER.EXE-4B6F43CF.pf
    C:WindowsPrefetchTASKENG.EXE-5BAF290C.pf
    C:WindowsPrefetchTASKKILL.EXE-609E34DE.pf
    C:WindowsPrefetchTRUSTEDINSTALLER.EXE-031B6478.pf
    C:WindowsPrefetchUNZIP.EXE-38755058.pf
    C:WindowsPrefetchUPDATE.EXE-3FBE35E6.pf
    C:WindowsPrefetchUPDRGUI.EXE-481C2DBF.pf
    C:WindowsPrefetchUSERINIT.EXE-F39AB672.pf
    C:WindowsPrefetchVDS.EXE-AD27F0DC.pf
    C:WindowsPrefetchVDSLDR.EXE-85F9A1C6.pf
    C:WindowsPrefetchVERCLSID.EXE-4D95F5A7.pf
    C:WindowsPrefetchVLC.EXE-CE8E9BE1.pf
    C:WindowsPrefetchVSSVC.EXE-04D079CC.pf
    C:WindowsPrefetchWERCON.EXE-FE5CD389.pf
    C:WindowsPrefetchWERFAULT.EXE-B7E27BE5.pf
    C:WindowsPrefetchWERMGR.EXE-2A1BCBC7.pf
    C:WindowsPrefetchWINRAR.EXE-6F42D4E7.pf
    C:WindowsPrefetchWMIADAP.EXE-369DF1CD.pf
    C:WindowsPrefetchWMIPRVSE.EXE-43972D0F.pf
    C:WindowsPrefetchWMPNETWK.EXE-BD0344CA.pf
    C:WindowsPrefetchWMPNSCFG.EXE-DF1DD51A.pf
    C:WindowsPrefetchWSCRIPT.EXE-65A9658F.pf
    C:WindowsPrefetchWUAUCLT.EXE-830BCC14.pf
    C:WindowsPrefetchZHPFIX.EXE-979217EA.pf
    C:WindowsPrefetchZHPHEP.EXE-69199D38.pf
    C:WindowsPrefetchReadyBootTrace1.fx
    C:WindowsPrefetchReadyBootTrace10.fx
    C:WindowsPrefetchReadyBootTrace2.fx
    C:WindowsPrefetchReadyBootTrace8.fx
    C:WindowsPrefetchReadyBootTrace9.fx

    Corbeille vidée.

    Fin du rapport.[/font:2a6pjsp5]

  • lilidurhone
    Post count: 0

    Je pense que mon Java et adobe reader sont à jour :)

    Sur ton dernier rapport zhpdiag ils n’étaient pas c’est pour cela que je t’ai dit de les mettre à jour ;)

    C’est donc terminer j’imagine :content:

    Oui :)

    Reste à enlever les outils de désinfections ;) et nettoyer les fichiers temporaires ;)

    1)SFTCG

    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    2)Delfix

    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    • Coche la case suivantes :
      • Supprimer les outils de désinfection
      • Purger la restauration système

    En tout cas merci beaucoup pour le temps passé pour mon pc :content32: !

    Pas de quoi :)

    [fin2desinf:381q8txk][/fin2desinf:381q8txk]

  • Telma
    Post count: 0

    [font=Century Gothic:3riem3bi]Je pense que mon Java et adobe reader sont à jour :)

    C'est donc terminer j'imagine :content:

    En tout cas merci beaucoup pour le temps passé pour mon pc :content32: ![/font:3riem3bi]

  • lilidurhone
    Post count: 0

    On approche de la fin ;)

    Mets java à jour(pense bien à décocher Ask ;) )
    Mets adobe reader à jour

    Si tu n’as plus de souci je te donne le final

  • Telma
    Post count: 0

    [font=Century Gothic:hlh5cosm]Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
    Fichier d'export Registre :
    Run by Marie-Estelle at 12/01/2014 22:00:16
    High Elevated Privileges : OK
    Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

    Corbeille vidée (07mn 57s)

    ========== Clés du Registre ==========
    SUPPRIMÉ: StartupReg: AppleSyncNotifier
    SUPPRIMÉ: StartupReg: Veoh
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes5B4758C25396ECF468E04F8E063287FF
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products5B4758C25396ECF468E04F8E063287FF
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components48A0552292E14244E8F3980FD3D01541
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components503398D5204CBDD48A5EE476D0CFCFEC
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5BDF578D2C71DDC4997692F83B0A5C75
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components67909B00FA069BE4E80548738FE558FB
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components698B1BCDAEA97B945AE4001A96F1E755
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7E6611210321F8640B41F98B10A8BD0A
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ADFBDCA3E069A47B07ECC2CED1E2B2
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9ED6CAB2F119182EB7D8CE7156DC0915
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA3D6A80A87E22324A91C14AEBDF78525
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB2F30BE10C5A9DD43A593262265CA298
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1322A677E76161CFC67C36E4B6D42B49
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components281E074C2C4344E4A8BB2BAE65BE729B
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components51C83A2C2B5C63748ACD3028A6DD53A5
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8385B8BE0F211B245956C67BB4BAC17E
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9CC2018422A9EAF40A57249F42102B13
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAA606EFD77B9CB34BB2DA2F45B67425E
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB767C33B25DCECA4FAD0D3B7D84B0A8E
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA177F87B6B147649BD37D43B50863E5
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCEF27165872C9BEAACED23660032D2F2
    SUPPRIMÉ: HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCFAEE3E72CC44004C998EBEE081CA40A

    ========== Valeurs du Registre ==========
    SUPPRIMÉ: TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:program fileswinampwinamp.exe
    SUPPRIMÉ: UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:program fileswinampwinamp.exe
    SUPPRIMÉ: TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:program fileswinampwinamp.exe
    SUPPRIMÉ: UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:program fileswinampwinamp.exe
    SUPPRIMÉ [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:swg

    ========== Préférences navigateur ==========
    SUPPRIMÉ Folder Chrome: C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof

    ========== Dossiers ==========
    SUPPRIMÉ: C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof
    SUPPRIMÉ: C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultextensions@FissaPlugin
    SUPPRIMÉ: C:Program FilesSpyware Doctor

    ========== Fichiers ==========
    SUPPRIMÉ: c:usersmarie-estelleappdatalocalgooglechromeuser datadefaultpreferences
    SUPPRIMÉ: c:windowstasksavg-secure-search-update_june2013_hp_rmv.job
    SUPPRIMÉ: c:windowstasksavg-secure-search-update_june2013_tb_rmv.job
    SUPPRIMÉ: C:WindowsInstaller4b06e9.msi

    ========== Tache planifiée ==========
    SUPPRIMÉ: AVG-Secure-Search-Update_JUNE2013_HP_rmv
    SUPPRIMÉ: AVG-Secure-Search-Update_JUNE2013_HP_rmv
    SUPPRIMÉ: AVG-Secure-Search-Update_JUNE2013_TB_rmv
    SUPPRIMÉ: AVG-Secure-Search-Update_JUNE2013_TB_rmv
    SUPPRIMÉ: {035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}
    SUPPRIMÉ: {04D6F92F-F963-48C0-9F4B-4511D0CE659E}
    SUPPRIMÉ: {4B671E64-3D31-445D-9676-FDA18A328F2A}
    SUPPRIMÉ: {7AF94D5F-8C16-4F20-A002-9E0F874B8576}
    SUPPRIMÉ: {85943581-0889-40CE-AB2D-C77F3FA636B7}

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès

    ========== Récapitulatif ==========
    24 : Clés du Registre
    5 : Valeurs du Registre
    3 : Dossiers
    4 : Fichiers
    1 : Préférences navigateur
    9 : Tache planifiée
    1 : Restauration Système

    End of clean in 08mn 57s

    ========== Chemin de fichier rapport ==========
    C:UsersMarie-EstelleAppDataRoamingZHPZHPFix[R1].txt – 12/01/2014 22:08:14 [5428]

    encore merci pour votre aide[/font:hlh5cosm]

  • lilidurhone
    Post count: 0

    • Copies uniquement les lignes indiquées en gras ci-dessous dans le presse papier soit le bloc note(tu surlignes avec la souris puis clic droit copier de Script ZHPFix jusqu’à la fin soit sysrestore)

      Script ZHPFix
      G2 – GCE: Preference [User DataDefault] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.15.5.0.2 (Désactivé) =>Toolbar.AVGSearch
      G2 – GCE: Preference [User DataDefault] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
      M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.default@FissaPlugin] [] Fissa v1.0 (..) =>PUP.OfferBox
      O39 – APT:Automatic Planified Task – C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
      O39 – APT:Automatic Planified Task – C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
      [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (…) — C:WindowsTEMP{42442D61-6FB2-4A99-80CC-3EC4D9DAA021}.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (…) — C:WindowsTEMP{26E15C44-6DA3-4EC0-8164-B7DB49238A7F}.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}] (…) — E:.Autorun.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{04D6F92F-F963-48C0-9F4B-4511D0CE659E}] (…) — C:Program FilesAIM6uninst.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{4B671E64-3D31-445D-9676-FDA18A328F2A}] (…) — C:Program FilesQuickTimeQTSystemQuickTime.cpl” -c QuickTime (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{7AF94D5F-8C16-4F20-A002-9E0F874B8576}] (…) — E:.Autorun.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{85943581-0889-40CE-AB2D-C77F3FA636B7}] (…) — C:UsersMarie-EstelleDownloads601_b021_multilanguage.exe (.not file.) [0]
      O43 – CFD: 24/02/2010 – 10:33:36 – [1,760] —-D C:Program FilesSpyware Doctor
      O53 – SMSR:HKLM…startupregAppleSyncNotifier [Key] . (…) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe (.not file.)
      O53 – SMSR:HKLM…startupregVeoh [Key] . (…) — C:Program FilesVeoh NetworksVeohVeohClient.exe (.not file.)
      O87 – FAEL: “TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:program fileswinampwinamp.exe” |In – Public – P6 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
      O87 – FAEL: “UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:program fileswinampwinamp.exe” |In – Public – P17 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
      O87 – FAEL: “TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:program fileswinampwinamp.exe” |In – Private – P6 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
      O87 – FAEL: “UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:program fileswinampwinamp.exe” |In – Private – P17 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
      [MD5.AA5F8DEF4C6C587D88EE5A7791B8D1D6] [WIS][06/06/2010] (.Secure Digital Services – OfferBox.) — C:WindowsInstaller4b06e9.msi [3062272] =>Adware.SPointer

      [HKLMSoftwareGoogleChromeExtensionsndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
      [HKLMSoftwareGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
      [HKCU{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}] =>Adware.DoubleD
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components48A0552292E14244E8F3980FD3D01541] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components503398D5204CBDD48A5EE476D0CFCFEC] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5BDF578D2C71DDC4997692F83B0A5C75] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components67909B00FA069BE4E80548738FE558FB] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components698B1BCDAEA97B945AE4001A96F1E755] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7E6611210321F8640B41F98B10A8BD0A] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ADFBDCA3E069A47B07ECC2CED1E2B2] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9ED6CAB2F119182EB7D8CE7156DC0915] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA3D6A80A87E22324A91C14AEBDF78525] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB2F30BE10C5A9DD43A593262265CA298] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1322A677E76161CFC67C36E4B6D42B49] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components281E074C2C4344E4A8BB2BAE65BE729B] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components51C83A2C2B5C63748ACD3028A6DD53A5] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8385B8BE0F211B245956C67BB4BAC17E] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9CC2018422A9EAF40A57249F42102B13] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAA606EFD77B9CB34BB2DA2F45B67425E] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB767C33B25DCECA4FAD0D3B7D84B0A8E] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA177F87B6B147649BD37D43B50863E5] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCEF27165872C9BEAACED23660032D2F2] =>PUP.Offerbox^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCFAEE3E72CC44004C998EBEE081CA40A] =>PUP.Offerbox^
      [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:swg =>Toolbar.Google^
      C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
      C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionspflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
      C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultextensions@FissaPlugin =>PUP.OfferBox^
      C:WindowsInstaller4b06e9.msi =>Adware.SPointer^
      Sysrestore

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Puis Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
  • Telma
    Post count: 0

    [font=Century Gothic:2gh9qzxw]Voici le rapport :

    Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org

    Version de la base de données: v2014.01.12.05

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Marie-Estelle :: PC-MARIE-ESTELL [administrateur]

    12/01/2014 15:28:43
    mbam-log-2014-01-12 (15-28-43).txt

    Type d'examen: Examen complet (C:|D:|)
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 549888
    Temps écoulé: 4 heure(s), 29 minute(s), 41 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 1
    HKCU{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 2
    C:UsersMarie-EstelleDownloadsNouveau dossierSoftonicDownloader_pour_core-temp.exe (PUP.OfferBundler.ST) -> Mis en quarantaine et supprimé avec succès.
    C:UsersMarie-EstelleDownloadsNouveau dossiermirc717.exe (PUP.Optional.OpenCandy) -> Mis en quarantaine et supprimé avec succès.

    (fin)[/font:2gh9qzxw]

  • lilidurhone
    Post count: 0

    • Télécharge MalwareBytes Anti-Malware
    • Installe le. Décoche “Activer l’essai gratuit de Malwarebytes Anti-Malware PRO”
    • Lance Malwarebytes’ Anti-Malware.
    • Clic sur l’onglet “Mises à jours” puis sur “Rechercher des mises à jours”
    • Clic sur l’onglet “Recherche“, coche “éxécuter un examen complet” puis clic sur Rechercher

    • A la fin de l’analyse, si MBAM n’a rien trouvé :
      • Clic sur OK, le rapport s’ouvre spontanément
    • Si des menaces ont été détectées :
      • Clic sur OK puis “Afficher les résultats
      • Choisis l’option “Supprimer la sélection
      • Si MBAM demande le redémarrage de Windows : Clic sur “Oui
      • Une fois le PC redémarré, le rapport se trouve dans l’onglet “Rapports/Logs
      • Sinon le rapport s’ouvre automatiquement après la suppression
      • Poste le rapport dans ta prochaine réponse

  • Telma
    Post count: 0

    [font=Century Gothic:3dwpbomu]voici le nouveau rapport ZHPDiag

    ~ Rapport de ZHPDiag v2013.12.26.23 – Nicolas Coolman (26/12/2013)
    ~ Lancé par Marie-Estelle (12/01/2014 12:44:49)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC):

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox 26.0 (Defaut)
    GCIE: Google Chrome v31.0.1650.63
    OBIE: Safari v5.31.22.7

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : WQD8Q
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système
    Avira Free Antivirus v14.0.2.286

    —\ Logiciels d'optimisation du système
    CCleaner v3.17 =>Piriform Ltd

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 Plugin
    Adobe Reader X
    Java 7 Update 21

    —\ Informations sur le système
    ~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3069 MB (54% free)
    System Restore: Activé (Enable)
    System drive C: has 58 GB (25%) free of 224 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-MARIE-ESTELL
    ~ User Name: Marie-Estelle
    ~ All Users Names: Marie-Estelle, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMarie-EstelleAppDataRoamingZHP
    ~ %AppData% : C:UsersMarie-EstelleAppDataRoaming
    ~ %Desktop% : C:UsersMarie-EstelleDesktop
    ~ %Favorites% : C:UsersMarie-EstelleFavorites
    ~ %LocalAppData% : C:UsersMarie-EstelleAppDataLocal
    ~ %StartMenu% : C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 224 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)
    E: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 45 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WindowsExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.21/01/2008 – 03:23:42.) — C:WindowsSystem32Wininit.exe [96768]
    [MD5.4CC9DF09C3D915BA0A101A11DB684F26] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.14/11/2013 – 23:42:41.) — C:WindowsSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d'ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WindowsSystem32Winlogon.exe [314368]
    [MD5.3911B972B55FEA0478476B2E777B29FA] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.21/04/2011 – 14:58:27.) — C:Windowssystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:Windowssystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.21/01/2008 – 03:23:51.) — C:Windowssystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:Windowssystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:Windowssystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:Windowssystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.21/01/2008 – 03:23:20.) — C:Windowssystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.21/01/2008 – 03:24:25.) — C:Windowssystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:Windowssystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:Windowssystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:Windowssystem32Driversntfs.sys [1082232]
    [MD5.0FA9B5055484649D63C303FE404E5F4D] – (.Microsoft Corporation – Pilote de port parallèle.) (.02/11/2006 – 09:51:30.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/01/2008 – 03:24:55.) — C:Windowssystem32DriversRasl2tp.sys [76288]
    [MD5.FBC0BACD9C3D7F6956853F64A66E252D] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.21/01/2008 – 03:23:01.) — C:Windowssystem32Driversrdpdr.sys [248832]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:Windowssystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:Windowssystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:Windowssystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/1055
    ~ Mes musiques (My Musics) : 123/2452
    ~ Mes Videos (My Videos) : 1/38
    ~ Mes Favoris (My Favorites) : 49/120
    ~ Mes Documents (My Documents) : 4/9525
    ~ Mon Bureau (My Desktop) : 1/1383
    ~ Menu demarrer (Programs) : 1/36
    ~ Hidden Files: Scanned in 00mn 12s

    —\ Processus lancés
    [MD5.94444693EA13A72F6820DFF844A1122E] – (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe [2299176] [PID.3676]
    [MD5.CF9DB56F71BC9738DE7F2A808EAAD124] – (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe [468264] [PID.3708]
    [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] – (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe [1008184] [PID.3716]
    [MD5.6FC398F279D5F5E53E61683B5450195D] – (. Hewlett-Packard Development Company, L.P. – Quick Launch Buttons.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe [202032] [PID.3728]
    [MD5.544C1EF07AEC178A83538A251A72CE13] – (. Hewlett-Packard Development Company, L.P. – HP QuickTouch On Screen Display.) — C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe [554288] [PID.3736]
    [MD5.8CB896C573FD15AE8B13180DA53E93D2] – (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe [488752] [PID.3752]
    [MD5.95D0EA1BECAD6D781C3D09AEC1295E8F] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHPHP Software Updatehpwuschd2.exe [49208] [PID.3776]
    [MD5.52D28AE9E168BA60F2DFA00EDD101B14] – (.Research In Motion Limited – Launch Agent Service.) — C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe [79192] [PID.3784]
    [MD5.F4A92F112DF5A27C542EC0C0B41ABAEF] – (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program FilesSamsungKiesKiesTrayAgent.exe [309688] [PID.3840]
    [MD5.DD231039B13EC2ABDE315D76E658EF0E] – (.Avira Operations GmbH & Co. KG – Antivirus System Tray Tool (Desktop).) — C:Program FilesAviraAntiVir Desktopavgnt.exe [684600] [PID.3848]
    [MD5.BF9C0C31202259D2BE2B7072499504CE] – (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe [458844] [PID.3868]
    [MD5.6CF023F0A798C56599B8EA9FF9F083A0] – (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe [2289664] [PID.3900]
    [MD5.ABB1700E36617799F044FB3437AB6A91] – (.Samsung – Kies.) — C:Program FilesSamsungKiesKies.exe [968120] [PID.4024]
    [MD5.D24B30B55A3E3BB9040957D79D78EB46] – (.Samsung – KiesPDLR.) — C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe [1104824] [PID.4064]
    [MD5.8D07F0687318214A3CEF62EA1048D101] – (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP wireless AssistantWiFiMsg.exe [316720] [PID.4948]
    [MD5.1EDC4865C8003A0251956835273904B1] – (.Pas de propriétaire – HpqToaster Module.) — C:Program FilesHewlett-PackardSharedHpqToaster.exe [685360] [PID.5020]
    [MD5.3E802CE450D0E7A234978E9A2EA4772A] – (.Synaptics Incorporated – Synaptics Pointing Device Helper.) — C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.exe [107816] [PID.5196]
    [MD5.E433210DD9F9EF43D4D170E52FFFF116] – (.Microsoft Corporation – Microsoft Word.) — C:Program FilesMicrosoft OfficeOffice14WINWORD.exe [1423008] [PID.3556]
    [MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.5300]
    [MD5.1EEA6C1B35191DC177EA83672B9C3FC0] – (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe [275568] [PID.5688]
    [MD5.870DF389D7676EDBB635141336A867C6] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8302080] [PID.2084]
    [MD5.0DD74786D22EDFF0CE5B8E1B1E398618] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program FilesMozilla Firefoxplugin-container.exe [18544] [PID.5332]
    [MD5.5D60EE718D0C708D69DFF4B3336B68BF] – (.Adobe Systems, Inc. – Adobe Flash Player 11.9 r900.) — C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.2792]
    [MD5.05AE358CD777BF8857F512A18E1DE7AA] – (.IDT, Inc. – IDT PC Audio.) — C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046STacSV.exe [221266] [PID.1168]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1360]
    [MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] – (.Hewlett-Packard Company – HpService.) — C:Windowssystem32Hpservice.exe [26168] [PID.1472]
    [MD5.FE79366FECD444A16CCA9979134DBEA8] – (.Avira Operations GmbH & Co. KG – Antivirus Host Framework Service.) — C:Program FilesAviraAntiVir Desktopsched.exe [440376] [PID.1840]
    [MD5.23C3A0680042C0D1DE1F360F8B62BC57] – (.Microsoft Corporation – Infrastructure d'extensibilité pour les ser.) — C:Windowssystem32WLANExt.exe [74240] [PID.1852]
    [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [65640] [PID.356]
    [MD5.827DBC22C96EECF6D36A13162FABAFD3] – (.Andrea Electronics Corporation – Andrea filters APO access service (32-bit).) — C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046aestsrv.exe [81920] [PID.476]
    [MD5.FDE9C7030FB1E9E2715E113EE6A10F90] – (.Avira Operations GmbH & Co. KG – Antivirus Host Framework Service.) — C:Program FilesAviraAntiVir Desktopavguard.exe [440376] [PID.468]
    [MD5.F401929EE0CC92BFE7F15161CA535383] – (.Apple Inc. – MobileDeviceService.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55184] [PID.560]
    [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [390504] [PID.848]
    [MD5.984ECB68ED2A2B2E6A544E87E24FBA2D] – (.Hewlett-Packard Company – LightScribe Service.) — C:Program FilesCommon FilesLightScribeLSSrvc.exe [73728] [PID.1288]
    [MD5.026D1FA4033B82F18B99E44351D7E82E] – (.Pas de propriétaire – CLCapSvc Module.) — C:Program FilesHPQuickPlayKernelTVQPCapSvc.exe [292248] [PID.2104]
    [MD5.B9570481A1BABCC4A9E941C553596077] – (.Pas de propriétaire – Application MFC STServices.) — C:WindowsSMINSTBLService.exe [341328] [PID.2164]
    [MD5.17E0BEF5CA5C9CE52CC8082AC6EBC449] – (.Pas de propriétaire – RichVideo Module.) — C:Program FilesCyberLinkShared FilesRichVideo.exe [272024] [PID.2224]
    [MD5.6F1E9AB820B3DD8BD38C0190A206205D] – (.Avira Operations GmbH & Co. KG – AntiVir shadow copy service.) — C:Program FilesAviraAntiVir Desktopavshadow.exe [431672] [PID.3880]
    [MD5.A1545B731579895D8CC44FC0481C1192] – (.Microsoft Corporation – Service de la passerelle de la couche Appli.) — C:WindowsSystem32alg.exe [59392] [PID.2832]
    [MD5.D50FDAD1E57AA60F1973CFC77D905F0E] – (.Hewlett-Packard Development Company, L.P. – hpqwmiex Module.) — C:Program FilesHewlett-PackardSharedhpqwmiex.exe [148832] [PID.4848]
    [MD5.7795F8CEBC284A426B53F541E538695F] – (.Hewlett-Packard Development Company, L.P. – Com for QLB application.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe [193840] [PID.4976]
    [MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] – (.Hewlett-Packard – HP Health Check Service.) — c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [94208] [PID.5880]
    [MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] – (.Microsoft Corporation – Microsoft Office Software Protection Platfo.) — C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.exe [4640000] [PID.5840]
    ~ Processes Running: Scanned in 00mn 02s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultPreferences
    G1 – GCS: Preference [User DataDefault] http://www.google.com” onclick=”window.open(this.href);return false;
    G2 – GCE: Preference [User DataDefault] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.15.5.0.2 (Désactivé) =>Toolbar.AVGSearch
    G2 – GCE: Preference [User DataDefault] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
    ~ Google Browser: 15 Legitimates Filtered in 00mn 03s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultprefs.js
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.default@FissaPlugin] [] Fissa v1.0 (..) =>PUP.OfferBox
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.defaultzigboom.designs@gmail.com] [] BlackFox V2-Blue v2.1.6 (..)
    ~ Firefox Browser: 38 Legitimates Filtered in 00mn 01s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R4 – HKCUSOFTWAREMicrosoftInternet ExplorerPhishingFilter,Enabled = 1
    ~ IE Browser: 12 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    —\ Internet Explorer Toolbars (O3)
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{A057A204-BACC-4D26-9E83-2DB586E27190} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{472734EA-242A-422B-ADF8-83D1E48CC825} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Aide et Support d'HP.lnk . (.Hewlett-Packard – HPHS Launcher.) — C:WindowsHelpOEMscriptsHPHS_Launcher.exe
    O4 – GSDesktop [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard – HP Advisor.) — C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe
    O4 – GSDesktop [Public]: Octave.lnk . (…) — C:Program FilesOctave3.0.5_gcc-4.3.0binoctave-3.0.5.exe
    O4 – GSProgram [Public]: cellule_3D.lnk . (…) — C:Program Filesplanetes3Dplanet3D.exe
    O4 – GSProgram [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard – HP Advisor.) — C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe
    O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSProgram [Public]: Pour les enfants.lnk . (.EasyBits Software AS – For Kids.) — C:Program FilesEasyBits For KidsPromoezKidsReady.exe =>.EasyBits Software AS
    O4 – GSProgram [Public]: QuickPlay Manager.lnk . (.CyberLink Corp. – HP QuickPlay Manage Program.) — C:Program FilesHPQuickPlayQPManager.exe
    O4 – GSProgram [Public]: QuickPlay.lnk . (.CyberLink Corp. – HP QuickPlay.) — C:Program FilesHPQuickPlayQP.exe
    O4 – GSProgram [Public]: Starzik Download Manager.lnk . (…) — C:Program FilesStarzik Download ManagerStarzik Download Manager.exe
    O4 – GSQuickLaunch [Marie-Estelle]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSQuickLaunch [Marie-Estelle]: Mozilla Firefox (2).lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSQuickLaunch [Marie-Estelle]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSProgram [Marie-Estelle]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSSystemTools [Marie-Estelle]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSDesktop [Marie-Estelle]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Marie-Estelle]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSDesktop [Marie-Estelle]: planete3D.lnk . (…) — C:Program Filesplanetes3Dplanet3D.exe
    ~ Global Startup: 72 Legitimates Filtered in 00mn 01s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – HKLM..Run: [SynTPEnh] . (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [QPService] . (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe
    O4 – HKLM..Run: [Windows Defender] . (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe
    O4 – HKLM..Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. – Quick Launch Buttons.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
    O4 – HKLM..Run: [OnScreenDisplay] . (. Hewlett-Packard Development Company, L.P. – HP QuickTouch On Screen Display.) — C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
    O4 – HKLM..Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    O4 – HKLM..Run: [AppleSyncNotifier] . (.Apple Inc. – AppleSyncNotifier.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
    O4 – HKLM..Run: [HP Health Check Scheduler] . (.Hewlett-Packard – HP Health Check Scheduler.) — c:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    O4 – HKLM..Run: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHpHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited – Launch Agent Service.) — C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program FilesSamsungKiesKiesTrayAgent.exe =>.Samsung Electronics Co
    O4 – HKLM..Run: [avgnt] . (.Avira Operations GmbH & Co. KG – Antivirus System Tray Tool (Desktop).) — C:Program FilesAviraAntiVir Desktopavgnt.exe
    O4 – HKLM..Run: [BCSSync] . (.Microsoft Corporation – Microsoft Office 2010 component.) — C:Program FilesMicrosoft OfficeOffice14BCSSync.exe =>.Microsoft Corporation
    O4 – HKLM..Run: [SysTrayApp] . (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [LightScribe Control Panel] . (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe
    O4 – HKCU..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKCU..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program FilesSamsungKiesKies.exe
    O4 – HKCU..Run: [KiesAirMessage] . (.Samsung Electronics – Pas de description.) — C:Program FilesSamsungKiesKiesAirMessage.exe
    O4 – HKCU..Run: [WMPNSCFG] . (.Microsoft Corporation – Application de configuration du service Par.) — C:Program FilesWindows Media PlayerWMPNSCFG.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [LightScribe Control Panel] . (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program FilesSamsungKiesKies.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [KiesAirMessage] . (.Samsung Electronics – Pas de description.) — C:Program FilesSamsungKiesKiesAirMessage.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [WMPNSCFG] . (.Microsoft Corporation – Application de configuration du service Par.) — C:Program FilesWindows Media PlayerWMPNSCFG.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft Office OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~3Office12ONBttnIE.dll
    O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOffice12REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCCSServicesTcpip..{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCS1ServicesTcpip..{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCS3ServicesTcpip..{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Windows Live Album Download Protocol Handle.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O18 – Filter: text/xml – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon Filesmicrosoft sharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l'interface utilisateur du.) — C:WindowsSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT:Automatic Planified Task – C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
    O39 – APT:Automatic Planified Task – C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
    [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (…) — C:WindowsTEMP{42442D61-6FB2-4A99-80CC-3EC4D9DAA021}.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (…) — C:WindowsTEMP{26E15C44-6DA3-4EC0-8164-B7DB49238A7F}.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}] (…) — E:.Autorun.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{04D6F92F-F963-48C0-9F4B-4511D0CE659E}] (…) — C:Program FilesAIM6uninst.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{4B671E64-3D31-445D-9676-FDA18A328F2A}] (…) — C:Program FilesQuickTimeQTSystemQuickTime.cpl” -c QuickTime (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{7AF94D5F-8C16-4F20-A002-9E0F874B8576}] (…) — E:.Autorun.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{85943581-0889-40CE-AB2D-C77F3FA636B7}] (…) — C:UsersMarie-EstelleDownloads601_b021_multilanguage.exe (.not file.) [0]
    ~ Scheduled Task: 25 Legitimates Filtered in 00mn 05s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 18/11/2010 – 21:33:05 – [1,658] —-D C:Program Filesplanetes3D
    O43 – CFD: 24/02/2010 – 10:33:36 – [1,760] —-D C:Program FilesSpyware Doctor
    O43 – CFD: 05/04/2011 – 10:38:07 – [0] –H-D C:ProgramDatacJb31001dNaIa31001
    ~ Program Folder: 216 Legitimates Filtered in 01mn 01s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.6361D50FE0AD8ECC249D6A7CB37B514B] – 29/12/2013 – 20:20:07


    . (…) — C:UsbFix [Scan 1] PC-MARIE-ESTELL.txt [12880]
    O44 – LFC:[MD5.5F8BDF657FD65DE8803D7C494611679C] – 29/12/2013 – 20:43:49


    . (…) — C:UsbFix [Scan 2] PC-MARIE-ESTELL.txt [13094]
    O44 – LFC:[MD5.36A47F2E5C9049A2464D134386FFBF23] – 29/12/2013 – 21:15:53 —A- . (…) — C:UsbFix [Clean 1] PC-MARIE-ESTELL.txt [17272]
    O44 – LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] – 30/12/2013 – 20:34:38 —A- . (…) — C:WindowsSystem32DOErrors.log [52]
    ~ Files: 12 Legitimates Filtered in 00mn 04s

    —\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregAppleSyncNotifier [Key] . (…) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe (.not file.)
    O53 – SMSR:HKLM…startupregVeoh [Key] . (…) — C:Program FilesVeoh NetworksVeohVeohClient.exe (.not file.)
    ~ SMSR Keys: 8 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    ~ MWPS: 17 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “AllowLegacyWebView”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “AllowUnhashedWebView”=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] – 29/10/2012 – 12:09:26 —A- . (.Devguru Co., Ltd – Device Error Recovery SDK(x86).) — C:WindowsSystem32Driversdgderdrv.sys [20032]
    O58 – SDL:[MD5.23B62471681A124889978F6295B3F4C6] – 21/01/2008 – 03:23:22 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [342584]
    O58 – SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] – 24/01/2008 – 14:23:12 —A- . (.ENE TECHNOLOGY INC. – ENE CIR Driver for eHome.) — C:WindowsSystem32Driversenecir.sys [52736]
    O58 – SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] – 02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WindowsSystem32Driversiteatapi.sys [35944]
    O58 – SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] – 02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WindowsSystem32Driversiteraid.sys [35944]
    O58 – SDL:[MD5.1FC8A7E5C3AED31F00940C6AB2FD9B49] – 31/07/2006 – 06:44:00 —A- . (.Omnivision Technologies, Inc. – Stream Class Mini Driver.) — C:WindowsSystem32Driversov550i.sys [580992]
    O58 – SDL:[MD5.A36EE93698802CD899F98BFD553D8185] – 27/07/2013 – 08:41:54 —A- . (.Avira GmbH – AVIRA SnapShot Driver.) — C:WindowsSystem32Driversssmdrv.sys [28520]
    O58 – SDL:[MD5.6CC6C4B9D7B906A151AA094CA087B9F0] – 20/09/2012 – 05:35:36 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG USB Composite Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudbus.sys [83168]
    O58 – SDL:[MD5.359FEE084F1173FFFFD7F9CCBD43D47F] – 20/09/2012 – 05:35:36 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG Android Modem Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudmdm.sys [181344]
    O58 – SDL:[MD5.E69A606872650B46DE54EC15DCC93529] – 21/07/2009 – 22:33:32 —A- . (.IDT, Inc. – IDT PC Audio.) — C:WindowsSystem32Driversstwrt.sys [409088]
    O58 – SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] – 21/01/2008 – 03:23:20 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WindowsSystem32Driversuliahci.sys [238648]
    O58 – SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] – 02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WindowsSystem32Driversulsata.sys [98408]
    O58 – SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] – 21/01/2008 – 03:23:23 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WindowsSystem32Driversulsata2.sys [115816]
    O58 – SDL:[MD5.EAFE1E00739AFE6C51487A050E772E17] – 15/02/2012 – 10:01:50 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl.sys [43520]
    O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 02/11/2006 – 08:09:42 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 02/11/2006 – 08:09:45 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] – 02/11/2006 – 08:09:41 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] – 02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] – 02/11/2006 – 08:09:29 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 02/11/2006 – 08:09:35 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 02/11/2006 – 08:09:38 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 02/11/2006 – 08:09:40 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 02/11/2006 – 08:09:31 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] – 02/11/2006 – 08:09:20 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] – 02/11/2006 – 08:09:23 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] – 02/11/2006 – 08:09:24 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] – 02/11/2006 – 08:09:26 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:[MD5.D86B6435729231C171432B4E77801BDB] – 02/11/2006 – 08:09:22 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 17 Legitimates Filtered in 00mn 05s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Apple Inc. – Safari.) — C:Program FilesSafariSafari.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {114C8D1F-DE4F-4720-933A-00D3637B24BA} – (Google) – http://www.google.fr” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.EFB2EE170955A1DC38485D66EB480174] [SPRF][29/11/2009] (…) — C:ProgramDataezsid.dat [32]
    [MD5.62309BE7E101E990C51687656571B41B] [SPRF][30/12/2013] (…) — C:UsersMarie-EstelleAppDataLocald3d9caps.dat [7620]
    [MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (…) — C:UsersMarie-EstelleAppDataLocalTempQuarantine.exe [360051]
    [MD5.C5650C059185D351AEF801D90A93B0D7] [SPRF][27/04/2011] (…) — C:UsersMarie-EstelleAppDataRoamingwklnhst.dat [1166]
    [MD5.1027DF7F909776789D9D1C2C30410166] [SPRF][28/01/2013] (…) — C:UsersMarie-EstelleDesktopOOo_3.3.0_Win_x86_install-wJRE_fr.exe [152474936]
    [MD5.6F678556A6FCE04FC94F3435F6313705] [SPRF][25/12/2008] (…) — C:WindowsDownloaded Program Filesunagiuninst.exe [38428]
    ~ Files: 7 Legitimates Filtered in 00mn 05s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:program fileswinampwinamp.exe” |In – Public – P6 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    O87 – FAEL: “UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:program fileswinampwinamp.exe” |In – Public – P17 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    O87 – FAEL: “TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:program fileswinampwinamp.exe” |In – Private – P6 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    O87 – FAEL: “UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:program fileswinampwinamp.exe” |In – Private – P17 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    ~ Firewall: 208 Legitimates Filtered in 00mn 02s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “EFE665B6D1CDF17439DD483862361F04” . (.OVT Scanner X86.) — C:WindowsInstaller{6B566EFE-DC1D-471F-93DD-84832663F140}ARPPRODUCTICON.exe
    ~ Update Products: 118 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.899D66C970CC0581A87DD871DAEA812A] [WIS][06/03/2013] (.STARZIK INVEST – Starzik Download Manager.) — C:WindowsInstaller1533872.msi [48128]
    [MD5.AA5F8DEF4C6C587D88EE5A7791B8D1D6] [WIS][06/06/2010] (.Secure Digital Services – OfferBox.) — C:WindowsInstaller4b06e9.msi [3062272] =>Adware.SPointer
    ~ WIS: 122 Legitimates Filtered in 00mn 14s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 12/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Demand 21/12/2008 242424 | (GameConsoleService) . (.WildTangent, Inc..) – C:Program FilesHP GamesMy HP Game ConsoleGameConsoleService.exe
    SS – | Auto 11/12/2009 133104 | (gupdate1ca7aad806c04f5) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 11/12/2009 133104 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Auto 31/10/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
    SS – | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SS – | Demand 22/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 14/05/2008 116112 | (QPSched) . (…) – C:Program FilesHPQuickPlayKernelTVQPSched.exe
    SS – | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe

    SR – | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SR – | Auto 02/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) – C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046aestsrv.exe
    SR – | Auto 19/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) – C:Program FilesAviraAntiVir Desktopsched.exe
    SR – | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) – C:Program FilesAviraAntiVir Desktopavguard.exe
    SR – | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Demand 03/04/2008 193840 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe
    SR – | Auto 21/01/2008 21504 | C:WindowsSystem32ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) – C:WindowsSystem32svchost.exe
    SR – | Auto 09/10/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) – c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
    SR – | Demand 25/01/2008 148832 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
    SR – | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) – C:WindowsSystem32Hpservice.exe
    SR – | Auto 26/02/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) – C:Program FilesCommon FilesLightScribeLSSrvc.exe
    SR – | Auto 14/05/2008 292248 | (QPCapSvc) . (…) – C:Program FilesHPQuickPlayKernelTVQPCapSvc.exe
    SR – | Auto 26/03/2008 341328 | (Recovery Service for Windows) . (…) – C:WindowsSMINSTBLService.exe
    SR – | Auto 09/01/2007 272024 | (RichVideo) . (…) – C:Program FilesCyberLinkShared FilesRichVideo.exe
    SR – | Auto 21/07/2009 221266 | (STacSV) . (.IDT, Inc..) – C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046STacSV.exe
    SR – | Auto 21/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 21/01/2008 21504 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe

    ~ Services: Scanned in 00mn 15s

    —\ Scan Additionnel (O88)
    Database Version : 13013 – (26/12/2013)
    Clés trouvées (Keys found) : 25
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 3
    Fichiers trouvés (Files found) : 1

    [HKLMSoftwareGoogleChromeExtensionsndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
    [HKLMSoftwareGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
    [HKCU{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}] =>Adware.DoubleD
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components48A0552292E14244E8F3980FD3D01541] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components503398D5204CBDD48A5EE476D0CFCFEC] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5BDF578D2C71DDC4997692F83B0A5C75] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components67909B00FA069BE4E80548738FE558FB] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components698B1BCDAEA97B945AE4001A96F1E755] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7E6611210321F8640B41F98B10A8BD0A] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ADFBDCA3E069A47B07ECC2CED1E2B2] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9ED6CAB2F119182EB7D8CE7156DC0915] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA3D6A80A87E22324A91C14AEBDF78525] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB2F30BE10C5A9DD43A593262265CA298] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1322A677E76161CFC67C36E4B6D42B49] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components281E074C2C4344E4A8BB2BAE65BE729B] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components51C83A2C2B5C63748ACD3028A6DD53A5] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8385B8BE0F211B245956C67BB4BAC17E] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9CC2018422A9EAF40A57249F42102B13] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAA606EFD77B9CB34BB2DA2F45B67425E] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB767C33B25DCECA4FAD0D3B7D84B0A8E] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA177F87B6B147649BD37D43B50863E5] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCEF27165872C9BEAACED23660032D2F2] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCFAEE3E72CC44004C998EBEE081CA40A] =>PUP.Offerbox^
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:swg =>Toolbar.Google^
    C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
    C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionspflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultextensions@FissaPlugin =>PUP.OfferBox^
    C:WindowsInstaller4b06e9.msi =>Adware.SPointer^
    ~ Additionnel Scan: 431595 Items scanned in 00mn 38s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox” onclick=”window.open(this.href);return false; =>PUP.OfferBox
    ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer” onclick=”window.open(this.href);return false; =>Adware.SPointer
    ~ http://nicolascoolman.webs.com/apps/blog/show/26668292-adware-doubled” onclick=”window.open(this.href);return false; =>Adware.DoubleD
    ~ MSI: 4 link(s) detected in 00mn 38s

    ~ 1240 Legitimates filtered by white list
    End of the scan (546 lines in 03mn 19s)(0)[/font:3dwpbomu]

  • lilidurhone
    Post count: 0

    Pas de souci ;)

    On s’occupe de finir la désinfection de celui-ci ;)

    Refais un zhpdiag

  • Telma
    Post count: 0

    [font=Century Gothic:2q1qegqc]Bonjour,
    Bonne année 2014 !!! J'espère que vos fêtes de fin d'année se sont bien passées!

    Je n'avais pas vu la suite… (elle était passé en page 3!)

    Voici le rapport suivant :
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.0 (01.07.2014:1)
    OS: Windows Vista (TM) Home Premium x86
    Ran by Marie-Estelle on 11/01/2014 at 11:21:13,10
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun\offerbox
    Successfully repaired: [Registry Value] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain\Default_Page_URL
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerMain\Default_Page_URL

    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesinstallerfeatures5b4758c25396ecf468e04f8e063287ff
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesinstallerproducts5b4758c25396ecf468e04f8e063287ff
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{6D540A73-45F2-42EA-9A77-5480E8862382}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{A863C3BD-F069-4CAC-9E4B-700F62C643D2}

    ~~~ Files

    ~~~ Folders

    Successfully deleted: [Empty Folder] C:UsersMarie-Estelleappdatalocal{15D4D0A1-49A8-4851-9907-10BACB6F1303}
    Successfully deleted: [Empty Folder] C:UsersMarie-Estelleappdatalocal{453CE504-5D28-429C-866C-8AD7825CB139}
    Successfully deleted: [Empty Folder] C:UsersMarie-Estelleappdatalocal{6D955F4C-D154-42C3-B7F8-30FE03D3DAE3}
    Successfully deleted: [Empty Folder] C:UsersMarie-Estelleappdatalocal{7A0ECB45-5A94-4213-B567-8BBB2830D81D}

    ~~~ FireFox

    Emptied folder: C:UsersMarie-EstelleAppDataRoamingmozillafirefoxprofiles3dhaobu0.defaultminidumps [96 files]

    ~~~ Chrome

    Successfully deleted: [Folder] C:UsersMarie-EstelleappdatalocalGoogleChromeUser DataDefaultExtensionspflphaooapbgpeakohlggbpidpppgdff

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 11/01/2014 at 11:28:25,18
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    sinon j''ai une autre question par rapport à mmon nouvel ordi que j'ai eu à Noël… c'est un acer aspire, avec la mise à jour de windows 8.1 le pc ne sort plus de veille, l'écran reste noir… j'ai vu sur un forum que c'était un pb de mise à jour de carte graphique mais je n'ai pas trouvé ce qu'il fallait faire exactement -_-
    si vous pouviez encore m'aider ce serait merveilleux

    :merci2:[/font:2q1qegqc]

  • lilidurhone
    Post count: 0

    Plus de nouvelles?

  • lilidurhone
    Post count: 0

    C’est bientôt fini j’imagine?

    Oui ;)

    Mais on continue ;)

    • Télécharge Junkware Removal Tool (de thisisu) sur ton bureau.
    • Lance Junkware Removal Tool, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Appuie sur n’importe quelle touche.

    • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à été créé.
    • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
  • Telma
    Post count: 0

    [font=Century Gothic:3ad2ubtl]Voilà le rapoprt :

    # AdwCleaner v3.016 – Rapport créé le 30/12/2013 à 20:24:56
    # Mis à jour le 23/12/2013 par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Nom d'utilisateur : Marie-Estelle – PC-MARIE-ESTELL
    # Exécuté depuis : C:UsersMarie-EstelleDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDataViewpoint
    Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsOfferBox
    Dossier Supprimé : C:Program FilesCrazyLoader
    Dossier Supprimé : C:Program FilesMyPC Backup
    Dossier Supprimé : C:Program FilesViewpoint
    Dossier Supprimé : C:Program FilesWidestream6
    Dossier Supprimé : C:UsersMarie-EstelleAppDataLocalwidestream6 Air
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingFissaSearch
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingOfferBox
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingOpenCandy
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingpdfforge
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingSystweak
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingwidestream
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsCrazyLoader
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultSmartbar
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultValueApps
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultCT3242339
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultExtensions{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultExtensions{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Dossier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultExtensions{19803860-b306-423c-bbb5-f60a7d82cde5}
    Dossier Supprimé : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof
    Dossier Supprimé : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionspflphaooapbgpeakohlggbpidpppgdff
    Fichier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk
    Fichier Supprimé : C:Windowssystem32roboot.exe
    Fichier Supprimé : C:UsersMarie-EstelleAppDataLocalmysearchdial-speeddial.crx
    Fichier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsavg-secure-search.xml
    Fichier Supprimé : C:Program FilesMozilla Firefoxsearchpluginsavg-secure-search.xml
    Fichier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsFissa.xml
    Fichier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsMysearchdial.xml
    Fichier Supprimé : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultuser.js
    Fichier Supprimé : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Valeur Supprimée : HKCUSoftwareMozillaFirefoxExtensions [offerboxffx@offerbox.com]
    Clé Supprimée : HKCUSoftwareGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff
    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{35F7D4DB-9C08-4E79-B281-87F35119D679}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{FEDE6463-84F4-457D-861A-2253EEA0C1E6}
    Clé Supprimée : HKLMSOFTWAREClassesAppIDScriptHelper.EXE
    Clé Supprimée : HKLMSOFTWAREClassesAppIDsecman.DLL
    Clé Supprimée : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtl
    Clé Supprimée : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtl.1
    Clé Supprimée : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtlSecondary
    Clé Supprimée : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtlSecondary.1
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
    Clé Supprimée : HKLMSOFTWAREClassessecman.OutlookSecurityManager
    Clé Supprimée : HKLMSOFTWAREClassessecman.OutlookSecurityManager.1
    Clé Supprimée : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook
    Clé Supprimée : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook.1
    Clé Supprimée : HKLMSOFTWAREMicrosoftActive SetupInstalled Components{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Clé Supprimée : HKLMSOFTWAREMicrosoftActive SetupInstalled Components{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Clé Supprimée : HKLMSOFTWAREMozillaPlugins@viewpoint.com/VMP
    Clé Supprimée : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{826D7151-8D99-434B-8540-082B8C2AE556}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{94496571-6AC5-4836-82D5-D46260C44B17}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{97720195-206A-42AE-8E65-260B9BA5589F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{97D69524-BB57-4185-9C7F-5F05593B771A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{B18788A4-92BD-440E-A4D1-380C36531119}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{03E2A1F3-4402-4121-8B35-733216D61217}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{13ABD093-D46F-40DF-A608-47E162EC799D}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{9DBB28C1-1925-11D3-A498-00104B6EB52E}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{F0626A63-410B-45E2-99A1-3F2475B2D695}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{723328FF-22D0-497F-9EB5-1AC919582DE1}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{F0626A63-410B-45E2-99A1-3F2475B2D695}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B41306C6-96D0-442A-BCC4-B0F621E82CE9}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Clé Supprimée : HKCUSoftwareBabylon
    Clé Supprimée : HKCUSoftwareConduit
    Clé Supprimée : HKCUSoftwareFissaSearch
    Clé Supprimée : HKCUSoftwareIGearSettings
    Clé Supprimée : HKCUSoftwareInstallCore
    Clé Supprimée : HKCUSoftwaremysearchdial.com
    Clé Supprimée : HKCUSoftwareOfferbox
    Clé Supprimée : HKCUSoftwareSoftonic
    Clé Supprimée : HKCUSoftwareSpointer
    Clé Supprimée : HKCUSoftwaresystweak
    Clé Supprimée : HKCUSoftwareVittalia
    Clé Supprimée : HKCUSoftwareWideStream
    Clé Supprimée : HKCUSoftwareYahooPartnerToolbar
    Clé Supprimée : HKCUSoftwareAppDataLow{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwareSmartBar
    Clé Supprimée : HKLMSoftwareMetaStream
    Clé Supprimée : HKLMSoftwaresystweak
    Clé Supprimée : HKLMSoftwareViewpoint
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{2C8574B5-6935-4FCE-860E-F4E8602378FF}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallViewpointMediaPlayer
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{2C8574B5-6935-4FCE-860E-F4E8602378FF}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{79A765E1-C399-405B-85AF-466F52E918B0}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheMyPC Backup
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheRegClean Pro_is1
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheViewpointMediaPlayer
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8121C32A9C319F4CB0C11FF059552A4
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16526

    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Start Page]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerMain [Start Page]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerAboutURls [Tabs]

    -\ Mozilla Firefox v26.0 (fr)

    [ Fichier : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultprefs.js ]

    Ligne Supprimée : user_pref(“CT3242339./9B+7E+x305.enc”, “JH4nQTM0NjN5RTo9KnIseXp+ejEoMztHSVNGLVhNUD0mPy0uMTVEO0ZOT1tWXmlbQm1iZVI7VEJDRklZUFtjfXN7blUhdXhlTmdVVllbbGNudnwmKzB7aTUqLXlie2lqbW4hdyMrNzt0NHxIPSBFQy93MX4gIyM2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E,x305.enc”, “JH4oQS8/Pjd5RTo9KnIseXt4fTEoMzxHSEAsV0xPPCU+LC4rL0M6RU5ZUFtXZ2pmQm1iRV5pVD1WREZDRltSXWZxbCFua1h9c2dQaVdZVlhuZXB5MycyfWo2Ky56Y3xqbGlqIngkLUY6PkVGSUxAS0RMJVBFSDV9[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E-x305.enc”, “JH4pNjA8NjZ5RTo9KnIseXogezEoMz1GK1VKTUtHSVlNM1NdT0MsRTM0OTRKQUxWW15sZW5wbHFkc21NeG1wXUZfTU5TTWRbZnBVKHwgfXl7MC4kIjAjaTUqLW06K3xlfmxtcmskeiYwRDhGOEw7Ik1CRSZSQzV9[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E.:2z527.enc”, “JCM=”);
    Ligne Supprimée : user_pref(“CT3242339./9B+7E.x305.enc”, “JH4qQTc3RDQzekY7PitzLXp9fCEyKTQ/VkZUUkxHSllaSFFQXlFSOWRZXEkySzk8Oz5QR1JdbGprb3htaFBqb3FxdCJWInZ5Zk9oVllYWm1kb3p7Mn1oNCkseGF6aGtqayB2Ii1zL3lFOj0qcix5fHt6MSgzPlFV[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E/x305.enc”, “JH4rQTU2MnhEOTwpcSt4fHt3MCcyPkxDQ1NOLVhbPCU+LDAuNEM6RVFYYmleZ1pBbGFkUTpTQUVDSFhPWmZte3xxdHJucCF0dFsne35rVG1bX11hcml0IS8nJiY7MXE6KD46QjY+QTR7QDxIeyBNQk83Q0U9UFRE[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E06CG5EL8:.enc”, “bm1sanJ0cHFucw==”);
    Ligne Supprimée : user_pref(“CT3242339./9B+7E06CG5EL;8I:K.enc”, “JH4tLyJqdHNycHh6dnd0eSQvS0lHT0I1fV1cPQ==”);
    Ligne Supprimée : user_pref(“CT3242339./9B+7E0x305.enc”, “JH4sQDpAd0M4OyhwKnd8dX0vJjE+QSlVR0hNUVpOWlkyXVJVQitEMjcwN0lAS1heaF5wbm5mdGJuaWtNeG1wXUZfTVJLUWRbZnMje3csKiovJWQwJSh0XXZkaWJne3J9KzZ0OjYyPUBANXxIPUAtdS98Inp+NCs2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E1x305.enc”, “JH4tQTE9QDJ5RTo9KnIsend5fjEoM0FHPkVHRUgvWk9SPyhBMC0vM0Y9SFZiZWhca2dfbXBgSHNoa1hBWklGSEtfVmFvfCF9dHR6eCdfKyAjb1hxYF1fYXZteCc3OjYwMio9QXZCNzonbyl3dHZ3LiUwPk5RTUhI[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E2x305.enc”, “JH4uNUIxPT05OntHPD8sdC55IH0yKTRDVlVORy5ZTlEyXk9BKkM1NzIxSD9KWWVfX2JsW3FzaXVpdXRNeG1wUX5rYEliUlBUUWdeaXgoLXx8Yy8kJ3NcdWRmZmh6cXwsO0AwQDx0eDQ9MHxIPUAtdS99ICAgNCs2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E31;CJ7FK;KG#NCEP@MC+VKN.enc”, “JH5hOT8jayVzdHFxKiEsbkFPRE0yejRDUldHV1MvWk9RXExZTzdiV1pHPkksWFReak84UTxTSlU4ZGVuWkNcS15VYHJxdSJxJXRoUTFxbCIvfC8rclt6dVgwNnliezsxL2deWk5rMzc5Oz[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E31;CJ<<ADM"MBE.enc", "JH5hOT8jayV2cHRyeysiLW9CUEVOM3s1SUlOUVovWk9SPzZBJGFWUVlUV1FKM0x5fE9GUTRxdGJWP1hKQ1tSXUBsbXZiS2RVVGdeaXt6fit6Ln1xWjp6dVgmNSkmNDs6fmchayN5JTpHNUdDK3MzLn[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E31;CJC<=FBJ#K@.enc", "JH5hOT8jayV1dnRxKiEsbkFPRE0yejRPSElSTlYvV0w+NUAjYFVQWFNWUEkySyh8TkVQM19bZXFWP1hKWlFcP3txfiQhdXh2eyR1Ji0pKSMvd3BZcmNmZ2h3bnlcKSozfmchbyN5JTc2OkY2STktdVU[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E31;CJC<=FBJ#NCF.enc", "JH5hOT8jayV1dndxKiEsbkFPRE0yejRPSElSTlYvWk9SPzZBJFBMVmJHMEk7S0JNMGxib3RxZmlnbHRmdn15eXMgaGFKY1RXWFloX2pNeXokb1hxYHNqdSMnLnliInxfLjwqRDU3Oi4nbyl6KyItPU[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E31;CJI5E K@C.enc“, “JH5hOT8jayVzeHIpICttQE5DTDF5M1RAUCtWS047Mj0gXVJNVVBTTUYvSHV4S0JNMG1wXlI7VENWTVg7Z2hxXUZfTmFYY3B0e2dQb2p6KShuV3B3ITA1JTUxXUA7cCRec0dydmtJSnpMTXxPUCNRJTMwJ[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E31;CJzz>H:”MBE.enc”, “JH5hOT8jayV1dnlyeCsiLW9CUEVOM3s1KChLVUcvWk9SPzZBJGFkUkYvSDdKQUxZXWRQOVhTY3FwV0BZYGl4fW19eW9vcnx4IUwvKl9yTWI2YWVaODlpOzxrPj9xQHMifnUhPz85JW0nNkVKOkpGPD[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E3x305.enc”, “JH4vQT87NjM/R0Y/fUk+QS52MH4iJCE1LDdHS1lXS0pIWFhOXjdiVzpTXkkySzo9PztQR1JibGJddXhtdmp8UXxxdGFKY1JVV1JoX2p6LSYsLCR+LzIuaTUqLXlie2ptb2khdyMzQUEzN0hHRz0/OyNOQ0YzezUk[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E4x305.enc”, “JH4wLEB2Qjc6J28pd3t0di4lMEE+T0lKUitVVTojPCsvKClBOENUUV5dVmFfVmhcQm1iZVI7VENGSUpZUFtsaXp+IXAjcHZZJXl8XSp6bFVuXWBjY3NqdSckMTgxNzI2KHM/NDd3RTInbyl3en18LiUwQT5LSkNP[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E5x305.enc”, “JH4xNkIrd0M4OyhwKnl1encvJjFDSz1JVkpQWS5ZTjFKVUApQjIuMy9HPklbXVlaal5YcHJiZ0l0aWxZQltLR0tRYFdidHwkc3N3JiAkICpiLiMmclt0ZGBkaXlwey42PS4uNDR3Qzh6ND8qcix7d3t+MSgzRURS[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E6x305.enc”, “JH4yLD4yMjI4RT58SD1ALXUvfnskJDQrNklTVFJZWFpaUFJONmFWWUYvSDg1PTxNRE9ibG1rcnFqd2FNeG1wXUZfT0xUUWRbZnl7Jnh4KX4vKS0yMGczKCt3YHlpZm5qfnUhNDZAQ0Y8PXxIPUAtdS9+eyR+NCs2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E7x305.enc”, “JH4zPSw/Pj95RTo9KnIse3p5ejEoM0dRP0RVWUJMWjFcUVRBKkMzMjA3SD9KXmhWW1lwYG5sZmFkc0x3bG9cRV5OTUtRY1pleSR6KSN4emEtIiVxWnNjYmBleG96Ly8rODg0PEIwMjQ5QzY0SztJIk1CRTJ6NCQj[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E8x305.enc”, “JH40PT87NTc7PzZ8R0csdC5+eCMyKTRJVlVARy5ZTlE+J0AwMjUzRTxHXFVYY2plbmJebGFrcGhzS3ZrbltEXU1PUk9iWWR5J3ZyKnkoYCwhJHBZcmJkZ2J3bnkvNCs8MXM/NHYwOyZuKHd5fHYtJC9EOVBCTFNM[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E9x305.enc”, “JH41Myw/MnhEOTwpcSt7dXl5MCcySExPT0RQTEdUWFxQSDRfVFdELUY3MTU0S0JNY2tdX19zaWtKdWptWkNcTUdLSWFYY3kib3QlKCR5YCwhJHBZcmNdYGh3bnkwOjorKi50QDU4JW0nd3F0eywjLkRQQjlFR1Eq[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E:x305.enc”, “JH42Mzs4MnhEOTwpcSt7dnl6MCcySUhVRUQsV0xPPCU+LyotLUM6RVxnVVteP2pfYk84UUI9QD9WTVhvemh4bHFxVCB0d2RNZldSVVNrYm0lfi16ZjInKnZfeGlkZm59dCA3QjIyMkZENXxHRyx0Ln55eyMzKjVM[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E;x305.enc”, “JH43PzM/NzhCL3tHPD8sdC5+enoiMyo1TUYsV0xPPCU+LysrMUM6RV1jVldcXFpBbGFkUTpTREBARVhPWnJzcXp4bSJWInZ5Zk9oWVVVWW1kbygkLCcqMiEwJ205LjF9ZiBwbGxuJXsnPzpIfklJLnYwIXx8fTUs[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E<x305.enc", "JH44NDAwRC9GNkQ3fUk+QS52MCF9JCY1LDdQLk9HRzFcUVRBKkM0MTc4SD9KY19aamReYlpHcmdqV0BZSkdNTV5VYHlxJG53eCV2XSl9IW1Wb2BdY2J0a3YwJS0zKTk0cj4zNiNrJXVyeHUqISxFQUM4P0tFRSlU[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E=x305.enc”, “JH45MzY/QUE3OTV8SD1ALXUvIH4gIjQrNlBUWVdMVU9RWzRfVFdELUY3Njc4S0JNZ2twbmBvYWZrY2ZNeG1wXUZfUE9QUGRbZiElfHlzemEtIiVxWnNkY2RjeG96NT0yM0A/Oz8zeEQ5PClxK3t6e3kwJzJMTU9F[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E>x305.enc”, “JH46QTY/MjI4OHtHPD8sdC5+ICF8Myo1UE9TRkgvWk9SPyhBMjM0L0Y9SGNcXWZiakNuY2ZTPFVGR0hCWlFcd3B3cyAjcSFZJXl8aVJrXF1dYXBnci4hLiQ4KDg3Lyo6LnM/NDckbCZ2d3d6KyItSEtMR1FCRilU[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E?x305.enc”, “JH47LS8vM0E0QDo6fUlMLXUvICMgfjQrNlJQTFJJVVJWUlw1YFVYRS5HODs4NkxDTmpwb19lY11zb2d1eGhMZXBrVCB0d2RNZldaV1RrYm0qIisvJS5oNCkseGF6a25rZyB2Ij5EQkEzNkE8PiBLQEMweDIjJiIn[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7E@x305.enc”, “JH48QEIrd0M4OyhwKnt2fngvJjFOUlQ9KlVKLUZRPCU+MCszLEM6RWJnVlFiWWVfX0NuY0ZfalU+V0lETERcU157IXR8eCF0WiZ6fWpTbF5ZYGJxaHMxNCkmJm05LjF9ZiBxbHN0JXsnRDY5PT9FTD0kT0RHNHw2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7EAx305.enc”, “JH49PTc4d0M4OyhwKnt6dX4vJjFPT1RKUkBFSFZPWDFcUVRBKkM1NC83SD9KaGRrZF1eYmRiYW1pcXJrbHhqUXxxdGFKY1VUT1ZoX2opJSgnfDEnIjAgaTUqLXlie21sZ20hdyNBRS5EREk/fko/Qi93MSMifCI2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7EBE3G=;D9N9=D.enc”, “NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTNLVw==”);
    Ligne Supprimée : user_pref(“CT3242339./9B+7EBx305.enc”, “JH4+OTFBMD0zRUA2Mn5KP0IvdzF7fSM1LDdWWUlITk9RUlxOTFVTW1RgWlo+aV5hTjdQOz1BVEtWdXVlbXNneW1tfFUhdXhlTmdSVFdrYm0tIiUuIGczKGokL3lie2ZoaiB2IkEvM3lFOj0qcix2eHkwJzJRQ1VD[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7ECx305.enc”, “JH4/PTAwQzEuekY7PitzLXsgfjEoM1NRVlVRV1pPWExeM15TVkMsRTQ4NklAS2tZVmxoa0ZxZmlWP1hHS0hcU15+bGlWInZ5Zk9oV1tXbGNuLzEhJjAjNio1LCw6MTlxPTI1ImokcnZxKH4qSkE/TEVPPUBAUEQq[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7EDx305.enc”, “JH5ANUIqNjh5RTo9KnIsfSAvJjFSR1Q8SEosV0wvSFM+J0AyM0M6RWZbaFBcXkBrbk84UUNDVEtWd2x5YW1vUXxxVHhzY0xlV1ZoX2osIS51IiRlLiN0XXZoZnlwez06LjIyNDExRTtDe0c8Pyx0LiB8MSgzVFJI[…]
    Ligne Supprimée : user_pref(“CT3242339./9B+7Etx305.enc”, “JH5uLy47MjNCNXtEOStzLXp7e3wyKTQjUkxUV0dKTlBWXUphUV9dV1JVZD1oXWBNNk89Pj49VEtWRUhqc21pb1J9cnViS2RSU1NRaWBrWnt7dyYueWczKCt3YHlnaGdvfnUhcm01Pjg0OnxIPUAtdS98fXwkNCs2[…]
    Ligne Supprimée : user_pref(“CT3242339./9B-0?3G>D.enc”, “Omg+PnA+c3B6dHdIeCB7e3ZKJSN7TyAqJShXJFgrWyctKFxd”);
    Ligne Supprimée : user_pref(“CT3242339./9B-0?3G@6:5;.enc”, “AA==”);
    Ligne Supprimée : user_pref(“CT3242339./9B-0?3GFA7EF.enc”, “Ky4sPQ==”);
    Ligne Supprimée : user_pref(“CT3242339./9B-3=3ECCJA=F>.enc”, “JH4zPSxFL0E1J28pe359ISAvJjE+Qkk1fTc4LzpJTV1RPygzOENdZVRpW2VUbVdpXV1oY2VTPHB2bGZ1Xg==”);
    Ligne Supprimée : user_pref(“CT3242339./9B/556,BI5A>G.enc”, “bm1sanJ0b21wcHN5cw==”);
    Ligne Supprimée : user_pref(“CT3242339./9B/>01=9A6K6<IM;KRIE@PDAWM.enc", "amlrcnN0dXY=");
    Ligne Supprimée : user_pref(“CT3242339./9B3=>@44I48?.enc”, “NywtMml1djNCNjNBSEd2IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ”);
    Ligne Supprimée : user_pref(“CT3242339./9B5BA==9CJAG.enc”, “ajpuPXNvbm16R0dJSHl1SXxNfFFN”);
    Ligne Supprimée : user_pref(“CT3242339./9B6B11G4C56B>F;P;ANR@P.enc”, “bm1sanJ0cHFuc3RxeA==”);
    Ligne Supprimée : user_pref(“CT3242339./9B9643G3/9E.enc”, “ag==”);
    Ligne Supprimée : user_pref(“CT3242339./9B;45>:BI9I7IE.enc”, “Ky4sPQ==”);
    Ligne Supprimée : user_pref(“CT3242339./9B<:222H64<.enc", "OT81Lz4=");
    Ligne Supprimée : user_pref(“CT3242339./9B<:222H64<L8DAJ.enc", "bXBwb3Z0dHl2dSp5cnJ6e3UgfA==");
    Ligne Supprimée : user_pref(“CT3242339./9B=+03EH8H8J?:.enc”, “REM=”);
    Ligne Supprimée : user_pref(“CT3242339./9B?+E2A52D8.enc”, “NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=”);
    Ligne Supprimée : user_pref(“CT3242339./9B?B0D:8AJ62<H.enc", "bQ==");
    Ligne Supprimée : user_pref(“CT3242339./9BA@0<0BI6A7GN:6@L?.enc", "bms=");
    Ligne Supprimée : user_pref(“CT3242339.1000082.isDisplayHidden”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.1000082.state”, “{“state”:”stopped”,”text”:”Californi…”,”description”:”California Rock”,”url”:”hxxp://feedlive.net/california.asx”}”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_TMP_city”, “PARIS”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_TMP_country”, “FR”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_locId”, “FRXX0076”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_location”, “Paris, France”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_region”, “FR”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_temp_dis”, “c”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.TWC_wind_dis”, “kmh”);
    Ligne Supprimée : user_pref(“CT3242339.1000234.weatherData”, “{“icon”:”30.png”,”temperature”:”1°C”,”temperatureClear”:”1°C”,”highTemperature”:”2°C”,”lowTemperature”:”1°C”,”feelsLike”:”1°C”,[…]
    Ligne Supprimée : user_pref(“CT3242339.129498282976856742.isToggled_item0_12”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.CBOpenMAMSettings.enc”, “MA==”);
    Ligne Supprimée : user_pref(“CT3242339.ENABALE_HISTORY”, “{“dataType”:”string”,”data”:”false”}”);
    Ligne Supprimée : user_pref(“CT3242339.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.FirstTime”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.FirstTimeFF3”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.LoginRevertSettingsEnabled”, true);
    Ligne Supprimée : user_pref(“CT3242339.RevertSettingsEnabled”, true);
    Ligne Supprimée : user_pref(“CT3242339.UserID”, “UN40003974604697080”);
    Ligne Supprimée : user_pref(“CT3242339.addressBarTakeOverEnabledInHidden”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.cb_experience_000.enc”, “Mg==”);
    Ligne Supprimée : user_pref(“CT3242339.cb_firstuse0100.enc”, “MQ==”);
    Ligne Supprimée : user_pref(“CT3242339.cb_user_id_000.enc”, “Q0I4ODI0MzUwNTQ1ODFfMTM1ODEwNzI0OTUxMV9GaXJlZm94”);
    Ligne Supprimée : user_pref(“CT3242339.cbcountry_001.enc”, “RlI=”);
    Ligne Supprimée : user_pref(“CT3242339.cbfirsttime.enc”, “U3VuIEphbiAxMyAyMDEzIDIwOjMzOjEyIEdNVCswMTAw”);
    Ligne Supprimée : user_pref(“CT3242339.countryCode”, “FR”);
    Ligne Supprimée : user_pref(“CT3242339.enableAlerts”, “never”);
    Ligne Supprimée : user_pref(“CT3242339.enableFix404ByUser”, “FALSE”);
    Ligne Supprimée : user_pref(“CT3242339.event_data.enc”, “JTVCJTVE”);
    Ligne Supprimée : user_pref(“CT3242339.fired_events.enc”, “AA==”);
    Ligne Supprimée : user_pref(“CT3242339.firstTimeDialogOpened”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.fixPageNotFoundErrorByUser”, “TRUE”);
    Ligne Supprimée : user_pref(“CT3242339.fixPageNotFoundErrorInHidden”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.fixUrls”, true);
    Ligne Supprimée : user_pref(“CT3242339.fullUserID”, “UN40003974604697080.UP.20130701184147”);
    Ligne Supprimée : user_pref(“CT3242339.hxxp___pricegong_conduitapps_com_v4.APP_WIN_FEATURES.enc”, “cmVzaXphYmxlPTAsc2F2ZWxvY2F0aW9uPTAsb3BlbnBvc2l0aW9uPWFsaWdubWVudDpCO0wsdGl0bGViYXI9MA==”);
    Ligne Supprimée : user_pref(“CT3242339.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc”, “b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc2Nyb2xsYmFycz1ubyx0aXRsZW[…]
    Ligne Supprimée : user_pref(“CT3242339.installType”, “Unknown”);
    Ligne Supprimée : user_pref(“CT3242339.isCheckedStartAsHidden”, true);
    Ligne Supprimée : user_pref(“CT3242339.isEnableAllDialogs”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.isFirstTimeToolbarLoading”, “false”);
    Ligne Supprimée : user_pref(“CT3242339.isNewTabEnabled”, false);
    Ligne Supprimée : user_pref(“CT3242339.isPerformedSmartBarTransition”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.isToolbarShrinked”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.isWelcomPage”, “{“dataType”:”boolean”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.key_date.enc”, “MTM=”);
    Ligne Supprimée : user_pref(“CT3242339.lastNewTabSettings”, “{“isEnabled”:false,”newTabUrl”:”hxxp://search.conduit.com/?ctid=CT3242339&octid=CT3242339&SearchSource=15&CUI=UN40003974604697080&SSPV=&Lay=1&UM=”}”);
    Ligne Supprimée : user_pref(“CT3242339.lastVersion”, “10.23.0.822”);
    Ligne Supprimée : user_pref(“CT3242339.migrateAppsAndComponents”, true);
    Ligne Supprimée : user_pref(“CT3242339.navigationAliasesJson”, “{“EB_MAIN_FRAME_URL”:”hxxps%3A%2F%2Fwww.facebook.com%2F”,”EB_MAIN_FRAME_TITLE”:”Facebook”,”EB_SEARCH_TERM”:””,”EB_TOOLBAR_SUB_DOMAIN”:”hxxp[…]
    Ligne Supprimée : user_pref(“CT3242339.newSettings”, “{“dataType”:”boolean”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.revertSettingsEnabled”, “false”);
    Ligne Supprimée : user_pref(“CT3242339.search.searchAppId”, “129888260397511660”);
    Ligne Supprimée : user_pref(“CT3242339.search.searchCount”, “1”);
    Ligne Supprimée : user_pref(“CT3242339.searchInNewTabEnabled”, “false”);
    Ligne Supprimée : user_pref(“CT3242339.searchInNewTabEnabledByUser”, “false”);
    Ligne Supprimée : user_pref(“CT3242339.searchInNewTabEnabledInHidden”, “true”);
    Ligne Supprimée : user_pref(“CT3242339.searchProtector.notifyChanges”, “{“dataType”:”string”,”data”:”false”}”);
    Ligne Supprimée : user_pref(“CT3242339.searchSuggestEnabledByUser”, “false”);
    Ligne Supprimée : user_pref(“CT3242339.selectToSearchBoxEnabled”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_login_isFirstLoginInvoked”, “{“dataType”:”boolean”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_login_loginCount”, “{“dataType”:”number”,”data”:”4″}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_activeCTID”, “{“dataType”:”string”,”data”:”CT3242339″}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_activeDownloadUrl”, “{“dataType”:”string”,”data”:”hxxp://WiseConvert15.OurToolbar.com//xpi”}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_activeToolbarName”, “{“dataType”:”string”,”data”:”WiseConvert 1.5 “}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_invoked”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_service_usage_toolbarUsageCount”, “{“dataType”:”number”,”data”:”2″}”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_Configuration_lastUpdate”, “1388424921165”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_appTrackingFirstTime_lastUpdate”, “1359201448747”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_appsMetadata_lastUpdate”, “1359574321609”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_clientErrorLog_lastUpdate”, “1358604708476”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_gottenAppsContextMenu_lastUpdate”, “1359385591496”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_location_lastUpdate”, “1372272438557”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_login_10.13.40.15_lastUpdate”, “1359385471968”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_login_10.14.42.7_lastUpdate”, “1360864481297”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_login_10.14.65.43_lastUpdate”, “1364160114594”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_login_10.15.0.562_lastUpdate”, “1365950837984”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_login_10.15.2.523_lastUpdate”, “1372272439772”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_login_10.16.4.519_lastUpdate”, “1374883380023”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate”, “1359568748933”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate”, “1359568748830”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_otherAppsContextMenu_lastUpdate”, “1359385591602”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_searchAPI_lastUpdate”, “1388424920786”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_serviceMap_lastUpdate”, “1388424920631”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_toolbarContextMenu_lastUpdate”, “1359385591213”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_toolbarSettings_lastUpdate”, “1388424920422”);
    Ligne Supprimée : user_pref(“CT3242339.serviceLayer_services_translation_lastUpdate”, “1388424920589”);
    Ligne Supprimée : user_pref(“CT3242339.settingsINI”, true);
    Ligne Supprimée : user_pref(“CT3242339.showToolbarPermission”, “false”);
    Ligne Supprimée : user_pref(“CT3242339.smartbar.CTID”, “CT3242339”);
    Ligne Supprimée : user_pref(“CT3242339.smartbar.Uninstall”, “0”);
    Ligne Supprimée : user_pref(“CT3242339.smartbar.toolbarName”, “WiseConvert 1.5 “);
    Ligne Supprimée : user_pref(“CT3242339.toolbarBornServerTime”, “13-1-2013”);
    Ligne Supprimée : user_pref(“CT3242339.toolbarCurrentServerTime”, “18-7-2013”);
    Ligne Supprimée : user_pref(“CT3242339.toolbarLoginClientTime”, “Sun Mar 24 2013 23:02:13 GMT+0100”);
    Ligne Supprimée : user_pref(“CT3242339.url_history0001.enc”, “aHR0cDovL3d3dy5nb29nbGUuZnIvc2VhcmNoP2hsPWZyJmNsaWVudD1maXJlZm94LWEmaHM9Y3lXJnJscz1vcmcubW96aWxsYTpmcjpvZmZpY2lhbCZxPWNvbmZlc3Npb25zK2ludGltZXMrbWFyaWFoK2Nh[…]
    Ligne Supprimée : user_pref(“CT3242339_Firefox.csv”, “[{“from”:”Abs Layer”,”action”:”loading toolbar”,”time”:1388424912207,”isWithState”:””,”timeFromStart”:0,”timeFromPrev”:0}]”);
    Ligne Supprimée : user_pref(“browser.search.order.1”, “Mysearchdial”);
    Ligne Supprimée : user_pref(“extensions.Fissa.lastRunTime”, “Sat, 28 Aug 2010 18:09:57 GMT”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.aflt”, “irmsd1202aw”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.appId”, “{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.cd”, “2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.cntry”, “FR”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.cr”, “627028764”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.dfltLng”, “”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.dfltSrch”, true);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.dnsErr”, true);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.dpkLst”, “3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[…]
    Ligne Supprimée : user_pref(“extensions.mysearchdial.excTlbr”, false);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.hdrMd5”, “0A199B406364F49189CCE1F3B14CB697”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.hmpg”, true);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.hmpgUrl”, “hxxp://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu[…]
    Ligne Supprimée : user_pref(“extensions.mysearchdial.id”, “00234E2320037E44”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.instlDay”, “16051”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.instlRef”, “”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.lastB”, “hxxp://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutC[…]
    Ligne Supprimée : user_pref(“extensions.mysearchdial.lastVrsnTs”, “1.8.21.020:58:49”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.newTabUrl”, “hxxp://start.mysearchdial.com/?f=2&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1C[…]
    Ligne Supprimée : user_pref(“extensions.mysearchdial.pnu_base”, “{“newVrsn”:”89″,”lastVrsn”:”89″,”vrsnLoad”:””,”showMsg”:”false”,”showSilent”:”false”,”msgTs”:0,”lstMsgTs”:”0″}”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.prdct”, “mysearchdial”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.prtnrId”, “mysearchdial”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.sg”, “none”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.srchPrvdr”, “Mysearchdial”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.tlbrId”, “base”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.tlbrSrchUrl”, “hxxp://start.mysearchdial.com/?f=3&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L[…]
    Ligne Supprimée : user_pref(“extensions.mysearchdial.vrsn”, “1.8.21.0”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial.vrsni”, “1.8.21.0”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial_i.hmpg”, true);
    Ligne Supprimée : user_pref(“extensions.mysearchdial_i.newTab”, false);
    Ligne Supprimée : user_pref(“extensions.mysearchdial_i.smplGrp”, “none”);
    Ligne Supprimée : user_pref(“extensions.mysearchdial_i.vrsnTs”, “1.8.21.020:58:49”);
    Ligne Supprimée : user_pref(“plugin.blocklisted.npviewpoint”, true);
    Ligne Supprimée : user_pref(“plugin.state.npconduitfirefoxplugin”, 2);
    Ligne Supprimée : user_pref(“plugin.state.npviewpoint”, 0);
    Ligne Supprimée : user_pref(“smartbar.machineId”, “/ZKAXXVZDMPPYKTR23S/FN7A7L8JFW5RV07LZCMYDLJ/ZWIXR/YVAKUCMQHW336NKXDSYDMOF8SDCBHZDE2M5W”);
    Ligne Supprimée : user_pref(“valueApps.CT3242339.mam_gk_currentVersion”, “312E31322E302E35”);
    Ligne Supprimée : user_pref(“valueApps.CT3242339.mam_gk_currentVersion.storedInFile”, false);
    Ligne Supprimée : user_pref(“valueApps.CT3242339.mam_gk_globalKeysMigratedToLocalStorage”, “31”);
    Ligne Supprimée : user_pref(“valueApps.CT3242339.mam_gk_globalKeysMigratedToLocalStorage.storedInFile”, false);
    Ligne Supprimée : user_pref(“valueApps.CT3242339.mam_gk_migrated_from_ls”, “31”);
    Ligne Supprimée : user_pref(“valueApps.CT3242339.mam_gk_migrated_from_ls.storedInFile”, false);

    -\ Google Chrome v31.0.1650.63

    [ Fichier : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Supprimée : icon_url
    Supprimée : search_url
    Supprimée : keyword

    *************************

    AdwCleaner[R0].txt – [35735 octets] – [30/12/2013 19:20:43]
    AdwCleaner[S0].txt – [35668 octets] – [30/12/2013 20:24:56]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [35729 octets] ##########

    C'est bientôt fini j'imagine?[/font:3ad2ubtl]

  • lilidurhone
    Post count: 0

    Bien ;)

    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC
  • Telma
    Post count: 0

    [font=Century Gothic:2hmrob0w]Ok nikel :D !

    Voici donc le rapport :

    # AdwCleaner v3.016 – Rapport créé le 30/12/2013 à 19:20:43
    # Mis à jour le 23/12/2013 par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Nom d'utilisateur : Marie-Estelle – PC-MARIE-ESTELL
    # Exécuté depuis : C:UsersMarie-EstelleDownloadsadwcleaner.exe
    # Option : Scanner

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Présent : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof
    Dossier Présent : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionspflphaooapbgpeakohlggbpidpppgdff
    Dossier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultExtensions{19803860-b306-423c-bbb5-f60a7d82cde5}
    Dossier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultExtensions{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    Dossier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultExtensions{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Dossier Présent C:Program FilesCrazyLoader
    Dossier Présent C:Program FilesMyPC Backup
    Dossier Présent C:Program FilesViewpoint
    Dossier Présent C:Program FilesWidestream6
    Dossier Présent C:ProgramDataMicrosoftWindowsStart MenuProgramsOfferBox
    Dossier Présent C:ProgramDataViewpoint
    Dossier Présent C:UsersMarie-EstelleAppDataLocalwidestream6 Air
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingFissaSearch
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsCrazyLoader
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultCT3242339
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultSmartbar
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultValueApps
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingOfferBox
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingOpenCandy
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingpdfforge
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingSystweak
    Dossier Présent C:UsersMarie-EstelleAppDataRoamingwidestream
    Fichier Présent : C:Program FilesMozilla Firefoxsearchpluginsavg-secure-search.xml
    Fichier Présent : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk
    Fichier Présent : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
    Fichier Présent : C:UsersMarie-EstelleAppDataLocalmysearchdial-speeddial.crx
    Fichier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsavg-secure-search.xml
    Fichier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsFissa.xml
    Fichier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsMysearchdial.xml
    Fichier Présent : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultuser.js
    Fichier Présent : C:Windowssystem32roboot.exe

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Présente : HKCUSoftwareAppDataLow{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    Clé Présente : HKCUSoftwareAppDataLowSoftwareSmartBar
    Clé Présente : HKCUSoftwareBabylon
    Clé Présente : HKCUSoftwareConduit
    Clé Présente : HKCUSoftwareFissaSearch
    Clé Présente : HKCUSoftwareGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff
    Clé Présente : HKCUSoftwareIGearSettings
    Clé Présente : HKCUSoftwareInstallCore
    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B41306C6-96D0-442A-BCC4-B0F621E82CE9}
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{2C8574B5-6935-4FCE-860E-F4E8602378FF}
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{79A765E1-C399-405B-85AF-466F52E918B0}
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheMyPC Backup
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheRegClean Pro_is1
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheViewpointMediaPlayer
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{723328FF-22D0-497F-9EB5-1AC919582DE1}
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    Clé Présente : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{F0626A63-410B-45E2-99A1-3F2475B2D695}
    Clé Présente : HKCUSoftwaremysearchdial.com
    Clé Présente : HKCUSoftwareOfferbox
    Clé Présente : HKCUSoftwareSoftonic
    Clé Présente : HKCUSoftwareSpointer
    Clé Présente : HKCUSoftwaresystweak
    Clé Présente : HKCUSoftwareVittalia
    Clé Présente : HKCUSoftwareWideStream
    Clé Présente : HKCUSoftwareYahooPartnerToolbar
    Clé Présente : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Présente : HKLMSOFTWAREClassesAppID{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Clé Présente : HKLMSOFTWAREClassesAppID{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Clé Présente : HKLMSOFTWAREClassesAppID{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Clé Présente : HKLMSOFTWAREClassesAppIDScriptHelper.EXE
    Clé Présente : HKLMSOFTWAREClassesAppIDsecman.DLL
    Clé Présente : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtl
    Clé Présente : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtl.1
    Clé Présente : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtlSecondary
    Clé Présente : HKLMSOFTWAREClassesAxMetaStream.MetaStreamCtlSecondary.1
    Clé Présente : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Clé Présente : HKLMSOFTWAREClassesCLSID{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Clé Présente : HKLMSOFTWAREClassesCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Clé Présente : HKLMSOFTWAREClassesCLSID{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Clé Présente : HKLMSOFTWAREClassesCLSID{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Clé Présente : HKLMSOFTWAREClassesCLSID{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Présente : HKLMSOFTWAREClassesCLSID{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Clé Présente : HKLMSOFTWAREClassesCLSID{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
    Clé Présente : HKLMSOFTWAREClassesCLSID{826D7151-8D99-434B-8540-082B8C2AE556}
    Clé Présente : HKLMSOFTWAREClassesCLSID{94496571-6AC5-4836-82D5-D46260C44B17}
    Clé Présente : HKLMSOFTWAREClassesCLSID{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
    Clé Présente : HKLMSOFTWAREClassesCLSID{97720195-206A-42AE-8E65-260B9BA5589F}
    Clé Présente : HKLMSOFTWAREClassesCLSID{97D69524-BB57-4185-9C7F-5F05593B771A}
    Clé Présente : HKLMSOFTWAREClassesCLSID{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
    Clé Présente : HKLMSOFTWAREClassesCLSID{B18788A4-92BD-440E-A4D1-380C36531119}
    Clé Présente : HKLMSOFTWAREClassesCLSID{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Clé Présente : HKLMSOFTWAREClassesCLSID{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Clé Présente : HKLMSOFTWAREClassesCLSID{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
    Clé Présente : HKLMSOFTWAREClassesCLSID{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Clé Présente : HKLMSOFTWAREClassesCLSID{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Clé Présente : HKLMSOFTWAREClassesInterface{03E2A1F3-4402-4121-8B35-733216D61217}
    Clé Présente : HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Présente : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Présente : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Clé Présente : HKLMSOFTWAREClassesInterface{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Clé Présente : HKLMSOFTWAREClassesprotector_dll.protectorbho
    Clé Présente : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
    Clé Présente : HKLMSOFTWAREClassessecman.OutlookSecurityManager
    Clé Présente : HKLMSOFTWAREClassessecman.OutlookSecurityManager.1
    Clé Présente : HKLMSOFTWAREClassesTypeLib{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Clé Présente : HKLMSOFTWAREClassesTypeLib{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Clé Présente : HKLMSOFTWAREClassesTypeLib{13ABD093-D46F-40DF-A608-47E162EC799D}
    Clé Présente : HKLMSOFTWAREClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Présente : HKLMSOFTWAREClassesTypeLib{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Clé Présente : HKLMSOFTWAREClassesTypeLib{9DBB28C1-1925-11D3-A498-00104B6EB52E}
    Clé Présente : HKLMSOFTWAREClassesTypeLib{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Clé Présente : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook
    Clé Présente : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook.1
    Clé Présente : HKLMSOFTWAREGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff
    Clé Présente : HKLMSoftwareMetaStream
    Clé Présente : HKLMSOFTWAREMicrosoftActive SetupInstalled Components{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Clé Présente : HKLMSOFTWAREMicrosoftActive SetupInstalled Components{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Clé Présente : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Clé Présente : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{35F7D4DB-9C08-4E79-B281-87F35119D679}
    Clé Présente : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{FEDE6463-84F4-457D-861A-2253EEA0C1E6}
    Clé Présente : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{F0626A63-410B-45E2-99A1-3F2475B2D695}
    Clé Présente : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8121C32A9C319F4CB0C11FF059552A4
    Clé Présente : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094
    Clé Présente : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536
    Clé Présente : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{2C8574B5-6935-4FCE-860E-F4E8602378FF}
    Clé Présente : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallViewpointMediaPlayer
    Clé Présente : HKLMSOFTWAREMozillaPlugins@viewpoint.com/VMP
    Clé Présente : HKLMSoftwaresystweak
    Clé Présente : HKLMSoftwareViewpoint
    Valeur Présente : HKCUSoftwareMozillaFirefoxExtensions [offerboxffx@offerbox.com]

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16526

    Paramètre Présent : HKCUSoftwareMicrosoftInternet ExplorerMain [Start Page] – hxxp://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=627028764&ir=” onclick=”window.open(this.href);return false;
    Paramètre Présent : HKLMSOFTWAREMicrosoftInternet ExplorerMain [Start Page] – hxxp://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=627028764&ir=” onclick=”window.open(this.href);return false;
    Paramètre Présent : HKLMSOFTWAREMicrosoftInternet ExplorerAboutURls [Tabs] – hxxp://start.mysearchdial.com/?f=2&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=627028764&ir=” onclick=”window.open(this.href);return false;

    -\ Mozilla Firefox v26.0 (fr)

    [ Fichier : C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultprefs.js ]

    Ligne Trouvée : user_pref(“CT3242339./9B+7E+x305.enc”, “JH4nQTM0NjN5RTo9KnIseXp+ejEoMztHSVNGLVhNUD0mPy0uMTVEO0ZOT1tWXmlbQm1iZVI7VEJDRklZUFtjfXN7blUhdXhlTmdVVllbbGNudnwmKzB7aTUqLXlie2lqbW4hdyMrNzt0NHxIPSBFQy93MX4gIyM2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E,x305.enc”, “JH4oQS8/Pjd5RTo9KnIseXt4fTEoMzxHSEAsV0xPPCU+LC4rL0M6RU5ZUFtXZ2pmQm1iRV5pVD1WREZDRltSXWZxbCFua1h9c2dQaVdZVlhuZXB5MycyfWo2Ky56Y3xqbGlqIngkLUY6PkVGSUxAS0RMJVBFSDV9[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E-x305.enc”, “JH4pNjA8NjZ5RTo9KnIseXogezEoMz1GK1VKTUtHSVlNM1NdT0MsRTM0OTRKQUxWW15sZW5wbHFkc21NeG1wXUZfTU5TTWRbZnBVKHwgfXl7MC4kIjAjaTUqLW06K3xlfmxtcmskeiYwRDhGOEw7Ik1CRSZSQzV9[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E.:2z527.enc”, “JCM=”);
    Ligne Trouvée : user_pref(“CT3242339./9B+7E.x305.enc”, “JH4qQTc3RDQzekY7PitzLXp9fCEyKTQ/VkZUUkxHSllaSFFQXlFSOWRZXEkySzk8Oz5QR1JdbGprb3htaFBqb3FxdCJWInZ5Zk9oVllYWm1kb3p7Mn1oNCkseGF6aGtqayB2Ii1zL3lFOj0qcix5fHt6MSgzPlFV[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E/x305.enc”, “JH4rQTU2MnhEOTwpcSt4fHt3MCcyPkxDQ1NOLVhbPCU+LDAuNEM6RVFYYmleZ1pBbGFkUTpTQUVDSFhPWmZte3xxdHJucCF0dFsne35rVG1bX11hcml0IS8nJiY7MXE6KD46QjY+QTR7QDxIeyBNQk83Q0U9UFRE[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E06CG5EL8:.enc”, “bm1sanJ0cHFucw==”);
    Ligne Trouvée : user_pref(“CT3242339./9B+7E06CG5EL;8I:K.enc”, “JH4tLyJqdHNycHh6dnd0eSQvS0lHT0I1fV1cPQ==”);
    Ligne Trouvée : user_pref(“CT3242339./9B+7E0x305.enc”, “JH4sQDpAd0M4OyhwKnd8dX0vJjE+QSlVR0hNUVpOWlkyXVJVQitEMjcwN0lAS1heaF5wbm5mdGJuaWtNeG1wXUZfTVJLUWRbZnMje3csKiovJWQwJSh0XXZkaWJne3J9KzZ0OjYyPUBANXxIPUAtdS98Inp+NCs2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E1x305.enc”, “JH4tQTE9QDJ5RTo9KnIsend5fjEoM0FHPkVHRUgvWk9SPyhBMC0vM0Y9SFZiZWhca2dfbXBgSHNoa1hBWklGSEtfVmFvfCF9dHR6eCdfKyAjb1hxYF1fYXZteCc3OjYwMio9QXZCNzonbyl3dHZ3LiUwPk5RTUhI[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E2x305.enc”, “JH4uNUIxPT05OntHPD8sdC55IH0yKTRDVlVORy5ZTlEyXk9BKkM1NzIxSD9KWWVfX2JsW3FzaXVpdXRNeG1wUX5rYEliUlBUUWdeaXgoLXx8Yy8kJ3NcdWRmZmh6cXwsO0AwQDx0eDQ9MHxIPUAtdS99ICAgNCs2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E31;CJ7FK;KG#NCEP@MC+VKN.enc”, “JH5hOT8jayVzdHFxKiEsbkFPRE0yejRDUldHV1MvWk9RXExZTzdiV1pHPkksWFReak84UTxTSlU4ZGVuWkNcS15VYHJxdSJxJXRoUTFxbCIvfC8rclt6dVgwNnliezsxL2deWk5rMzc5Oz[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E31;CJ< Ligne Trouvée : user_pref(“CT3242339./9B+7E31;CJC< =FBJ#K@.enc", "JH5hOT8jayV1dnRxKiEsbkFPRE0yejRPSElSTlYvV0w+NUAjYFVQWFNWUEkySyh8TkVQM19bZXFWP1hKWlFcP3txfiQhdXh2eyR1Ji0pKSMvd3BZcmNmZ2h3bnlcKSozfmchbyN5JTc2OkY2STktdVU[...]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E31;CJC< =FBJ#NCF.enc", "JH5hOT8jayV1dndxKiEsbkFPRE0yejRPSElSTlYvWk9SPzZBJFBMVmJHMEk7S0JNMGxib3RxZmlnbHRmdn15eXMgaGFKY1RXWFloX2pNeXokb1hxYHNqdSMnLnliInxfLjwqRDU3Oi4nbyl6KyItPU[...]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E31;CJI5E K@C.enc“, “JH5hOT8jayVzeHIpICttQE5DTDF5M1RAUCtWS047Mj0gXVJNVVBTTUYvSHV4S0JNMG1wXlI7VENWTVg7Z2hxXUZfTmFYY3B0e2dQb2p6KShuV3B3ITA1JTUxXUA7cCRec0dydmtJSnpMTXxPUCNRJTMwJ[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E31;CJzz>H:”MBE.enc”, “JH5hOT8jayV1dnlyeCsiLW9CUEVOM3s1KChLVUcvWk9SPzZBJGFkUkYvSDdKQUxZXWRQOVhTY3FwV0BZYGl4fW19eW9vcnx4IUwvKl9yTWI2YWVaODlpOzxrPj9xQHMifnUhPz85JW0nNkVKOkpGPD[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E3x305.enc”, “JH4vQT87NjM/R0Y/fUk+QS52MH4iJCE1LDdHS1lXS0pIWFhOXjdiVzpTXkkySzo9PztQR1JibGJddXhtdmp8UXxxdGFKY1JVV1JoX2p6LSYsLCR+LzIuaTUqLXlie2ptb2khdyMzQUEzN0hHRz0/OyNOQ0YzezUk[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E4x305.enc”, “JH4wLEB2Qjc6J28pd3t0di4lMEE+T0lKUitVVTojPCsvKClBOENUUV5dVmFfVmhcQm1iZVI7VENGSUpZUFtsaXp+IXAjcHZZJXl8XSp6bFVuXWBjY3NqdSckMTgxNzI2KHM/NDd3RTInbyl3en18LiUwQT5LSkNP[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E5x305.enc”, “JH4xNkIrd0M4OyhwKnl1encvJjFDSz1JVkpQWS5ZTjFKVUApQjIuMy9HPklbXVlaal5YcHJiZ0l0aWxZQltLR0tRYFdidHwkc3N3JiAkICpiLiMmclt0ZGBkaXlwey42PS4uNDR3Qzh6ND8qcix7d3t+MSgzRURS[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E6x305.enc”, “JH4yLD4yMjI4RT58SD1ALXUvfnskJDQrNklTVFJZWFpaUFJONmFWWUYvSDg1PTxNRE9ibG1rcnFqd2FNeG1wXUZfT0xUUWRbZnl7Jnh4KX4vKS0yMGczKCt3YHlpZm5qfnUhNDZAQ0Y8PXxIPUAtdS9+eyR+NCs2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E7x305.enc”, “JH4zPSw/Pj95RTo9KnIse3p5ejEoM0dRP0RVWUJMWjFcUVRBKkMzMjA3SD9KXmhWW1lwYG5sZmFkc0x3bG9cRV5OTUtRY1pleSR6KSN4emEtIiVxWnNjYmBleG96Ly8rODg0PEIwMjQ5QzY0SztJIk1CRTJ6NCQj[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E8x305.enc”, “JH40PT87NTc7PzZ8R0csdC5+eCMyKTRJVlVARy5ZTlE+J0AwMjUzRTxHXFVYY2plbmJebGFrcGhzS3ZrbltEXU1PUk9iWWR5J3ZyKnkoYCwhJHBZcmJkZ2J3bnkvNCs8MXM/NHYwOyZuKHd5fHYtJC9EOVBCTFNM[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E9x305.enc”, “JH41Myw/MnhEOTwpcSt7dXl5MCcySExPT0RQTEdUWFxQSDRfVFdELUY3MTU0S0JNY2tdX19zaWtKdWptWkNcTUdLSWFYY3kib3QlKCR5YCwhJHBZcmNdYGh3bnkwOjorKi50QDU4JW0nd3F0eywjLkRQQjlFR1Eq[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E:x305.enc”, “JH42Mzs4MnhEOTwpcSt7dnl6MCcySUhVRUQsV0xPPCU+LyotLUM6RVxnVVteP2pfYk84UUI9QD9WTVhvemh4bHFxVCB0d2RNZldSVVNrYm0lfi16ZjInKnZfeGlkZm59dCA3QjIyMkZENXxHRyx0Ln55eyMzKjVM[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E;x305.enc”, “JH43PzM/NzhCL3tHPD8sdC5+enoiMyo1TUYsV0xPPCU+LysrMUM6RV1jVldcXFpBbGFkUTpTREBARVhPWnJzcXp4bSJWInZ5Zk9oWVVVWW1kbygkLCcqMiEwJ205LjF9ZiBwbGxuJXsnPzpIfklJLnYwIXx8fTUs[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E
    Ligne Trouvée : user_pref(“CT3242339./9B+7E=x305.enc”, “JH45MzY/QUE3OTV8SD1ALXUvIH4gIjQrNlBUWVdMVU9RWzRfVFdELUY3Njc4S0JNZ2twbmBvYWZrY2ZNeG1wXUZfUE9QUGRbZiElfHlzemEtIiVxWnNkY2RjeG96NT0yM0A/Oz8zeEQ5PClxK3t6e3kwJzJMTU9F[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E>x305.enc”, “JH46QTY/MjI4OHtHPD8sdC5+ICF8Myo1UE9TRkgvWk9SPyhBMjM0L0Y9SGNcXWZiakNuY2ZTPFVGR0hCWlFcd3B3cyAjcSFZJXl8aVJrXF1dYXBnci4hLiQ4KDg3Lyo6LnM/NDckbCZ2d3d6KyItSEtMR1FCRilU[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E?x305.enc”, “JH47LS8vM0E0QDo6fUlMLXUvICMgfjQrNlJQTFJJVVJWUlw1YFVYRS5HODs4NkxDTmpwb19lY11zb2d1eGhMZXBrVCB0d2RNZldaV1RrYm0qIisvJS5oNCkseGF6a25rZyB2Ij5EQkEzNkE8PiBLQEMweDIjJiIn[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7E@x305.enc”, “JH48QEIrd0M4OyhwKnt2fngvJjFOUlQ9KlVKLUZRPCU+MCszLEM6RWJnVlFiWWVfX0NuY0ZfalU+V0lETERcU157IXR8eCF0WiZ6fWpTbF5ZYGJxaHMxNCkmJm05LjF9ZiBxbHN0JXsnRDY5PT9FTD0kT0RHNHw2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7EAx305.enc”, “JH49PTc4d0M4OyhwKnt6dX4vJjFPT1RKUkBFSFZPWDFcUVRBKkM1NC83SD9KaGRrZF1eYmRiYW1pcXJrbHhqUXxxdGFKY1VUT1ZoX2opJSgnfDEnIjAgaTUqLXlie21sZ20hdyNBRS5EREk/fko/Qi93MSMifCI2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7EBE3G=;D9N9=D.enc”, “NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTNLVw==”);
    Ligne Trouvée : user_pref(“CT3242339./9B+7EBx305.enc”, “JH4+OTFBMD0zRUA2Mn5KP0IvdzF7fSM1LDdWWUlITk9RUlxOTFVTW1RgWlo+aV5hTjdQOz1BVEtWdXVlbXNneW1tfFUhdXhlTmdSVFdrYm0tIiUuIGczKGokL3lie2ZoaiB2IkEvM3lFOj0qcix2eHkwJzJRQ1VD[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7ECx305.enc”, “JH4/PTAwQzEuekY7PitzLXsgfjEoM1NRVlVRV1pPWExeM15TVkMsRTQ4NklAS2tZVmxoa0ZxZmlWP1hHS0hcU15+bGlWInZ5Zk9oV1tXbGNuLzEhJjAjNio1LCw6MTlxPTI1ImokcnZxKH4qSkE/TEVPPUBAUEQq[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7EDx305.enc”, “JH5ANUIqNjh5RTo9KnIsfSAvJjFSR1Q8SEosV0wvSFM+J0AyM0M6RWZbaFBcXkBrbk84UUNDVEtWd2x5YW1vUXxxVHhzY0xlV1ZoX2osIS51IiRlLiN0XXZoZnlwez06LjIyNDExRTtDe0c8Pyx0LiB8MSgzVFJI[…]
    Ligne Trouvée : user_pref(“CT3242339./9B+7Etx305.enc”, “JH5uLy47MjNCNXtEOStzLXp7e3wyKTQjUkxUV0dKTlBWXUphUV9dV1JVZD1oXWBNNk89Pj49VEtWRUhqc21pb1J9cnViS2RSU1NRaWBrWnt7dyYueWczKCt3YHlnaGdvfnUhcm01Pjg0OnxIPUAtdS98fXwkNCs2[…]
    Ligne Trouvée : user_pref(“CT3242339./9B-0?3G>D.enc”, “Omg+PnA+c3B6dHdIeCB7e3ZKJSN7TyAqJShXJFgrWyctKFxd”);
    Ligne Trouvée : user_pref(“CT3242339./9B-0?3G@6:5;.enc”, “AA==”);
    Ligne Trouvée : user_pref(“CT3242339./9B-0?3GFA7EF.enc”, “Ky4sPQ==”);
    Ligne Trouvée : user_pref(“CT3242339./9B-3=3ECCJA=F>.enc”, “JH4zPSxFL0E1J28pe359ISAvJjE+Qkk1fTc4LzpJTV1RPygzOENdZVRpW2VUbVdpXV1oY2VTPHB2bGZ1Xg==”);
    Ligne Trouvée : user_pref(“CT3242339./9B/556,BI5A>G.enc”, “bm1sanJ0b21wcHN5cw==”);
    Ligne Trouvée : user_pref(“CT3242339./9B/>01=9A6K6
    Ligne Trouvée : user_pref(“CT3242339./9B=+03EH8H8J?:.enc”, “REM=”);
    Ligne Trouvée : user_pref(“CT3242339./9B?+E2A52D8.enc”, “NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=”);
    Ligne Trouvée : user_pref(“CT3242339./9B?B0D:8AJ62
    Ligne Trouvée : user_pref(“CT3242339./9BA@0<0BI6A7GN:6@L?.enc", "bms=");
    Ligne Trouvée : user_pref(“CT3242339.1000082.isDisplayHidden”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.1000082.state”, “{“state”:”stopped”,”text”:”Californi…”,”description”:”California Rock”,”url”:”hxxp://feedlive.net/california.asx”}”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_TMP_city”, “PARIS”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_TMP_country”, “FR”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_locId”, “FRXX0076”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_location”, “Paris, France”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_region”, “FR”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_temp_dis”, “c”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.TWC_wind_dis”, “kmh”);
    Ligne Trouvée : user_pref(“CT3242339.1000234.weatherData”, “{“icon”:”30.png”,”temperature”:”1°C”,”temperatureClear”:”1°C”,”highTemperature”:”2°C”,”lowTemperature”:”1°C”,”feelsLike”:”1°C”,[…]
    Ligne Trouvée : user_pref(“CT3242339.129498282976856742.isToggled_item0_12”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.CBOpenMAMSettings.enc”, “MA==”);
    Ligne Trouvée : user_pref(“CT3242339.ENABALE_HISTORY”, “{“dataType”:”string”,”data”:”false”}”);
    Ligne Trouvée : user_pref(“CT3242339.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.FirstTime”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.FirstTimeFF3”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.LoginRevertSettingsEnabled”, true);
    Ligne Trouvée : user_pref(“CT3242339.RevertSettingsEnabled”, true);
    Ligne Trouvée : user_pref(“CT3242339.UserID”, “UN40003974604697080”);
    Ligne Trouvée : user_pref(“CT3242339.addressBarTakeOverEnabledInHidden”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.cb_experience_000.enc”, “Mg==”);
    Ligne Trouvée : user_pref(“CT3242339.cb_firstuse0100.enc”, “MQ==”);
    Ligne Trouvée : user_pref(“CT3242339.cb_user_id_000.enc”, “Q0I4ODI0MzUwNTQ1ODFfMTM1ODEwNzI0OTUxMV9GaXJlZm94”);
    Ligne Trouvée : user_pref(“CT3242339.cbcountry_001.enc”, “RlI=”);
    Ligne Trouvée : user_pref(“CT3242339.cbfirsttime.enc”, “U3VuIEphbiAxMyAyMDEzIDIwOjMzOjEyIEdNVCswMTAw”);
    Ligne Trouvée : user_pref(“CT3242339.countryCode”, “FR”);
    Ligne Trouvée : user_pref(“CT3242339.enableAlerts”, “never”);
    Ligne Trouvée : user_pref(“CT3242339.enableFix404ByUser”, “FALSE”);
    Ligne Trouvée : user_pref(“CT3242339.event_data.enc”, “JTVCJTVE”);
    Ligne Trouvée : user_pref(“CT3242339.fired_events.enc”, “AA==”);
    Ligne Trouvée : user_pref(“CT3242339.firstTimeDialogOpened”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.fixPageNotFoundErrorByUser”, “TRUE”);
    Ligne Trouvée : user_pref(“CT3242339.fixPageNotFoundErrorInHidden”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.fixUrls”, true);
    Ligne Trouvée : user_pref(“CT3242339.fullUserID”, “UN40003974604697080.UP.20130701184147”);
    Ligne Trouvée : user_pref(“CT3242339.hxxp___pricegong_conduitapps_com_v4.APP_WIN_FEATURES.enc”, “cmVzaXphYmxlPTAsc2F2ZWxvY2F0aW9uPTAsb3BlbnBvc2l0aW9uPWFsaWdubWVudDpCO0wsdGl0bGViYXI9MA==”);
    Ligne Trouvée : user_pref(“CT3242339.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc”, “b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc2Nyb2xsYmFycz1ubyx0aXRsZW[…]
    Ligne Trouvée : user_pref(“CT3242339.installType”, “Unknown”);
    Ligne Trouvée : user_pref(“CT3242339.isCheckedStartAsHidden”, true);
    Ligne Trouvée : user_pref(“CT3242339.isEnableAllDialogs”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.isFirstTimeToolbarLoading”, “false”);
    Ligne Trouvée : user_pref(“CT3242339.isNewTabEnabled”, false);
    Ligne Trouvée : user_pref(“CT3242339.isPerformedSmartBarTransition”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.isToolbarShrinked”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.isWelcomPage”, “{“dataType”:”boolean”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.key_date.enc”, “MTM=”);
    Ligne Trouvée : user_pref(“CT3242339.lastNewTabSettings”, “{“isEnabled”:false,”newTabUrl”:”hxxp://search.conduit.com/?ctid=CT3242339&octid=CT3242339&SearchSource=15&CUI=UN40003974604697080&SSPV=&Lay=1&UM=”}”);
    Ligne Trouvée : user_pref(“CT3242339.lastVersion”, “10.23.0.822”);
    Ligne Trouvée : user_pref(“CT3242339.migrateAppsAndComponents”, true);
    Ligne Trouvée : user_pref(“CT3242339.navigationAliasesJson”, “{“EB_MAIN_FRAME_URL”:”hxxps%3A%2F%2Fwww.facebook.com%2F”,”EB_MAIN_FRAME_TITLE”:”Facebook”,”EB_SEARCH_TERM”:””,”EB_TOOLBAR_SUB_DOMAIN”:”hxxp[…]
    Ligne Trouvée : user_pref(“CT3242339.newSettings”, “{“dataType”:”boolean”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.revertSettingsEnabled”, “false”);
    Ligne Trouvée : user_pref(“CT3242339.search.searchAppId”, “129888260397511660”);
    Ligne Trouvée : user_pref(“CT3242339.search.searchCount”, “1”);
    Ligne Trouvée : user_pref(“CT3242339.searchInNewTabEnabled”, “false”);
    Ligne Trouvée : user_pref(“CT3242339.searchInNewTabEnabledByUser”, “false”);
    Ligne Trouvée : user_pref(“CT3242339.searchInNewTabEnabledInHidden”, “true”);
    Ligne Trouvée : user_pref(“CT3242339.searchProtector.notifyChanges”, “{“dataType”:”string”,”data”:”false”}”);
    Ligne Trouvée : user_pref(“CT3242339.searchSuggestEnabledByUser”, “false”);
    Ligne Trouvée : user_pref(“CT3242339.selectToSearchBoxEnabled”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_login_isFirstLoginInvoked”, “{“dataType”:”boolean”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_login_loginCount”, “{“dataType”:”number”,”data”:”4″}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_activeCTID”, “{“dataType”:”string”,”data”:”CT3242339″}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_activeDownloadUrl”, “{“dataType”:”string”,”data”:”hxxp://WiseConvert15.OurToolbar.com//xpi”}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_activeToolbarName”, “{“dataType”:”string”,”data”:”WiseConvert 1.5 “}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_toolbarGrouping_invoked”, “{“dataType”:”string”,”data”:”true”}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_service_usage_toolbarUsageCount”, “{“dataType”:”number”,”data”:”2″}”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_Configuration_lastUpdate”, “1388424921165”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_appTrackingFirstTime_lastUpdate”, “1359201448747”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_appsMetadata_lastUpdate”, “1359574321609”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_clientErrorLog_lastUpdate”, “1358604708476”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_gottenAppsContextMenu_lastUpdate”, “1359385591496”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_location_lastUpdate”, “1372272438557”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_login_10.13.40.15_lastUpdate”, “1359385471968”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_login_10.14.42.7_lastUpdate”, “1360864481297”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_login_10.14.65.43_lastUpdate”, “1364160114594”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_login_10.15.0.562_lastUpdate”, “1365950837984”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_login_10.15.2.523_lastUpdate”, “1372272439772”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_login_10.16.4.519_lastUpdate”, “1374883380023”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate”, “1359568748933”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate”, “1359568748830”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_otherAppsContextMenu_lastUpdate”, “1359385591602”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_searchAPI_lastUpdate”, “1388424920786”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_serviceMap_lastUpdate”, “1388424920631”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_toolbarContextMenu_lastUpdate”, “1359385591213”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_toolbarSettings_lastUpdate”, “1388424920422”);
    Ligne Trouvée : user_pref(“CT3242339.serviceLayer_services_translation_lastUpdate”, “1388424920589”);
    Ligne Trouvée : user_pref(“CT3242339.settingsINI”, true);
    Ligne Trouvée : user_pref(“CT3242339.showToolbarPermission”, “false”);
    Ligne Trouvée : user_pref(“CT3242339.smartbar.CTID”, “CT3242339”);
    Ligne Trouvée : user_pref(“CT3242339.smartbar.Uninstall”, “0”);
    Ligne Trouvée : user_pref(“CT3242339.smartbar.toolbarName”, “WiseConvert 1.5 “);
    Ligne Trouvée : user_pref(“CT3242339.toolbarBornServerTime”, “13-1-2013”);
    Ligne Trouvée : user_pref(“CT3242339.toolbarCurrentServerTime”, “18-7-2013”);
    Ligne Trouvée : user_pref(“CT3242339.toolbarLoginClientTime”, “Sun Mar 24 2013 23:02:13 GMT+0100”);
    Ligne Trouvée : user_pref(“CT3242339.url_history0001.enc”, “aHR0cDovL3d3dy5nb29nbGUuZnIvc2VhcmNoP2hsPWZyJmNsaWVudD1maXJlZm94LWEmaHM9Y3lXJnJscz1vcmcubW96aWxsYTpmcjpvZmZpY2lhbCZxPWNvbmZlc3Npb25zK2ludGltZXMrbWFyaWFoK2Nh[…]
    Ligne Trouvée : user_pref(“CT3242339_Firefox.csv”, “[{“from”:”Abs Layer”,”action”:”loading toolbar”,”time”:1388424912207,”isWithState”:””,”timeFromStart”:0,”timeFromPrev”:0}]”);
    Ligne Trouvée : user_pref(“browser.search.order.1”, “Mysearchdial”);
    Ligne Trouvée : user_pref(“extensions.Fissa.lastRunTime”, “Sat, 28 Aug 2010 18:09:57 GMT”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.aflt”, “irmsd1202aw”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.appId”, “{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.cd”, “2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.cntry”, “FR”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.cr”, “627028764”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.dfltLng”, “”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.dfltSrch”, true);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.dnsErr”, true);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.dpkLst”, “3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[…]
    Ligne Trouvée : user_pref(“extensions.mysearchdial.excTlbr”, false);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.hdrMd5”, “0A199B406364F49189CCE1F3B14CB697”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.hmpg”, true);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.hmpgUrl”, “hxxp://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu[…]
    Ligne Trouvée : user_pref(“extensions.mysearchdial.id”, “00234E2320037E44”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.instlDay”, “16051”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.instlRef”, “”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.lastB”, “hxxp://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutC[…]
    Ligne Trouvée : user_pref(“extensions.mysearchdial.lastVrsnTs”, “1.8.21.020:58:49”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.newTabUrl”, “hxxp://start.mysearchdial.com/?f=2&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1C[…]
    Ligne Trouvée : user_pref(“extensions.mysearchdial.pnu_base”, “{“newVrsn”:”89″,”lastVrsn”:”89″,”vrsnLoad”:””,”showMsg”:”false”,”showSilent”:”false”,”msgTs”:0,”lstMsgTs”:”0″}”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.prdct”, “mysearchdial”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.prtnrId”, “mysearchdial”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.sg”, “none”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.srchPrvdr”, “Mysearchdial”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.tlbrId”, “base”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.tlbrSrchUrl”, “hxxp://start.mysearchdial.com/?f=3&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L[…]
    Ligne Trouvée : user_pref(“extensions.mysearchdial.vrsn”, “1.8.21.0”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial.vrsni”, “1.8.21.0”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial_i.hmpg”, true);
    Ligne Trouvée : user_pref(“extensions.mysearchdial_i.newTab”, false);
    Ligne Trouvée : user_pref(“extensions.mysearchdial_i.smplGrp”, “none”);
    Ligne Trouvée : user_pref(“extensions.mysearchdial_i.vrsnTs”, “1.8.21.020:58:49”);
    Ligne Trouvée : user_pref(“plugin.blocklisted.npviewpoint”, true);
    Ligne Trouvée : user_pref(“plugin.state.npconduitfirefoxplugin”, 2);
    Ligne Trouvée : user_pref(“plugin.state.npviewpoint”, 0);
    Ligne Trouvée : user_pref(“smartbar.machineId”, “/ZKAXXVZDMPPYKTR23S/FN7A7L8JFW5RV07LZCMYDLJ/ZWIXR/YVAKUCMQHW336NKXDSYDMOF8SDCBHZDE2M5W”);
    Ligne Trouvée : user_pref(“valueApps.CT3242339.mam_gk_currentVersion”, “312E31322E302E35”);
    Ligne Trouvée : user_pref(“valueApps.CT3242339.mam_gk_currentVersion.storedInFile”, false);
    Ligne Trouvée : user_pref(“valueApps.CT3242339.mam_gk_globalKeysMigratedToLocalStorage”, “31”);
    Ligne Trouvée : user_pref(“valueApps.CT3242339.mam_gk_globalKeysMigratedToLocalStorage.storedInFile”, false);
    Ligne Trouvée : user_pref(“valueApps.CT3242339.mam_gk_migrated_from_ls”, “31”);
    Ligne Trouvée : user_pref(“valueApps.CT3242339.mam_gk_migrated_from_ls.storedInFile”, false);

    -\ Google Chrome v31.0.1650.63

    [ Fichier : C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Trouvée : icon_url
    Trouvée : search_url
    Trouvée : keyword

    *************************

    AdwCleaner[R0].txt – [35593 octets] – [30/12/2013 19:20:43]

    ########## EOF – C:AdwCleanerAdwCleaner[R0].txt – [35654 octets] ##########[/font:2hmrob0w]

  • lilidurhone
    Post count: 0

    Si si le scan zhpdiag a servi à quelque chose :)

    Il montre que l’infection USB a bien été éradiqué (donc tu peux utiliser tes clés ;) mais révèle la présence de logiciels potentiellement indésirables

    Pour les éradiquer on va utiliser adwcleaner et JRT

    Tu as compris ;)

  • Telma
    Post count: 0

    [font=Century Gothic:1xla6njp]Du coup je comprends pas… le scan d'avant à servi à rien??
    Ou :riencompris

    Il va servir à quoi le suivant??
    Pour mes clefs c'est bon?
    je ne suis pas trop à quoi serve tous ces logiciels?

    :merci2:[/font:1xla6njp]

  • lilidurhone
    Post count: 0

    :)

    • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisi l’option Scanner
      2. Clique sur Rapport
    • Copie et Colle le contenu du rapport

  • Telma
    Post count: 0

    [font=Century Gothic:sycne83c]ET FIN !!!! :

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox” onclick=”window.open(this.href);return false; =>PUP.OfferBox
    ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    ~ http://nicolascoolman.webs.com/apps/blog/show/27046242-adware-metastream” onclick=”window.open(this.href);return false; =>Adware.MetaStream
    ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer” onclick=”window.open(this.href);return false; =>Adware.SPointer
    ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon” onclick=”window.open(this.href);return false; =>PUP.Babylon
    ~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore” onclick=”window.open(this.href);return false; =>Adware.InstallCore
    ~ http://nicolascoolman.webs.com/apps/blog/show/35115580-pup-vittalia” onclick=”window.open(this.href);return false; =>PUP.Vittalia
    ~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup” onclick=”window.open(this.href);return false; =>PUP.MyPCBackup
    ~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy” onclick=”window.open(this.href);return false; =>Adware.OpenCandy
    ~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong” onclick=”window.open(this.href);return false; =>Adware.PriceGong
    ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster” onclick=”window.open(this.href);return false; =>Adware.IMBooster
    ~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz” onclick=”window.open(this.href);return false; =>Adware.SocialSkinz
    ~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke” onclick=”window.open(this.href);return false; =>PUP.WhiteSmoke
    ~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo” onclick=”window.open(this.href);return false; =>PUP.EoRezo
    ~ http://nicolascoolman.webs.com/apps/blog/show/27629963-pup-fbsearch” onclick=”window.open(this.href);return false; =>PUP.Fbsearch
    ~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits” onclick=”window.open(this.href);return false; =>PUP.ToparcadeHits
    ~ http://nicolascoolman.webs.com/apps/blog/show/26668292-adware-doubled” onclick=”window.open(this.href);return false; =>Adware.DoubleD
    ~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites” onclick=”window.open(this.href);return false; =>Adware.SimilarSites
    ~ http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox” onclick=”window.open(this.href);return false; =>Adware.BrowseFox
    ~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector” onclick=”window.open(this.href);return false; =>PUP.BProtector
    ~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar” onclick=”window.open(this.href);return false; =>Hijacker.SmartBar
    ~ MSI: 22 link(s) detected in 00mn 37s

    ~ 1613 Legitimates filtered by white list
    End of the scan (726 lines in 09mn 12s)(0)

    J'dois faire quoi now ?

    :merci2:[/font:sycne83c][/font][/font]

  • Telma
    Post count: 0

    Suite :

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WindowsExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.21/01/2008 – 03:23:42.) — C:WindowsSystem32Wininit.exe [96768]
    [MD5.4CC9DF09C3D915BA0A101A11DB684F26] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.14/11/2013 – 23:42:41.) — C:WindowsSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WindowsSystem32Winlogon.exe [314368]
    [MD5.3911B972B55FEA0478476B2E777B29FA] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.21/04/2011 – 14:58:27.) — C:Windowssystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:Windowssystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.21/01/2008 – 03:23:51.) — C:Windowssystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:Windowssystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:Windowssystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:Windowssystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.21/01/2008 – 03:23:20.) — C:Windowssystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.21/01/2008 – 03:24:25.) — C:Windowssystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:Windowssystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:Windowssystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:Windowssystem32Driversntfs.sys [1082232]
    [MD5.0FA9B5055484649D63C303FE404E5F4D] – (.Microsoft Corporation – Pilote de port parallèle.) (.02/11/2006 – 09:51:30.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/01/2008 – 03:24:55.) — C:Windowssystem32DriversRasl2tp.sys [76288]
    [MD5.FBC0BACD9C3D7F6956853F64A66E252D] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.21/01/2008 – 03:23:01.) — C:Windowssystem32Driversrdpdr.sys [248832]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:Windowssystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:Windowssystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:Windowssystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 02s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/1055
    ~ Mes musiques (My Musics) : 123/2452
    ~ Mes Videos (My Videos) : 1/38
    ~ Mes Favoris (My Favorites) : 49/120
    ~ Mes Documents (My Documents) : 4/9523
    ~ Mon Bureau (My Desktop) : 1/1382
    ~ Menu demarrer (Programs) : 1/38
    ~ Hidden Files: Scanned in 00mn 06s

    —\ Processus lancés
    [MD5.DD231039B13EC2ABDE315D76E658EF0E] – (.Avira Operations GmbH & Co. KG – Antivirus System Tray Tool (Desktop).) — C:Program FilesAviraAntiVir Desktopavgnt.exe [684600] [PID.3752]
    [MD5.4B555106290BD117334E9A08761C035A] – (…) — ystem32rundll32.exe [0] [PID.2304]
    [MD5.870DF389D7676EDBB635141336A867C6] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8302080] [PID.2976]
    [MD5.FE79366FECD444A16CCA9979134DBEA8] – (.Avira Operations GmbH & Co. KG – Antivirus Host Framework Service.) — C:Program FilesAviraAntiVir Desktopsched.exe [440376] [PID.1900]
    [MD5.FDE9C7030FB1E9E2715E113EE6A10F90] – (.Avira Operations GmbH & Co. KG – Antivirus Host Framework Service.) — C:Program FilesAviraAntiVir Desktopavguard.exe [440376] [PID.524]
    [MD5.6F1E9AB820B3DD8BD38C0190A206205D] – (.Avira Operations GmbH & Co. KG – AntiVir shadow copy service.) — C:Program FilesAviraAntiVir Desktopavshadow.exe [431672] [PID.1700]
    [MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] – (.Microsoft Corporation – PresentationFontCache.exe.) — C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [43904] [PID.4436]
    [MD5.F401929EE0CC92BFE7F15161CA535383] – (.Apple Inc. – MobileDeviceService.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55184] [PID.1892]
    [MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] – (.Hewlett-Packard – HP Health Check Service.) — c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [94208] [PID.4092]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1788]
    [MD5.A1545B731579895D8CC44FC0481C1192] – (.Microsoft Corporation – Service de la passerelle de la couche Appli.) — C:WindowsSystem32alg.exe [59392] [PID.2128]
    [MD5.5DAF7081A4BB112FA3F1915819330A3E] – (…) — C:Program FilesZHPDiagpv.exe [61440] [PID.0]
    ~ Processes Running: Scanned in 00mn 01s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultPreferences
    G1 – GCS: Preference [User DataDefault] http://start.mysearchdial.com” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    G2 – GCE: Preference [User DataDefault] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.15.5.0.2 (Désactivé) =>Toolbar.AVGSearch
    G2 – GCE: Preference [User DataDefault] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
    ~ Google Browser: 15 Legitimates Filtered in 00mn 02s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultprefs.js
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultuser.js
    M3 – MFPP: Plugins – [Marie-Estelle] — C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsavg-secure-search.xml
    M3 – MFPP: Plugins – [Marie-Estelle] — C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsfissa.xml =>PUP.OfferBox
    M3 – MFPP: Plugins – [Marie-Estelle] — C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultsearchpluginsMysearchdial.xml =>Adware.MyWebSearch
    M3 – MFPP: Plugins – [Marie-Estelle] — C:Program FilesMozilla FireFoxsearchpluginsavg-secure-search.xml
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.default@FissaPlugin] [] Fissa v1.0 (..) =>PUP.OfferBox
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.defaultzigboom.designs@gmail.com] [] BlackFox V2-Blue v2.1.6 (..)
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.default{19803860-b306-423c-bbb5-f60a7d82cde5}] [] WiseConvert 1.5 v10.23.0.822 (..) =>Toolbar.Conduit
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.default{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v3.1.0.20130818030116 (..)
    M2 – MFEP: prefs.js [Marie-Estelle – 3dhaobu0.default{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}] [] MySearchDial NewTab v3.1.0.20130818030116 (..) =>Adware.MyWebSearch
    P2 – FPN: [HKLM] [@viewpoint.com/VMP] – (.Pas de propriétaire – MetaStream 3 Plugin r4.) — C:Program FilesViewpointViewpoint Experience TechnologynpViewpoint.dll =>Adware.MetaStream
    ~ Firefox Browser: 46 Legitimates Filtered in 00mn 02s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://start.mysearchdial.com” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://start.mysearchdial.com” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerAboutURLs,Tabs = http://start.mysearchdial.com” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    R4 – HKCUSOFTWAREMicrosoftInternet ExplorerPhishingFilter,Enabled = 1
    ~ IE Browser: 12 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    —\ Internet Explorer Toolbars (O3)
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{A057A204-BACC-4D26-9E83-2DB586E27190} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{472734EA-242A-422B-ADF8-83D1E48CC825} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Aide et Support d’HP.lnk . (.Hewlett-Packard – HPHS Launcher.) — C:WindowsHelpOEMscriptsHPHS_Launcher.exe
    O4 – GSDesktop [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard – HP Advisor.) — C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe
    O4 – GSDesktop [Public]: Octave.lnk . (…) — C:Program FilesOctave3.0.5_gcc-4.3.0binoctave-3.0.5.exe
    O4 – GSProgram [Public]: cellule_3D.lnk . (…) — C:Program Filesplanetes3Dplanet3D.exe
    O4 – GSProgram [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard – HP Advisor.) — C:Program FilesHewlett-PackardHP AdvisorHPAdvisor.exe
    O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSProgram [Public]: Pour les enfants.lnk . (.EasyBits Software AS – For Kids.) — C:Program FilesEasyBits For KidsPromoezKidsReady.exe =>.EasyBits Software AS
    O4 – GSProgram [Public]: QuickPlay Manager.lnk . (.CyberLink Corp. – HP QuickPlay Manage Program.) — C:Program FilesHPQuickPlayQPManager.exe
    O4 – GSProgram [Public]: QuickPlay.lnk . (.CyberLink Corp. – HP QuickPlay.) — C:Program FilesHPQuickPlayQP.exe
    O4 – GSProgram [Public]: Starzik Download Manager.lnk . (…) — C:Program FilesStarzik Download ManagerStarzik Download Manager.exe
    O4 – GSQuickLaunch [Marie-Estelle]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSQuickLaunch [Marie-Estelle]: Mozilla Firefox (2).lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSQuickLaunch [Marie-Estelle]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSProgram [Marie-Estelle]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSSystemTools [Marie-Estelle]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSDesktop [Marie-Estelle]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Marie-Estelle]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O4 – GSDesktop [Marie-Estelle]: planete3D.lnk . (…) — C:Program Filesplanetes3Dplanet3D.exe
    ~ Global Startup: 73 Legitimates Filtered in 00mn 04s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – HKLM..Run: [SynTPEnh] . (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [QPService] . (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe
    O4 – HKLM..Run: [Windows Defender] . (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe
    O4 – HKLM..Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. – Quick Launch Buttons.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
    O4 – HKLM..Run: [OnScreenDisplay] . (. Hewlett-Packard Development Company, L.P. – HP QuickTouch On Screen Display.) — C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
    O4 – HKLM..Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    O4 – HKLM..Run: [AppleSyncNotifier] . (.Apple Inc. – AppleSyncNotifier.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
    O4 – HKLM..Run: [HP Health Check Scheduler] . (.Hewlett-Packard – HP Health Check Scheduler.) — c:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    O4 – HKLM..Run: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHpHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited – Launch Agent Service.) — C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program FilesSamsungKiesKiesTrayAgent.exe =>.Samsung Electronics Co
    O4 – HKLM..Run: [avgnt] . (.Avira Operations GmbH & Co. KG – Antivirus System Tray Tool (Desktop).) — C:Program FilesAviraAntiVir Desktopavgnt.exe
    O4 – HKLM..Run: [BCSSync] . (.Microsoft Corporation – Microsoft Office 2010 component.) — C:Program FilesMicrosoft OfficeOffice14BCSSync.exe =>.Microsoft Corporation
    O4 – HKLM..Run: [SysTrayApp] . (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [LightScribe Control Panel] . (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe
    O4 – HKCU..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKCU..Run: [OfferBox] C:Program FilesOfferBoxOfferBox.exe (.not file.) =>PUP.OfferBox
    O4 – HKCU..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program FilesSamsungKiesKies.exe
    O4 – HKCU..Run: [KiesAirMessage] . (.Samsung Electronics – Pas de description.) — C:Program FilesSamsungKiesKiesAirMessage.exe
    O4 – HKCU..Run: [WMPNSCFG] . (.Microsoft Corporation – Application de configuration du service Par.) — C:Program FilesWindows Media PlayerWMPNSCFG.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [LightScribe Control Panel] . (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [OfferBox] C:Program FilesOfferBoxOfferBox.exe (.not file.) =>PUP.OfferBox
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program FilesSamsungKiesKies.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [KiesAirMessage] . (.Samsung Electronics – Pas de description.) — C:Program FilesSamsungKiesKiesAirMessage.exe
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [WMPNSCFG] . (.Microsoft Corporation – Application de configuration du service Par.) — C:Program FilesWindows Media PlayerWMPNSCFG.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1917961054-784476770-3265431197-1000..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft Office OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~3Office12ONBttnIE.dll
    O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOffice12REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCCSServicesTcpip..{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCS1ServicesTcpip..{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCS3ServicesTcpip..{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Windows Live Album Download Protocol Handle.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O18 – Filter: text/xml – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon Filesmicrosoft sharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l’interface utilisateur du.) — C:WindowsSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT:Automatic Planified Task – C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
    O39 – APT:Automatic Planified Task – C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
    [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (…) — C:WindowsTEMP{42442D61-6FB2-4A99-80CC-3EC4D9DAA021}.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (…) — C:WindowsTEMP{26E15C44-6DA3-4EC0-8164-B7DB49238A7F}.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}] (…) — E:.Autorun.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{04D6F92F-F963-48C0-9F4B-4511D0CE659E}] (…) — C:Program FilesAIM6uninst.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{4B671E64-3D31-445D-9676-FDA18A328F2A}] (…) — C:Program FilesQuickTimeQTSystemQuickTime.cpl” -c QuickTime (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{7AF94D5F-8C16-4F20-A002-9E0F874B8576}] (…) — E:.Autorun.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{85943581-0889-40CE-AB2D-C77F3FA636B7}] (…) — C:UsersMarie-EstelleDownloads601_b021_multilanguage.exe (.not file.) [0]
    ~ Scheduled Task: 28 Legitimates Filtered in 00mn 08s

    —\ Logiciels installés (O42)
    O42 – Logiciel: OfferBox – (.Secure Digital Services.) [HKLM] — {2C8574B5-6935-4FCE-860E-F4E8602378FF} =>Adware.SPointer
    ~ Logic: 51 Legitimates Filtered in 00mn 01s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareBabylon] =>PUP.Babylon
    [HKCUSoftwareConduit] =>Toolbar.Conduit
    [HKCUSoftwareFissaSearch] =>PUP.OfferBox
    [HKCUSoftwareIGearSettings]
    [HKCUSoftwareInstallCore] =>Adware.InstallCore
    [HKCUSoftwareOfferBox] =>PUP.OfferBox
    [HKCUSoftwareSoftonic] =>Toolbar.Conduit
    [HKCUSoftwareVittalia] =>PUP.Vittalia
    [HKCUSoftwareWideStream] =>Adware.SPointer
    [HKCUSoftwareYahooPartnerToolbar]
    [HKCUSoftwaremysearchdial.com] =>Adware.MyWebSearch
    [HKLMSoftwareMetaStream] =>Adware.MetaStream
    ~ Key Software: 332 Legitimates Filtered in 00mn 01s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 29/08/2010 – 23:15:42 – [0] —-D C:Program FilesCrazyLoader =>Adware.SPointer
    O43 – CFD: 12/12/2013 – 21:15:15 – [0,015] —-D C:Program FilesMyPC Backup =>PUP.MyPCBackup
    O43 – CFD: 18/11/2010 – 21:33:05 – [1,658] —-D C:Program Filesplanetes3D
    O43 – CFD: 24/02/2010 – 10:33:36 – [1,760] —-D C:Program FilesSpyware Doctor
    O43 – CFD: 21/02/2013 – 21:26:24 – [0] —-D C:Program FilesWidestream6 =>Adware.SPointer
    O43 – CFD: 05/04/2011 – 10:38:07 – [0] –H-D C:ProgramDatacJb31001dNaIa31001
    O43 – CFD: 06/06/2012 – 19:13:46 – [0,024] —-D C:UsersMarie-EstelleAppDataRoamingFissaSearch =>PUP.OfferBox
    O43 – CFD: 17/06/2010 – 19:37:16 – [0,353] —-D C:UsersMarie-EstelleAppDataRoamingOfferBox =>PUP.OfferBox
    O43 – CFD: 04/04/2012 – 14:46:35 – [14,360] —-D C:UsersMarie-EstelleAppDataRoamingOpenCandy =>Adware.OpenCandy
    O43 – CFD: 06/06/2010 – 18:26:17 – [0,001] –H-D C:UsersMarie-EstelleAppDataRoamingwidestream =>Adware.SPointer
    O43 – CFD: 17/05/2011 – 16:40:50 – [0,525] –H-D C:UsersMarie-EstelleAppDataLocalwidestream6 Air =>Adware.SPointer
    O43 – CFD: 04/07/2011 – 04:38:31 – [0,003] —-D C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsCrazyLoader =>Adware.SPointer
    ~ 4 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 233 Legitimates Filtered in 00mn 58s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] – 23/12/2013 – 23:00:18 —A- . (…) — C:WindowsSystem32DOErrors.log [52]
    O44 – LFC:[MD5.6361D50FE0AD8ECC249D6A7CB37B514B] – 29/12/2013 – 20:20:07


    . (…) — C:UsbFix [Scan 1] PC-MARIE-ESTELL.txt [12880]
    O44 – LFC:[MD5.5F8BDF657FD65DE8803D7C494611679C] – 29/12/2013 – 20:43:49


    . (…) — C:UsbFix [Scan 2] PC-MARIE-ESTELL.txt [13094]
    O44 – LFC:[MD5.36A47F2E5C9049A2464D134386FFBF23] – 29/12/2013 – 21:15:53 —A- . (…) — C:UsbFix [Clean 1] PC-MARIE-ESTELL.txt [17272]
    ~ Files: 13 Legitimates Filtered in 01mn 31s

    —\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregAppleSyncNotifier [Key] . (…) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe (.not file.)
    O53 – SMSR:HKLM…startupregVeoh [Key] . (…) — C:Program FilesVeoh NetworksVeohVeohClient.exe (.not file.)
    ~ SMSR Keys: 8 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    ~ MWPS: 15 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “AllowLegacyWebView”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “AllowUnhashedWebView”=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] – 29/10/2012 – 12:09:26 —A- . (.Devguru Co., Ltd – Device Error Recovery SDK(x86).) — C:WindowsSystem32Driversdgderdrv.sys [20032]
    O58 – SDL:[MD5.23B62471681A124889978F6295B3F4C6] – 21/01/2008 – 03:23:22 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [342584]
    O58 – SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] – 24/01/2008 – 14:23:12 —A- . (.ENE TECHNOLOGY INC. – ENE CIR Driver for eHome.) — C:WindowsSystem32Driversenecir.sys [52736]
    O58 – SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] – 02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WindowsSystem32Driversiteatapi.sys [35944]
    O58 – SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] – 02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WindowsSystem32Driversiteraid.sys [35944]
    O58 – SDL:[MD5.1FC8A7E5C3AED31F00940C6AB2FD9B49] – 31/07/2006 – 06:44:00 —A- . (.Omnivision Technologies, Inc. – Stream Class Mini Driver.) — C:WindowsSystem32Driversov550i.sys [580992]
    O58 – SDL:[MD5.A36EE93698802CD899F98BFD553D8185] – 27/07/2013 – 08:41:54 —A- . (.Avira GmbH – AVIRA SnapShot Driver.) — C:WindowsSystem32Driversssmdrv.sys [28520]
    O58 – SDL:[MD5.6CC6C4B9D7B906A151AA094CA087B9F0] – 20/09/2012 – 05:35:36 —A- . (.DEVGURU Co., LTD.(http://www.devguru.co.kr) – SAMSUNG USB Composite Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudbus.sys [83168]
    O58 – SDL:[MD5.359FEE084F1173FFFFD7F9CCBD43D47F] – 20/09/2012 – 05:35:36 —A- . (.DEVGURU Co., LTD.(http://www.devguru.co.kr) – SAMSUNG Android Modem Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudmdm.sys [181344]
    O58 – SDL:[MD5.E69A606872650B46DE54EC15DCC93529] – 21/07/2009 – 22:33:32 —A- . (.IDT, Inc. – IDT PC Audio.) — C:WindowsSystem32Driversstwrt.sys [409088]
    O58 – SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] – 21/01/2008 – 03:23:20 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WindowsSystem32Driversuliahci.sys [238648]
    O58 – SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] – 02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WindowsSystem32Driversulsata.sys [98408]
    O58 – SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] – 21/01/2008 – 03:23:23 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WindowsSystem32Driversulsata2.sys [115816]
    O58 – SDL:[MD5.EAFE1E00739AFE6C51487A050E772E17] – 15/02/2012 – 10:01:50 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl.sys [43520]
    O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 02/11/2006 – 08:09:42 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 02/11/2006 – 08:09:45 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] – 02/11/2006 – 08:09:41 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] – 02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] – 02/11/2006 – 08:09:29 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 02/11/2006 – 08:09:35 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 02/11/2006 – 08:09:38 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 02/11/2006 – 08:09:40 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 02/11/2006 – 08:09:31 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] – 02/11/2006 – 08:09:20 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] – 02/11/2006 – 08:09:23 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] – 02/11/2006 – 08:09:24 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] – 02/11/2006 – 08:09:26 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:[MD5.D86B6435729231C171432B4E77801BDB] – 02/11/2006 – 08:09:22 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 15 Legitimates Filtered in 00mn 02s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 29/12/2013 – 00:35:34 —A- . (…) — C:UsersMarie-EstelleDocumentsmonAlbumPhotoRomeRome.ldb [64]
    O61 – LFC: 29/12/2013 – 00:35:34 —A- . (…) — C:UsersMarie-EstelleDocumentsmonAlbumPhotoRomeRome.mapalb [688128]
    O61 – LFC: 30/12/2013 – 00:35:00 —A- . (…) — C:UsersMarie-EstelleAppDataRoamingZHPLog.txt [18561] =>.Nicolas Coolman
    O61 – LFC: 30/12/2013 – 00:35:00 —A- . (…) — C:UsersMarie-EstelleAppDataRoamingZHPTestsZHPDiag.txt [3056] =>.Nicolas Coolman
    ~ 3 Fichiers temporaires (Temporary files)
    ~ Files: 314 Legitimates Filtered in 02mn 58s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Apple Inc. – Safari.) — C:Program FilesSafariSafari.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“CT3242339.http___pricegong_conduitapps_com_v4.APP_WIN_FEATURES.enc”, “cmVzaXphYmxlPTAsc2F2ZWxvY2F0aW9uPTAsb3BlbnBvc2l0a[…] =>Adware.PriceGong
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“CT3242339.lastNewTabSettings”, “{“isEnabled”:false,”newTabUrl”:”http://search.conduit.com/?ctid=CT3242339&octid=CT[…]
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“browser.search.order.1”, “Mysearchdial”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.Fissa.lastRunTime”, “Sat, 28 Aug 2010 18:09:57 GMT”); =>PUP.OfferBox
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.aflt”, “irmsd1202aw”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.appId”, “{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.cd”, “2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtBtDtDtAyB0EyEyEtN0D0Tzu0CyBtCtBtN1L2XzutBtFtBtFtCyEtFtCt[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.cntry”, “FR”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.cr”, “627028764”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.dfltLng”, “”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.dfltSrch”, true); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.dnsErr”, true); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.dpkLst”, “3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.excTlbr”, false); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.hdrMd5”, “0A199B406364F49189CCE1F3B14CB697”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.hmpg”, true); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.hmpgUrl”, “http://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtA[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.id”, “00234E2320037E44”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.instlDay”, “16051”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.instlRef”, “”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.lastB”, “http://start.mysearchdial.com/?f=1&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtBtAtB[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.lastVrsnTs”, “1.8.21.020:58:49”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.newTabUrl”, “http://start.mysearchdial.com/?f=2&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0EtB[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.pnu_base”, “{“newVrsn”:”89″,”lastVrsn”:”89″,”vrsnLoad”:””,”showMsg”:”false”,”s[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.prdct”, “mysearchdial”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.prtnrId”, “mysearchdial”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.sg”, “none”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.srchPrvdr”, “Mysearchdial”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.tlbrId”, “base”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.tlbrSrchUrl”, “http://start.mysearchdial.com/?f=3&a=irmsd1202aw&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0E[…] =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.vrsn”, “1.8.21.0”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial.vrsni”, “1.8.21.0”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial_i.hmpg”, true); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial_i.newTab”, false); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial_i.smplGrp”, “none”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“extensions.mysearchdial_i.vrsnTs”, “1.8.21.020:58:49”); =>Adware.MyWebSearch
    O69 – SBI: prefs.js [Marie-Estelle – 3dhaobu0.default] user_pref(“plugin.state.npconduitfirefoxplugin”, 2);
    O69 – SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} – (Search the web) – http://search.babylon.com” onclick=”window.open(this.href);return false; =>Adware.IMBooster
    O69 – SBI: SearchScopes [HKCU] {114C8D1F-DE4F-4720-933A-00D3637B24BA} – (Google) – http://www.google.fr” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {b41306c6-96d0-442a-bcc4-b0f621e82ce9} – (Fissa) – http://www.fissa.com” onclick=”window.open(this.href);return false; =>PUP.OfferBox
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.EFB2EE170955A1DC38485D66EB480174] [SPRF][29/11/2009] (…) — C:ProgramDataezsid.dat [32]
    [MD5.F3793DD012EDADFE655CF93DD818855B] [SPRF][12/06/2013] (…) — C:UsersMarie-EstelleAppDataLocald3d9caps.dat [7620]
    [MD5.C5650C059185D351AEF801D90A93B0D7] [SPRF][27/04/2011] (…) — C:UsersMarie-EstelleAppDataRoamingwklnhst.dat [1166]
    [MD5.1027DF7F909776789D9D1C2C30410166] [SPRF][28/01/2013] (…) — C:UsersMarie-EstelleDesktopOOo_3.3.0_Win_x86_install-wJRE_fr.exe [152474936]
    [MD5.6F678556A6FCE04FC94F3435F6313705] [SPRF][25/12/2008] (…) — C:WindowsDownloaded Program Filesunagiuninst.exe [38428]
    ~ Files: 6 Legitimates Filtered in 00mn 05s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:program fileswinampwinamp.exe” |In – Public – P6 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    O87 – FAEL: “UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:program fileswinampwinamp.exe” |In – Public – P17 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    O87 – FAEL: “TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:program fileswinampwinamp.exe” |In – Private – P6 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    O87 – FAEL: “UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:program fileswinampwinamp.exe” |In – Private – P17 – TRUE | .(…) — C:program fileswinampwinamp.exe (.not file.)
    ~ Firewall: 208 Legitimates Filtered in 00mn 01s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “5B4758C25396ECF468E04F8E063287FF” . (.OfferBox.) — C:WindowsInstaller{2C8574B5-6935-4FCE-860E-F4E8602378FF}ARPPRODUCTICON.exe =>PUP.OfferBox
    O90 – PUC: “EFE665B6D1CDF17439DD483862361F04” . (.OVT Scanner X86.) — C:WindowsInstaller{6B566EFE-DC1D-471F-93DD-84832663F140}ARPPRODUCTICON.exe
    ~ Update Products: 119 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.899D66C970CC0581A87DD871DAEA812A] [WIS][06/03/2013] (.STARZIK INVEST – Starzik Download Manager.) — C:WindowsInstaller1533872.msi [48128]
    [MD5.AA5F8DEF4C6C587D88EE5A7791B8D1D6] [WIS][06/06/2010] (.Secure Digital Services – OfferBox.) — C:WindowsInstaller4b06e9.msi [3062272] =>Adware.SPointer
    ~ WIS: 122 Legitimates Filtered in 00mn 15s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SS – | Demand 12/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 02/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) – C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046aestsrv.exe
    SS – | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SS – | Demand 03/04/2008 193840 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe
    SS – | Demand 21/12/2008 242424 | (GameConsoleService) . (.WildTangent, Inc..) – C:Program FilesHP GamesMy HP Game ConsoleGameConsoleService.exe
    SS – | Auto 11/12/2009 133104 | (gupdate1ca7aad806c04f5) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 11/12/2009 133104 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Auto 31/10/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 25/01/2008 148832 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
    SS – | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) – C:WindowsSystem32Hpservice.exe
    SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
    SS – | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SS – | Auto 26/02/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) – C:Program FilesCommon FilesLightScribeLSSrvc.exe
    SS – | Demand 22/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 14/05/2008 292248 | (QPCapSvc) . (…) – C:Program FilesHPQuickPlayKernelTVQPCapSvc.exe
    SS – | Auto 14/05/2008 116112 | (QPSched) . (…) – C:Program FilesHPQuickPlayKernelTVQPSched.exe
    SS – | Auto 26/03/2008 341328 | (Recovery Service for Windows) . (…) – C:WindowsSMINSTBLService.exe
    SS – | Auto 09/01/2007 272024 | (RichVideo) . (…) – C:Program FilesCyberLinkShared FilesRichVideo.exe
    SS – | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Auto 21/07/2009 221266 | (STacSV) . (.IDT, Inc..) – C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046STacSV.exe

    SR – | Auto 19/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) – C:Program FilesAviraAntiVir Desktopsched.exe
    SR – | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) – C:Program FilesAviraAntiVir Desktopavguard.exe
    SR – | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 21/01/2008 21504 | C:WindowsSystem32ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) – C:WindowsSystem32svchost.exe
    SR – | Auto 09/10/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) – c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
    SR – | Auto 21/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 21/01/2008 21504 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe

    ~ Services: Scanned in 00mn 17s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;

    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Marie-Estelle at 30/12/2013 00:39:09

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin

    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13013 – (26/12/2013)
    Clés trouvées (Keys found) : 81
    Valeurs trouvées (Values found) : 2
    Dossiers trouvés (Folders found) : 18
    Fichiers trouvés (Files found) : 6

    [HKLMSoftwareGoogleChromeExtensionsndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
    [HKLMSoftwareGoogleChromeExtensionspflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{2C8574B5-6935-4FCE-860E-F4E8602378FF}] =>Adware.SPointer^
    [HKLMSoftwareClassesInterface{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
    [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
    [HKLMSoftwareClassesTypeLib{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
    [HKLMSoftwareClassesCLSID{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream
    [HKLMSoftwareMicrosoftActive SetupInstalled Components{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream
    [HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{2C8574B5-6935-4FCE-860E-F4E8602378FF}] =>PUP.OfferBox
    [HKLMSoftwareClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
    [HKLMSoftwareClassesInterface{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
    [HKLMSoftwareClassesCLSID{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
    [HKLMSoftwareClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
    [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{723328FF-22D0-497f-9EB5-1AC919582DE1}] =>Adware.SPointer
    [HKLMSoftwareClassesCLSID{761f6a83-f007-49e4-8eac-cdb6808ef06f}] =>PUP.Eorezo
    [HKLMSoftwareClassesCLSID{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}] =>PUP.Eorezo
    [HKLMSoftwareClassesCLSID{826D7151-8D99-434B-8540-082B8C2AE556}] =>PUP.Babylon
    [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}] =>PUP.Fbsearch
    [HKLMSoftwareClassesCLSID{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}] =>PUP.Eorezo
    [HKLMSoftwareClassesCLSID{97720195-206a-42ae-8e65-260b9ba5589f}] =>PUP.Eorezo
    [HKLMSoftwareClassesCLSID{97d69524-bb57-4185-9c7f-5f05593b771a}] =>PUP.Eorezo
    [HKLMSoftwareClassesCLSID{986f7a5a-9676-47e1-8642-f41f8c3fcf82}] =>PUP.Eorezo
    [HKLMSoftwareClassesTypeLib{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
    [HKLMSoftwareClassesTypeLib{9dbb28c1-1925-11d3-a498-00104b6eb52e}] =>Adware.MetaStream
    [HKLMSoftwareClassesInterface{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
    [HKLMSoftwareClassesCLSID{b18788a4-92bd-440e-a4d1-380c36531119}] =>PUP.Eorezo
    [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{b41306c6-96d0-442a-bcc4-b0f621e82ce9}] =>PUP.OfferBox
    [HKLMSoftwareClassesAppID{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
    [HKLMSoftwareClassesCLSID{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}] =>Toolbar.Conduit
    [HKCU{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}] =>Adware.DoubleD
    [HKLMSoftwareClassesCLSID{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
    [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{F0626A63-410B-45E2-99A1-3F2475B2D695}] =>PUP.Fbsearch
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{F0626A63-410B-45E2-99A1-3F2475B2D695}] =>PUP.Fbsearch
    [HKLMSoftwareClassesAppIDScriptHelper.EXE] =>Toolbar.AVGSearch
    [HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheViewpointMediaPlayer] =>Adware.MetaStream
    [HKLMSoftwareClassesaxmetastream.metastreamctl] =>Adware.MetaStream
    [HKLMSoftwareClassesaxmetastream.metastreamctl.1] =>Adware.MetaStream
    [HKLMSoftwareClassesAxMetaStream.MetaStreamCtlSecondary] =>Adware.MetaStream
    [HKLMSoftwareClassesAxMetaStream.MetaStreamCtlSecondary.1] =>Adware.MetaStream
    [HKLMSoftwareClassesURLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
    [HKLMSoftwareClassesurlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLMSoftwareClassesInstallerFeatures5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLMSoftwareClassesInstallerProducts5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKCUSoftwareFissaSearch] =>PUP.OfferBox
    [HKLMSoftwareMetaStream] =>Adware.MetaStream
    [HKCUSoftwareOfferBox] =>PUP.OfferBox
    [HKCUSoftwareSoftonic] =>Toolbar.Conduit
    [HKCUSoftwareSpointer] =>Adware.SPointer
    [HKLMSoftwareViewpoint] =>Adware.MetaStream
    [HKCUSoftwareWideStream] =>Adware.SPointer
    [HKLMSoftwareClassesAppID{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallViewpointMediaPlayer] =>Adware.MetaStream
    [HKLMSoftwareMozillaPlugins@viewpoint.com/VMP] =>Adware.MetaStream
    [HKCUSoftwareInstallCore] =>Adware.InstallCore
    [HKLMSoftwareClassesAppIDsecman.DLL] =>PUP.Babylon
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components48A0552292E14244E8F3980FD3D01541] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components503398D5204CBDD48A5EE476D0CFCFEC] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5BDF578D2C71DDC4997692F83B0A5C75] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components67909B00FA069BE4E80548738FE558FB] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components698B1BCDAEA97B945AE4001A96F1E755] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7E6611210321F8640B41F98B10A8BD0A] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ADFBDCA3E069A47B07ECC2CED1E2B2] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9ED6CAB2F119182EB7D8CE7156DC0915] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA3D6A80A87E22324A91C14AEBDF78525] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB2F30BE10C5A9DD43A593262265CA298] =>PUP.OfferBox
    [HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCache{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
    [HKLMSoftwareClassesCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
    [HKLMSoftwareClassesprotector_dll.protectorbho] =>PUP.BProtector
    [HKLMSoftwareClassesprotector_dll.protectorbho.1] =>PUP.BProtector
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1322A677E76161CFC67C36E4B6D42B49] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components281E074C2C4344E4A8BB2BAE65BE729B] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components51C83A2C2B5C63748ACD3028A6DD53A5] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8385B8BE0F211B245956C67BB4BAC17E] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9CC2018422A9EAF40A57249F42102B13] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAA606EFD77B9CB34BB2DA2F45B67425E] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB767C33B25DCECA4FAD0D3B7D84B0A8E] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA177F87B6B147649BD37D43B50863E5] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCEF27165872C9BEAACED23660032D2F2] =>PUP.Offerbox^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCFAEE3E72CC44004C998EBEE081CA40A] =>PUP.Offerbox^
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:OfferBox =>PUP.OfferBox^
    [HKCUSoftwareMozillaFirefoxExtensions]:offerboxffx@offerbox.com =>PUP.OfferBox
    C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
    C:UsersMarie-EstelleAppDataLocalGoogleChromeUser DataDefaultExtensionspflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultextensions@FissaPlugin =>PUP.OfferBox^
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultextensions{19803860-b306-423c-bbb5-f60a7d82cde5} =>Toolbar.Conduit^
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultextensions{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} =>Adware.MyWebSearch^
    C:Program FilesCrazyLoader =>Adware.SPointer^
    C:Program FilesMyPC Backup =>PUP.MyPCBackup^
    C:Program FilesWidestream6 =>Adware.SPointer^
    C:UsersMarie-EstelleAppDataRoamingFissaSearch =>PUP.OfferBox^
    C:UsersMarie-EstelleAppDataRoamingOfferBox =>PUP.OfferBox^
    C:UsersMarie-EstelleAppDataRoamingOpenCandy =>Adware.OpenCandy^
    C:UsersMarie-EstelleAppDataRoamingwidestream =>Adware.SPointer^
    C:UsersMarie-EstelleAppDataLocalwidestream6 Air =>Adware.SPointer^
    C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsCrazyLoader =>Adware.SPointer^
    C:Program FilesViewpoint =>Adware.MetaStream
    C:ProgramDataViewpoint =>Adware.MetaStream
    C:ProgramDataMicrosoftWindowsStart MenuProgramsOfferBox =>PUP.OfferBox
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultSmartbar =>Hijacker.SmartBar
    C:UsersMarie-EstelleAppDataRoamingMozillaFirefoxProfiles3dhaobu0.defaultSearchPluginsfissa.xml =>PUP.OfferBox
    [HKCUSoftwareBabylon] =>PUP.Babylon^
    [HKCUSoftwareConduit] =>Toolbar.Conduit^
    [HKCUSoftwareVittalia] =>PUP.Vittalia^
    [HKCUSoftwaremysearchdial.com] =>Adware.MyWebSearch^
    C:WindowsInstaller4b06e9.msi =>Adware.SPointer^
    ~ Additionnel Scan: 431394 Items scanned in 00mn 36s

  • Telma
    Post count: 0

    -_-
    J’ai réussi !voilà le scan de ZHPdiag:
    (trop long alors je le met ds deux msg!)

    ~ Rapport de ZHPDiag v2013.12.26.23 – Nicolas Coolman (26/12/2013)
    ~ Lancé par Marie-Estelle (30/12/2013 00:30:35)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC):

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox 26.0 (Defaut)
    GCIE: Google Chrome v31.0.1650.63
    OBIE: Safari v5.31.22.7

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : WQD8Q
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système
    Avira Free Antivirus v14.0.2.286

    —\ Logiciels d’optimisation du système
    CCleaner v3.17 =>Piriform Ltd

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 Plugin
    Adobe Reader X
    Java 7 Update 21

    —\ Informations sur le système
    ~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3069 MB (63% free)
    System Restore: Activé (Enable)
    System drive C: has 58 GB (25%) free of 224 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-MARIE-ESTELL
    ~ User Name: Marie-Estelle
    ~ All Users Names: Marie-Estelle, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMarie-EstelleAppDataRoamingZHP
    ~ %AppData% : C:UsersMarie-EstelleAppDataRoaming
    ~ %Desktop% : C:UsersMarie-EstelleDesktop
    ~ %Favorites% : C:UsersMarie-EstelleFavorites
    ~ %LocalAppData% : C:UsersMarie-EstelleAppDataLocal
    ~ %StartMenu% : C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 224 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)
    E: CD-ROM drive (Not Inserted)
    F: Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 42 Legitimates Filtered in 00mn 00s

  • lilidurhone
    Post count: 0

    Tu t’es trompée mdr

    Faut lancer zhpdiag (icône parchemin ;) )

    On continue demain ;)

  • Telma
    Post count: 0

    [font=Century Gothic:z46lm42b]En fait j'ai installé ZHPFix mais qd je clique sur configuré y a pas la loupe ac le + !

    -_- …[/font:z46lm42b]

  • Telma
    Post count: 0

    [font=Century Gothic:35avaxtq]Ok j'ai téléchargé ZHPdiag2 … j'ai pas trouvé si c'était de Nicolas Coolman ou nn par contre…

    En ce qui concerne mes clefs usb j'avais copié/collé leur contenue (sur le serveur pour pas perdre mes données) à la fac (d'où provient le virus) et déjà supprimé leur contenu pour essayer de les formater mais bien sur ça n'avait rien changé! …
    Mais l'une des deux a toujours deux fichiers : FOUND.000 et FOUND.001 qui ne peuvent pas être supprimés, je ne sais pas ce que c'est!!!

    Je lance le scan du ZHPdiag2 et j’envoie le rapport :)[/font:35avaxtq]

  • lilidurhone
    Post count: 0

    :)

    Plus de raccourcis sur tes clés?

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur Configurer
    • Clique sur l’icône représentant une loupe avec un + (« Lancer le diagnostic »)

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
  • Telma
    Post count: 0

    [font=Century Gothic:26xdpbhg]Oui dsl j'avais recliqué sur recherche -_-

    du coup le rapport après avoir cliqué sur supprimer donne ça :

    ############################## | UsbFix V 7.156 | [Suppression]

    Utilisateur: Marie-Estelle (Administrateur) # PC-MARIE-ESTELL
    Mis à jour le 27/12/2013 par El Desaparecido – Team SosVirus
    Lancé à 21:01:58 | 29/12/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (30FD)
    CPU: AMD Athlon(tm) X2 Dual-Core QL-62
    RAM -> [Total : 3069 | Free : 1422]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
    WB: Windows Internet Explorer : 9.0.8112.16421
    WB: Google Chrome : 31.0.1650.63
    WB: Mozilla Firefox : 26.0
    WB: Safari : 531.22.7

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: Avira Desktop [Enabled | Updated]
    AS: Windows Defender : 1.1.1600.0
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 224 Go (57 Go libre(s) – 25%) [] # NTFS
    D: -> Disque fixe # 9 Go (2 Go libre(s) – 18%) [HP_RECOVERY] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 1010 Mo (1008 Mo libre(s) – 100%) [] # FAT
    G: -> Disque amovible # 64 Mo (64 Mo libre(s) – 100%) [] # FAT

    ################## | Processus Stoppés |

    Stoppé! C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046STacSV.exe (ID: 1128 |ParentID: 680)
    Stoppé! C:Windowssystem32SLsvc.exe (ID: 1324 |ParentID: 680)
    Stoppé! C:Windowssystem32Hpservice.exe (ID: 1428 |ParentID: 680)
    Stoppé! C:Windowssystem32WLANExt.exe (ID: 1736 |ParentID: 1068)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1876 |ParentID: 680)
    Stoppé! C:Program FilesAviraAntiVir Desktopsched.exe (ID: 1900 |ParentID: 680)
    Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 396 |ParentID: 680)
    Stoppé! C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046aestsrv.exe (ID: 432 |ParentID: 680)
    Stoppé! C:Program FilesAviraAntiVir Desktopavguard.exe (ID: 524 |ParentID: 680)
    Stoppé! C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 540 |ParentID: 680)
    Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID: 560 |ParentID: 680)
    Stoppé! C:Program FilesCommon FilesLightScribeLSSrvc.exe (ID: 968 |ParentID: 680)
    Stoppé! C:Program FilesHPQuickPlayKernelTVQPCapSvc.exe (ID: 2156 |ParentID: 680)
    Stoppé! C:Program FilesHPQuickPlayKernelTVQPSched.exe (ID: 2180 |ParentID: 680)
    Stoppé! C:WindowsSMINSTBLService.exe (ID: 2220 |ParentID: 680)
    Stoppé! C:Program FilesCyberLinkShared FilesRichVideo.exe (ID: 2276 |ParentID: 680)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2468 |ParentID: 680)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 2516 |ParentID: 680)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2556 |ParentID: 2468)
    Stoppé! C:Windowssystem32taskeng.exe (ID: 2736 |ParentID: 1084)
    Stoppé! C:Windowssystem32taskeng.exe (ID: 3144 |ParentID: 1084)
    Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3548 |ParentID: 3192)
    Stoppé! C:Program FilesHPQuickPlayQPService.exe (ID: 3556 |ParentID: 3192)
    Stoppé! C:Program FilesWindows DefenderMSASCui.exe (ID: 3580 |ParentID: 3192)
    Stoppé! C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe (ID: 3588 |ParentID: 3192)
    Stoppé! C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe (ID: 3596 |ParentID: 3192)
    Stoppé! C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 3628 |ParentID: 3192)
    Stoppé! C:Program FilesHPHP Software Updatehpwuschd2.exe (ID: 3676 |ParentID: 3192)
    Stoppé! C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID: 3688 |ParentID: 3192)
    Stoppé! C:Program FilesSamsungKiesKiesTrayAgent.exe (ID: 3740 |ParentID: 3192)
    Stoppé! C:Program FilesAviraAntiVir Desktopavgnt.exe (ID: 3752 |ParentID: 3192)
    Stoppé! C:Program FilesIDTWDMsttray.exe (ID: 3800 |ParentID: 3192)
    Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 3816 |ParentID: 3192)
    Stoppé! C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe (ID: 3848 |ParentID: 3192)
    Stoppé! C:Program FilesSamsungKiesKies.exe (ID: 3864 |ParentID: 3192)
    Stoppé! C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe (ID: 3896 |ParentID: 3192)
    Stoppé! C:Program FilesWindows Media Playerwmpnscfg.exe (ID: 3908 |ParentID: 3192)
    Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 1204 |ParentID: 3816)
    Stoppé! C:Program FilesAviraAntiVir Desktopavshadow.exe (ID: 1700 |ParentID: 524)
    Stoppé! C:WindowsSystem32alg.exe (ID: 4032 |ParentID: 680)
    Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 1584 |ParentID: 680)
    Stoppé! C:Program FilesHewlett-PackardSharedhpqwmiex.exe (ID: 4316 |ParentID: 680)
    Stoppé! C:Program FilesHewlett-PackardHP wireless AssistantWiFiMsg.EXE (ID: 4832 |ParentID: 3628)
    Stoppé! C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID: 5012 |ParentID: 680)
    Stoppé! C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 5084 |ParentID: 3936)
    Stoppé! C:Program FilesHewlett-PackardSharedHpqToaster.exe (ID: 5104 |ParentID: 836)
    Stoppé! c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe (ID: 6092 |ParentID: 680)
    Stoppé! C:Program FilesMonAlbumPhotomonAlbumPhoto.exe (ID: 4268 |ParentID: 3192)
    Stoppé! C:Program FilesMozilla Firefoxfirefox.exe (ID: 5500 |ParentID: 3192)
    Stoppé! C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe (ID: 3616 |ParentID: 680)
    Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (ID: 6012 |ParentID: 5500)
    Stoppé! C:Windowssystem32taskeng.exe (ID: 2072 |ParentID: 1084)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 4840 |ParentID: 1068)
    Stoppé! C:Windowssystem32conime.exe (ID: 2976 |ParentID: 4164)
    Stoppé! C:WindowsSystem32mobsync.exe (ID: 6036 |ParentID: 836)
    Stoppé! C:Program FilesWindows Media Playerwmplayer.exe (ID: 4624 |ParentID: 6036)
    Stoppé! C:Windowssystem32NOTEPAD.EXE (ID: 3980 |ParentID: 1400)
    Stoppé! C:Program FilesMozilla Firefoxplugin-container.exe (ID: 5584 |ParentID: 5500)
    Stoppé! C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe (ID: 1680 |ParentID: 5584)
    Stoppé! C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe (ID: 3496 |ParentID: 1680)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLMSOFTWARE | Run : [QPService] – “C:Program FilesHPQuickPlayQPService.exe”
    04 – HKLMSOFTWARE | Run : [Windows Defender] – %ProgramFiles%Windows DefenderMSASCui.exe -hide
    04 – HKLMSOFTWARE | Run : [QlbCtrl.exe] – C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
    04 – HKLMSOFTWARE | Run : [OnScreenDisplay] – C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
    04 – HKLMSOFTWARE | Run : [hpWirelessAssistant] – C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    04 – HKLMSOFTWARE | Run : [AppleSyncNotifier] – C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
    04 – HKLMSOFTWARE | Run : [HP Health Check Scheduler] – c:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHpHP Software UpdateHPWuSchd2.exe
    04 – HKLMSOFTWARE | Run : [RIMBBLaunchAgent.exe] – C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
    04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe
    04 – HKLMSOFTWARE | Run : [avgnt] – “C:Program FilesAviraAntiVir Desktopavgnt.exe” /min
    04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-19SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-20SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [LightScribe Control Panel] – C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [ehTray.exe] – C:WindowsehomeehTray.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [OfferBox] – C:Program FilesOfferBoxOfferBox.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [KiesPreload] – C:Program FilesSamsungKiesKies.exe /preload
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [WMPNSCFG] – C:Program FilesWindows Media PlayerWMPNSCFG.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [swg] – “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [Mozilla] – wscript.exe //B “C:UsersMarie-EstelleAppDataRoamingMozilla.vbs”

    ################## | Recherche générique |

    Supprimé! C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Supprimé! C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Supprimé! C:UsersMARIE-~1AppDataLocalTempavgnt.exe
    Supprimé! G:Mozilla.vbs
    Supprimé! F:FOUND.000.lnk

    (!) Fichiers temporaires supprimés. (107634 Ko)

    ################## | Référence de comparaison MD5 |

    Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Md5 : 959D7A16B9EA04C5356088803C9805FA -> G:Mozilla.vbs

    ################## | Comparaison MD5 |

    -> Pas de valeur Md5 identique trouvée.

    ################## | Registre |

    Supprimé! HKUS-1-5-21-1917961054-784476770-3265431197-1000SoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Supprimé! HKUS-1-5-21-1917961054-784476770-3265431197-1000Software….Mountpoints2{461f4531-f421-11df-883e-001eece86790}

    ################## | Listing |

    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 0 Ko] – C:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 10 Ko] – C:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko] – C:eula.3082.txt
    [29/12/2013 – 20:20:07 | N | 13 Ko] – C:UsbFix [Scan 1] PC-MARIE-ESTELL.txt
    [29/12/2013 – 20:43:49 | N | 13 Ko] – C:UsbFix [Scan 2] PC-MARIE-ESTELL.txt
    [29/12/2013 – 21:15:49 | A | 12 Ko] – C:UsbFix [Clean 1] PC-MARIE-ESTELL.txt
    [29/08/2010 – 23:14:40 | N | 0 Ko] – C:t.tmp
    [18/09/2006 – 22:43:37 | N | 0 Ko] – C:config.sys
    [29/12/2013 – 12:04:30 | ASH | 3449944 Ko] – C:pagefile.sys
    [29/12/2013 – 12:04:33 | ASH | 3143512 Ko] – C:hiberfil.sys
    [25/12/2008 – 20:27:10 | D] – C:System.sav
    [25/12/2008 – 20:28:53 | N | 0 Ko] – C:IPH.PH
    [07/11/2007 – 08:12:28 | N | 228 Ko] – C:VC_RED.MSI
    [07/11/2007 – 08:00:40 | N | 1 Ko] – C:globdata.ini
    [07/11/2007 – 08:00:40 | N | 1 Ko] – C:install.ini
    [07/11/2007 – 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] – C:install.exe
    [07/11/2007 – 08:03:18 | N | 89 Ko] – C:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 95 Ko] – C:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 75 Ko] – C:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 94 Ko] – C:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 80 Ko] – C:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 78 Ko] – C:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 74 Ko] – C:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 94 Ko] – C:install.res.3082.dll
    [07/11/2007 – 08:03:18 | N | 93 Ko] – C:install.res.1040.dll
    [07/11/2007 – 08:09:22 | N | 1409 Ko] – C:VC_RED.cab
    [29/02/2004 – 16:44:34 | N | 51 Ko] – C:orange.bmp
    [07/11/2007 – 08:00:40 | N | 6 Ko] – C:vcredist.bmp
    [12/01/2009 – 21:47:52 | SHD] – C:$RECYCLE.BIN
    [13/06/2008 – 04:29:47 | A | 0 Ko] – C:autoexec.bat
    [02/11/2006 – 14:02:03 | SHD] – C:Documents and Settings
    [13/06/2008 – 04:39:23 | RHD] – C:MSOCache
    [25/12/2008 – 20:28:53 | D] – C:HP
    [25/12/2008 – 22:20:03 | D] – C:Temp
    [11/04/2009 – 07:36:36 | RASH | 325 Ko] – C:bootmgr
    [17/09/2009 – 18:25:54 | SHD] – C:boot
    [10/05/2011 – 18:01:18 | D] – C:PerfLogs
    [03/06/2013 – 22:07:20 | D] – C:SWSETUP
    [12/06/2013 – 23:15:19 | D] – C:b0776cdd3896d86f0a
    [12/11/2013 – 19:58:33 | D] – C:Users
    [12/12/2013 – 20:19:52 | D] – C:Windows
    [13/12/2013 – 10:20:40 | HD] – C:ProgramData
    [23/12/2013 – 17:34:21 | D] – C:Program Files
    [29/12/2013 – 12:18:59 | SHD] – C:System Volume Information
    [29/12/2013 – 21:14:48 | D] – C:UsbFix
    [12/08/2003 – 10:37:30 | SH | 178 Ko] – D:protect.turkish
    [25/12/2008 – 21:11:44 | N | 0 Ko] – D:RCBoot.sys
    [25/12/2008 – 22:19:50 | N | 0 Ko] – D:HPCD.sys
    [10/09/2002 – 14:15:06 | SH | 177 Ko] – D:protect.swedish
    [03/11/2005 – 15:11:46 | SH | 177 Ko] – D:protect.spanish
    [28/06/2004 – 08:52:46 | SH | 207 Ko] – D:protect.russian
    [25/12/2008 – 20:25:35 | N | 0 Ko] – D:BLOCK.RIN
    [27/10/2005 – 19:24:10 | SH | 178 Ko] – D:protect.portuguese brazilian
    [03/11/2005 – 15:13:12 | SH | 177 Ko] – D:protect.portuguese
    [25/04/2006 – 14:44:10 | SH | 178 Ko] – D:protect.polish
    [03/11/2005 – 15:15:12 | SH | 177 Ko] – D:protect.norwegian
    [29/12/2013 – 21:01:58 | N | 0 Ko] – D:MASTER.LOG
    [24/11/2005 – 11:24:44 | SH | 213 Ko] – D:protect.korean
    [10/07/2013 – 20:19:36 | N | 24 Ko] – D:moifb.jpg
    [10/07/2013 – 20:22:52 | N | 182 Ko] – D:292811_10150358090226407_3621149_n.jpg
    [10/08/2013 – 01:00:42 | N | 37 Ko] – D:24793_1415179460517_1346827_n.jpg
    [02/10/2013 – 20:36:54 | N | 88 Ko] – D:1379801_10151686437841270_520956424_n.jpg
    [19/06/2007 – 15:22:10 | SH | 178 Ko] – D:protect.japanese
    [03/11/2005 – 15:17:00 | SH | 177 Ko] – D:protect.italian
    [26/03/2008 – 16:08:32 | SH | 1 Ko] – D:Desktop.ini
    [29/12/2013 – 20:43:47 | RASHD] – D:Autorun.inf
    [28/08/2007 – 14:58:08 | N | 177 Ko] – D:protect.hungarian
    [10/09/2002 – 16:14:28 | N | 8 Ko] – D:Folder.htt
    [23/01/2006 – 09:18:00 | SH | 178 Ko] – D:protect.hebrew
    [23/11/2005 – 15:56:46 | SH | 178 Ko] – D:protect.greek
    [03/11/2005 – 15:18:10 | SH | 177 Ko] – D:protect.german
    [03/11/2005 – 15:19:52 | SH | 177 Ko] – D:protect.french
    [03/11/2005 – 15:20:20 | SH | 177 Ko] – D:protect.finnish
    [22/11/2004 – 15:28:30 | SH | 177 Ko] – D:protect.english
    [10/09/2002 – 13:50:18 | SH | 177 Ko] – D:protect.ed
    [10/09/2002 – 13:56:12 | SH | 177 Ko] – D:protect.dutch
    [03/11/2005 – 15:21:26 | SH | 177 Ko] – D:protect.danish
    [27/04/2006 – 16:19:40 | SH | 178 Ko] – D:protect.czech
    [16/09/2002 – 14:37:48 | SH | 178 Ko] – D:protect.chinese traditional
    [16/09/2002 – 14:37:40 | SH | 178 Ko] – D:protect.chinese simplified
    [16/09/2002 – 14:37:48 | SH | 178 Ko] – D:protect.chinese hong kong
    [12/01/2009 – 21:47:52 | SHD] – D:$RECYCLE.BIN
    [03/10/2006 – 23:02:44 | SH | 428 Ko] – D:bootmgr
    [29/10/2008 – 03:44:03 | SHD] – D:System Volume Information
    [29/10/2008 – 10:23:05 | RD] – D:RECOVERY
    [29/10/2008 – 10:23:06 | RSHD] – D:boot
    [29/10/2008 – 10:23:09 | RSHD] – D:SOURCES
    [29/10/2008 – 10:23:11 | D] – D:WINDOWS
    [29/10/2008 – 10:23:31 | D] – D:Tools
    [29/10/2008 – 10:23:39 | D] – D:HP
    [25/12/2008 – 22:19:51 | RSHD] – D:PRELOAD
    [29/12/2013 – 20:43:48 | RASHD] – F:Autorun.inf
    [29/12/2013 – 20:27:44 | D] – F:FOUND.001
    [08/09/2013 – 23:16:36 | D] – F:FOUND.000
    [29/12/2013 – 20:43:50 | RASHD] – G:Autorun.inf

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    Je dois faire quoi après ça?

    Encore merci,

    J'espère que ça va marcher!!![/font:26xdpbhg]

  • lilidurhone
    Post count: 0

    Tu t’es trompé ;)

    Fais suppression ;)

  • Telma
    Post count: 0

    [font=Century Gothic:x91scau2]Voici mon rapport du scan usb fixe :
    ############################## | UsbFix V 7.156 | [Recherche]

    Utilisateur: Marie-Estelle (Administrateur) # PC-MARIE-ESTELL
    Mis à jour le 27/12/2013 par El Desaparecido – Team SosVirus
    Lancé à 20:28:47 | 29/12/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (30FD)
    CPU: AMD Athlon(tm) X2 Dual-Core QL-62
    RAM -> [Total : 3069 | Free : 1114]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
    WB: Windows Internet Explorer : 9.0.8112.16421
    WB: Google Chrome : 31.0.1650.63
    WB: Mozilla Firefox : 26.0
    WB: Safari : 531.22.7

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: Avira Desktop [Enabled | Updated]
    AS: Windows Defender : 1.1.1600.0
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 224 Go (57 Go libre(s) – 25%) [] # NTFS
    D: -> Disque fixe # 9 Go (2 Go libre(s) – 18%) [HP_RECOVERY] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 1010 Mo (1008 Mo libre(s) – 100%) [] # FAT
    G: -> Disque amovible # 64 Mo (64 Mo libre(s) – 100%) [] # FAT

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 568 |ParentID: 556)
    C:Windowssystem32wininit.exe (ID: 632 |ParentID: 556)
    C:Windowssystem32csrss.exe (ID: 640 |ParentID: 624)
    C:Windowssystem32services.exe (ID: 680 |ParentID: 632)
    C:Windowssystem32lsass.exe (ID: 692 |ParentID: 632)
    C:Windowssystem32lsm.exe (ID: 700 |ParentID: 632)
    C:Windowssystem32svchost.exe (ID: 836 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 908 |ParentID: 680)
    C:WindowsSystem32svchost.exe (ID: 944 |ParentID: 680)
    C:Windowssystem32winlogon.exe (ID: 992 |ParentID: 624)
    C:WindowsSystem32svchost.exe (ID: 1040 |ParentID: 680)
    C:WindowsSystem32svchost.exe (ID: 1068 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1084 |ParentID: 680)
    C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046STacSV.exe (ID: 1128 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1308 |ParentID: 680)
    C:Windowssystem32SLsvc.exe (ID: 1324 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1356 |ParentID: 680)
    C:Windowssystem32Hpservice.exe (ID: 1428 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1488 |ParentID: 680)
    C:Windowssystem32WLANExt.exe (ID: 1736 |ParentID: 1068)
    C:WindowsSystem32spoolsv.exe (ID: 1876 |ParentID: 680)
    C:Program FilesAviraAntiVir Desktopsched.exe (ID: 1900 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1920 |ParentID: 680)
    C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 396 |ParentID: 680)
    C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046aestsrv.exe (ID: 432 |ParentID: 680)
    C:Program FilesAviraAntiVir Desktopavguard.exe (ID: 524 |ParentID: 680)
    C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 540 |ParentID: 680)
    C:Program FilesBonjourmDNSResponder.exe (ID: 560 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 724 |ParentID: 680)
    C:Program FilesCommon FilesLightScribeLSSrvc.exe (ID: 968 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 416 |ParentID: 680)
    C:Program FilesHPQuickPlayKernelTVQPCapSvc.exe (ID: 2156 |ParentID: 680)
    C:Program FilesHPQuickPlayKernelTVQPSched.exe (ID: 2180 |ParentID: 680)
    C:WindowsSMINSTBLService.exe (ID: 2220 |ParentID: 680)
    C:Program FilesCyberLinkShared FilesRichVideo.exe (ID: 2276 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 2332 |ParentID: 680)
    C:WindowsSystem32svchost.exe (ID: 2376 |ParentID: 680)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2468 |ParentID: 680)
    C:Windowssystem32SearchIndexer.exe (ID: 2516 |ParentID: 680)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2556 |ParentID: 2468)
    C:Windowssystem32taskeng.exe (ID: 2736 |ParentID: 1084)
    C:Windowssystem32Dwm.exe (ID: 3088 |ParentID: 1068)
    C:Windowssystem32taskeng.exe (ID: 3144 |ParentID: 1084)
    C:WindowsExplorer.EXE (ID: 3192 |ParentID: 3072)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3456 |ParentID: 836)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3548 |ParentID: 3192)
    C:Program FilesHPQuickPlayQPService.exe (ID: 3556 |ParentID: 3192)
    C:Program FilesWindows DefenderMSASCui.exe (ID: 3580 |ParentID: 3192)
    C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe (ID: 3588 |ParentID: 3192)
    C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe (ID: 3596 |ParentID: 3192)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 3628 |ParentID: 3192)
    C:Program FilesHPHP Software Updatehpwuschd2.exe (ID: 3676 |ParentID: 3192)
    C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID: 3688 |ParentID: 3192)
    C:Program FilesSamsungKiesKiesTrayAgent.exe (ID: 3740 |ParentID: 3192)
    C:Program FilesAviraAntiVir Desktopavgnt.exe (ID: 3752 |ParentID: 3192)
    C:Program FilesIDTWDMsttray.exe (ID: 3800 |ParentID: 3192)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 3816 |ParentID: 3192)
    C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe (ID: 3848 |ParentID: 3192)
    C:Program FilesSamsungKiesKies.exe (ID: 3864 |ParentID: 3192)
    C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe (ID: 3896 |ParentID: 3192)
    C:Program FilesWindows Media Playerwmpnscfg.exe (ID: 3908 |ParentID: 3192)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 1204 |ParentID: 3816)
    C:Program FilesAviraAntiVir Desktopavshadow.exe (ID: 1700 |ParentID: 524)
    C:WindowsSystem32alg.exe (ID: 4032 |ParentID: 680)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 1584 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 4152 |ParentID: 680)
    C:Program FilesHewlett-PackardSharedhpqwmiex.exe (ID: 4316 |ParentID: 680)
    C:Windowssystem32wbemwmiprvse.exe (ID: 4368 |ParentID: 836)
    C:Program FilesHewlett-PackardHP wireless AssistantWiFiMsg.EXE (ID: 4832 |ParentID: 3628)
    C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID: 5012 |ParentID: 680)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 5084 |ParentID: 3936)
    C:Program FilesHewlett-PackardSharedHpqToaster.exe (ID: 5104 |ParentID: 836)
    c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe (ID: 6092 |ParentID: 680)
    C:Program FilesMonAlbumPhotomonAlbumPhoto.exe (ID: 4268 |ParentID: 3192)
    C:Program FilesMozilla Firefoxfirefox.exe (ID: 5500 |ParentID: 3192)
    C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe (ID: 3616 |ParentID: 680)
    C:Program FilesMozilla Firefoxplugin-container.exe (ID: 6012 |ParentID: 5500)
    C:Program FilesMozilla Firefoxplugin-container.exe (ID: 3440 |ParentID: 5500)
    C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe (ID: 1912 |ParentID: 3440)
    C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe (ID: 176 |ParentID: 1912)
    C:Program FilesAdobeReader 10.0ReaderAcroRd32.exe (ID: 2480 |ParentID: 3192)
    C:Program FilesAdobeReader 10.0ReaderAcroRd32.exe (ID: 4120 |ParentID: 2480)
    C:Windowssystem32taskeng.exe (ID: 2072 |ParentID: 1084)
    C:WindowsSystem32WUDFHost.exe (ID: 4840 |ParentID: 1068)
    C:Windowssystem32conime.exe (ID: 2976 |ParentID: 4164)
    C:WindowsSystem32mobsync.exe (ID: 6036 |ParentID: 836)
    C:Program FilesWindows Media Playerwmplayer.exe (ID: 4624 |ParentID: 6036)
    C:UsbFixGo.exe (ID: 1400 |ParentID: 5196)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLMSOFTWARE | Run : [QPService] – “C:Program FilesHPQuickPlayQPService.exe”
    04 – HKLMSOFTWARE | Run : [Windows Defender] – %ProgramFiles%Windows DefenderMSASCui.exe -hide
    04 – HKLMSOFTWARE | Run : [QlbCtrl.exe] – C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
    04 – HKLMSOFTWARE | Run : [OnScreenDisplay] – C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
    04 – HKLMSOFTWARE | Run : [hpWirelessAssistant] – C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    04 – HKLMSOFTWARE | Run : [AppleSyncNotifier] – C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
    04 – HKLMSOFTWARE | Run : [HP Health Check Scheduler] – c:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHpHP Software UpdateHPWuSchd2.exe
    04 – HKLMSOFTWARE | Run : [RIMBBLaunchAgent.exe] – C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
    04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe
    04 – HKLMSOFTWARE | Run : [avgnt] – “C:Program FilesAviraAntiVir Desktopavgnt.exe” /min
    04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-19SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-20SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [LightScribe Control Panel] – C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [ehTray.exe] – C:WindowsehomeehTray.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [OfferBox] – C:Program FilesOfferBoxOfferBox.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [KiesPreload] – C:Program FilesSamsungKiesKies.exe /preload
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [WMPNSCFG] – C:Program FilesWindows Media PlayerWMPNSCFG.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [swg] – “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [Mozilla] – wscript.exe //B “C:UsersMarie-EstelleAppDataRoamingMozilla.vbs”

    ################## | Recherche générique |

    Présent! C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Présent! C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Présent! C:UsersMARIE-~1AppDataLocalTempavgnt.exe
    Présent! G:Mozilla.vbs
    Présent! F:FOUND.000.lnk

    ################## | Référence de comparaison MD5 |

    Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Md5 : 959D7A16B9EA04C5356088803C9805FA -> G:Mozilla.vbs

    ################## | Comparaison MD5 |

    Présent! Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Présent! Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Présent! Md5 : 959D7A16B9EA04C5356088803C9805FA -> G:Mozilla.vbs

    ################## | Registre |

    Présent! HKUS-1-5-21-1917961054-784476770-3265431197-1000SoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Présent! HKUS-1-5-21-1917961054-784476770-3265431197-1000SoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Mozilla

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    :merci2:[/font:x91scau2]

  • lilidurhone
    Post count: 0

    Pas de quoi ;)

    • Relance UsbFix depuis ton Bureau !
    • Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Choisi l’option Suppression

      Note : Si UsbFix bloque à 14%, démarrer en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
  • Telma
    Post count: 0

    [font=Century Gothic:2t93k0ne]Voici mon rapport USBfix :

    ############################## | UsbFix V 7.156 | [Recherche]

    Utilisateur: Marie-Estelle (Administrateur) # PC-MARIE-ESTELL
    Mis à jour le 27/12/2013 par El Desaparecido – Team SosVirus
    Lancé à 20:28:47 | 29/12/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (30FD)
    CPU: AMD Athlon(tm) X2 Dual-Core QL-62
    RAM -> [Total : 3069 | Free : 1114]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
    WB: Windows Internet Explorer : 9.0.8112.16421
    WB: Google Chrome : 31.0.1650.63
    WB: Mozilla Firefox : 26.0
    WB: Safari : 531.22.7

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: Avira Desktop [Enabled | Updated]
    AS: Windows Defender : 1.1.1600.0
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 224 Go (57 Go libre(s) – 25%) [] # NTFS
    D: -> Disque fixe # 9 Go (2 Go libre(s) – 18%) [HP_RECOVERY] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 1010 Mo (1008 Mo libre(s) – 100%) [] # FAT
    G: -> Disque amovible # 64 Mo (64 Mo libre(s) – 100%) [] # FAT

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 568 |ParentID: 556)
    C:Windowssystem32wininit.exe (ID: 632 |ParentID: 556)
    C:Windowssystem32csrss.exe (ID: 640 |ParentID: 624)
    C:Windowssystem32services.exe (ID: 680 |ParentID: 632)
    C:Windowssystem32lsass.exe (ID: 692 |ParentID: 632)
    C:Windowssystem32lsm.exe (ID: 700 |ParentID: 632)
    C:Windowssystem32svchost.exe (ID: 836 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 908 |ParentID: 680)
    C:WindowsSystem32svchost.exe (ID: 944 |ParentID: 680)
    C:Windowssystem32winlogon.exe (ID: 992 |ParentID: 624)
    C:WindowsSystem32svchost.exe (ID: 1040 |ParentID: 680)
    C:WindowsSystem32svchost.exe (ID: 1068 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1084 |ParentID: 680)
    C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046STacSV.exe (ID: 1128 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1308 |ParentID: 680)
    C:Windowssystem32SLsvc.exe (ID: 1324 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1356 |ParentID: 680)
    C:Windowssystem32Hpservice.exe (ID: 1428 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1488 |ParentID: 680)
    C:Windowssystem32WLANExt.exe (ID: 1736 |ParentID: 1068)
    C:WindowsSystem32spoolsv.exe (ID: 1876 |ParentID: 680)
    C:Program FilesAviraAntiVir Desktopsched.exe (ID: 1900 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 1920 |ParentID: 680)
    C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 396 |ParentID: 680)
    C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_e2247046aestsrv.exe (ID: 432 |ParentID: 680)
    C:Program FilesAviraAntiVir Desktopavguard.exe (ID: 524 |ParentID: 680)
    C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 540 |ParentID: 680)
    C:Program FilesBonjourmDNSResponder.exe (ID: 560 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 724 |ParentID: 680)
    C:Program FilesCommon FilesLightScribeLSSrvc.exe (ID: 968 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 416 |ParentID: 680)
    C:Program FilesHPQuickPlayKernelTVQPCapSvc.exe (ID: 2156 |ParentID: 680)
    C:Program FilesHPQuickPlayKernelTVQPSched.exe (ID: 2180 |ParentID: 680)
    C:WindowsSMINSTBLService.exe (ID: 2220 |ParentID: 680)
    C:Program FilesCyberLinkShared FilesRichVideo.exe (ID: 2276 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 2332 |ParentID: 680)
    C:WindowsSystem32svchost.exe (ID: 2376 |ParentID: 680)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2468 |ParentID: 680)
    C:Windowssystem32SearchIndexer.exe (ID: 2516 |ParentID: 680)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2556 |ParentID: 2468)
    C:Windowssystem32taskeng.exe (ID: 2736 |ParentID: 1084)
    C:Windowssystem32Dwm.exe (ID: 3088 |ParentID: 1068)
    C:Windowssystem32taskeng.exe (ID: 3144 |ParentID: 1084)
    C:WindowsExplorer.EXE (ID: 3192 |ParentID: 3072)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3456 |ParentID: 836)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3548 |ParentID: 3192)
    C:Program FilesHPQuickPlayQPService.exe (ID: 3556 |ParentID: 3192)
    C:Program FilesWindows DefenderMSASCui.exe (ID: 3580 |ParentID: 3192)
    C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe (ID: 3588 |ParentID: 3192)
    C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe (ID: 3596 |ParentID: 3192)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 3628 |ParentID: 3192)
    C:Program FilesHPHP Software Updatehpwuschd2.exe (ID: 3676 |ParentID: 3192)
    C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID: 3688 |ParentID: 3192)
    C:Program FilesSamsungKiesKiesTrayAgent.exe (ID: 3740 |ParentID: 3192)
    C:Program FilesAviraAntiVir Desktopavgnt.exe (ID: 3752 |ParentID: 3192)
    C:Program FilesIDTWDMsttray.exe (ID: 3800 |ParentID: 3192)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 3816 |ParentID: 3192)
    C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe (ID: 3848 |ParentID: 3192)
    C:Program FilesSamsungKiesKies.exe (ID: 3864 |ParentID: 3192)
    C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe (ID: 3896 |ParentID: 3192)
    C:Program FilesWindows Media Playerwmpnscfg.exe (ID: 3908 |ParentID: 3192)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 1204 |ParentID: 3816)
    C:Program FilesAviraAntiVir Desktopavshadow.exe (ID: 1700 |ParentID: 524)
    C:WindowsSystem32alg.exe (ID: 4032 |ParentID: 680)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 1584 |ParentID: 680)
    C:Windowssystem32svchost.exe (ID: 4152 |ParentID: 680)
    C:Program FilesHewlett-PackardSharedhpqwmiex.exe (ID: 4316 |ParentID: 680)
    C:Windowssystem32wbemwmiprvse.exe (ID: 4368 |ParentID: 836)
    C:Program FilesHewlett-PackardHP wireless AssistantWiFiMsg.EXE (ID: 4832 |ParentID: 3628)
    C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID: 5012 |ParentID: 680)
    C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE (ID: 5084 |ParentID: 3936)
    C:Program FilesHewlett-PackardSharedHpqToaster.exe (ID: 5104 |ParentID: 836)
    c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe (ID: 6092 |ParentID: 680)
    C:Program FilesMonAlbumPhotomonAlbumPhoto.exe (ID: 4268 |ParentID: 3192)
    C:Program FilesMozilla Firefoxfirefox.exe (ID: 5500 |ParentID: 3192)
    C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe (ID: 3616 |ParentID: 680)
    C:Program FilesMozilla Firefoxplugin-container.exe (ID: 6012 |ParentID: 5500)
    C:Program FilesMozilla Firefoxplugin-container.exe (ID: 3440 |ParentID: 5500)
    C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe (ID: 1912 |ParentID: 3440)
    C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_9_900_170.exe (ID: 176 |ParentID: 1912)
    C:Program FilesAdobeReader 10.0ReaderAcroRd32.exe (ID: 2480 |ParentID: 3192)
    C:Program FilesAdobeReader 10.0ReaderAcroRd32.exe (ID: 4120 |ParentID: 2480)
    C:Windowssystem32taskeng.exe (ID: 2072 |ParentID: 1084)
    C:WindowsSystem32WUDFHost.exe (ID: 4840 |ParentID: 1068)
    C:Windowssystem32conime.exe (ID: 2976 |ParentID: 4164)
    C:WindowsSystem32mobsync.exe (ID: 6036 |ParentID: 836)
    C:Program FilesWindows Media Playerwmplayer.exe (ID: 4624 |ParentID: 6036)
    C:UsbFixGo.exe (ID: 1400 |ParentID: 5196)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLMSOFTWARE | Run : [QPService] – “C:Program FilesHPQuickPlayQPService.exe”
    04 – HKLMSOFTWARE | Run : [Windows Defender] – %ProgramFiles%Windows DefenderMSASCui.exe -hide
    04 – HKLMSOFTWARE | Run : [QlbCtrl.exe] – C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
    04 – HKLMSOFTWARE | Run : [OnScreenDisplay] – C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
    04 – HKLMSOFTWARE | Run : [hpWirelessAssistant] – C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    04 – HKLMSOFTWARE | Run : [AppleSyncNotifier] – C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
    04 – HKLMSOFTWARE | Run : [HP Health Check Scheduler] – c:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHpHP Software UpdateHPWuSchd2.exe
    04 – HKLMSOFTWARE | Run : [RIMBBLaunchAgent.exe] – C:Program FilesCommon FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
    04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe
    04 – HKLMSOFTWARE | Run : [avgnt] – “C:Program FilesAviraAntiVir Desktopavgnt.exe” /min
    04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-19SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-20SOFTWARE | Run : [WindowsWelcomeCenter] – rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [LightScribe Control Panel] – C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [ehTray.exe] – C:WindowsehomeehTray.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [OfferBox] – C:Program FilesOfferBoxOfferBox.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [KiesPreload] – C:Program FilesSamsungKiesKies.exe /preload
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [WMPNSCFG] – C:Program FilesWindows Media PlayerWMPNSCFG.exe
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [swg] – “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-1917961054-784476770-3265431197-1000SOFTWARE | Run : [Mozilla] – wscript.exe //B “C:UsersMarie-EstelleAppDataRoamingMozilla.vbs”

    ################## | Recherche générique |

    Présent! C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Présent! C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Présent! C:UsersMARIE-~1AppDataLocalTempavgnt.exe
    Présent! G:Mozilla.vbs
    Présent! F:FOUND.000.lnk

    ################## | Référence de comparaison MD5 |

    Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Md5 : 959D7A16B9EA04C5356088803C9805FA -> G:Mozilla.vbs

    ################## | Comparaison MD5 |

    Présent! Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMozilla.vbs
    Présent! Md5 : 959D7A16B9EA04C5356088803C9805FA -> C:UsersMarie-EstelleAppDataRoamingMozilla.vbs
    Présent! Md5 : 959D7A16B9EA04C5356088803C9805FA -> G:Mozilla.vbs

    ################## | Registre |

    Présent! HKUS-1-5-21-1917961054-784476770-3265431197-1000SoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Présent! HKUS-1-5-21-1917961054-784476770-3265431197-1000SoftwareMicrosoftWindowsCurrentVersionRun|Mozilla
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Mozilla

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    Merci par avance pour voter aide[/font:2t93k0ne]

  • lilidurhone
    Post count: 0

    Hello

    Je vais te prendre en charge ;)

    • Relance UsbFix depuis ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Choisi l’option Recherche

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
  • Telma
    Post count: 0

    [font=Century Gothic:306yzz9d]Bonjour,

    Ma clé USB est infectée par un virus qui transforme les dossiers/fichiers en raccourcis.
    Je pense que mon pc et du coup infecté aussi… ma deuxième clé usb a aussi ce problème de fichiers/ dossiers en raccoucis !!

    J'ai téléchargé Usbfix…
    Pouvez-vous m'indiquer la procédure à suivre pour la suite?

    Merci par avance[/font:306yzz9d]

Le sujet ‘dossiers en racourcis sur clé usb’ est fermé à de nouvelles réponses.