nettoyer mon pcc pour le retrouver comme neuf 2013-09-19T07:01:58+00:00

SOSVirus : Dépannage PC Gratuit Support Aide à la désinfection – Forum Virus Sécurité nettoyer mon pcc pour le retrouver comme neuf

  • Auteur
    Messages
  • Photo du profil de vinceluluvincelulu
    Participant
    Post count: 4

    Bonjour à tous, je suis nouveau sur le forum et je vous transmet donc mes amitiés. Je suis venus vers vous suite à la découverte par l’antivirus de Microsoft d’un spyware nommer fynloski. Je pense pouvoir le supprimer mais je suis donc tomber sur votre site qui m’a l’air d’être assez pointu pour que je puisse nettoyer mon pc en profondeur pour pouvoir l’utiliser au mieux de ses performances.
    J’ai lu qu’il fallait poster un certain nombre de scan afin de faliciter le traitement du message donc je vous les joint.
    Je vous remercie par avance de toute l’aide que vous voudrez bien me porter.
    Rapport malware :
    [spoiler:116cl3zx]Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    http://www.malwarebytes.org

    Version de la base de données: v2013.09.19.01

    Windows 8 x86 NTFS
    Internet Explorer 10.0.9200.16688
    vincent :: VINCENT-PC [administrateur]

    Protection: Activé

    19/09/2013 08:15:58
    mbam-log-2013-09-19 (08-15-58).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 285934
    Temps écoulé: 7 minute(s), 2 seconde(s)

    Processus mémoire détecté(s): 1
    C:UsersvincentAppDataLocalTempWiçndows Updatewinlogon.exe (Trojan.Agent) -> 4120 -> Suppression au redémarrage.

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 1
    HKCUSoftwareDC3_FEXEC (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 1
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun|winlogon (Trojan.Agent) -> Données: C:UsersvincentAppDataLocalTempWiçndows Updatewinlogon.exe -> Mis en quarantaine et supprimé avec succès.

    Elément(s) de données du Registre détecté(s): 1
    HKLMSOFTWAREMicrosoftSecurity Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès

    Dossier(s) détecté(s): 1
    C:UsersvincentAppDataRoamingdclogs (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.

    Fichier(s) détecté(s): 5
    C:$Recycle.BinS-1-5-21-242652452-4115954367-244113886-1000$R4A7PT0.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès.
    C:UsersvincentAppDataRoamingdclogs2013-09-18-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersvincentAppDataRoamingdclogs2013-09-19-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersvincentAppDataLocalTempsvchost.exe (Trojan.Agent.Gen) -> Mis en quarantaine et supprimé avec succès.
    C:UsersvincentAppDataLocalTempWiçndows Updatewinlogon.exe (Trojan.Agent) -> Suppression au redémarrage.

    (fin)[/spoiler:116cl3zx]
    Rapport adwcleaner :
    [spoiler:116cl3zx]# AdwCleaner v3.004 – Rapport créé le 19/09/2013 à 09:00:05
    # Mis à jour le 15/09/2013 par Xplode
    # Système d'exploitation : Windows 8 Pro (32 bits)
    # Nom d'utilisateur : vincent – VINCENT-PC
    # Exécuté depuis : C:UsersvincentDesktopadwcleaner.exe
    # Option : Scanner

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16688

    -\ Mozilla Firefox v23.0.1 (fr)

    [ Fichier : C:UsersvincentAppDataRoamingMozillaFirefoxProfilesc1s6my4u.defaultprefs.js ]

    -\ Google Chrome v29.0.1547.66

    [ Fichier : C:UsersvincentAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [2401 octets] – [07/09/2013 10:19:14]
    AdwCleaner[R1].txt – [1112 octets] – [19/09/2013 08:36:49]
    AdwCleaner[R2].txt – [1172 octets] – [19/09/2013 08:37:40]
    AdwCleaner[R3].txt – [1223 octets] – [19/09/2013 08:43:56]
    AdwCleaner[R4].txt – [1024 octets] – [19/09/2013 09:00:05]
    AdwCleaner[S0].txt – [2488 octets] – [07/09/2013 10:20:26]
    AdwCleaner[S1].txt – [1235 octets] – [19/09/2013 08:40:40]

    ########## EOF – C:AdwCleanerAdwCleaner[R4].txt – [1204 octets] ##########[/spoiler:116cl3zx]
    Rapport ZHPDiag:
    [spoiler:116cl3zx]~ Rapport de ZHPDiag v2013.9.18.32 – Nicolas Coolman (18/09/2013)
    ~ Lancé par vincent (19/09/2013 08:48:44)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16688
    MFIE: Mozilla Firefox 23.0.1
    GCIE: Google Chrome v29.0.1547.66 (Defaut)
    OBIE: Safari v5.34.57.2

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8 Business Edition, 32-bit (Build 9200)
    Windows Server License Manager Script : OK
    ~ ion : Windows(R) Operating System, RETAIL channel
    Windows ID Activation : OK
    ~ Windows Partial Key : TJCKV
    Windows License : OK
    ~ Windows Remaining Initializations Number : 1000
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W8

    —\ Logiciels d'optimisation du système
    CCleaner v4.05 =>Piriform Ltd

    —\ Logiciels de partage PeerToPeer
    eMule
    FrostWire 5.2.3 v5.2.3.0

    —\ Surveillance de Logiciels
    Adobe Reader X
    Java 7 Update 25

    —\ Informations sur le système
    ~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3326 MB (56% free)
    System Restore: Activé (Enable)
    System drive C: has 14 GB (14%) free of 98 GB

    —\ Mode de connexion au système
    ~ Computer Name: VINCENT-PC
    ~ User Name: vincent
    ~ All Users Names: vincent, postgres, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppData% : C:UsersvincentAppDataRoaming
    ~ %Desktop% : C:UsersvincentDesktop
    ~ %Favorites% : C:UsersvincentFavorites
    ~ %LocalAppData% : C:UsersvincentAppDataLocal
    ~ %StartMenu% : C:UsersvincentAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 14 Go of 98 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 10 Go of 10 Go)
    E: Hard drive, Flash drive, Thumb drive (Free 23 Go of 195 Go)
    F: Hard drive, Flash drive, Thumb drive (Free 45 Go of 195 Go)
    G: Hard drive, Flash drive, Thumb drive (Free 105 Go of 210 Go)
    H: CD-ROM drive (Not Inserted)
    I: Hard drive, Flash drive, Thumb drive (Free 11 Go of 39 Go)
    J: Hard drive, Flash drive, Thumb drive (Free 17 Go of 49 Go)
    K: Hard drive, Flash drive, Thumb drive (Free 22 Go of 56 Go)
    L: Hard drive, Flash drive, Thumb drive (Free 172 Go of 466 Go)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 38 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.EAFE46B0292D2BD2467835E2ACF717CC] – (.Microsoft Corporation – Explorateur Windows.) (.01/06/2013 – 11:24:46.) — C:WindowsExplorer.exe [2106176]
    [MD5.7109FF769FFF962869C50D720F7AA7D7] – (.Microsoft Corporation – Application de démarrage de Windows.) (.26/07/2012 – 04:21:01.) — C:WindowsSystem32Wininit.exe [101376]
    [MD5.F73CE26EFC7AE039A8534722395CE9A7] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.21/08/2013 – 03:06:11.) — C:WindowsSystem32wininet.dll [1767936]
    [MD5.87DA6ACA9AF2F536C68471787D1B3F4A] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/10/2012 – 06:08:28.) — C:WindowsSystem32Winlogon.exe [411648]
    [MD5.FAB11E1AC62579A9BE21593319F8E464] – (.Microsoft Corporation – Bibliothèque de licences.) (.26/07/2012 – 04:20:01.) — C:WindowsSystem32sppcomapi.dll [246784]
    [MD5.F12EFEE4DD20519D0DDF8D78704EE4DE] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.06/11/2012 – 04:50:41.) — C:Windowssystem32DriversAFD.sys [438272]
    [MD5.48D8C3F2006698691F5AE0BB595FDCC8] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.26/07/2012 – 04:42:31.) — C:Windowssystem32Driversatapi.sys [22768]
    [MD5.00B4FA77732C7823D292ECD672660882] – (.Microsoft Corporation – CD-ROM File System Driver.) (.26/07/2012 – 03:38:28.) — C:Windowssystem32DriversCdfs.sys [89088]
    [MD5.4E707EC5071DD8F5C29A7410780BD4C3] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.26/07/2012 – 03:33:53.) — C:Windowssystem32DriversCdrom.sys [135680]
    [MD5.B21FDAC50FCD4CE53C203F097273532A] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.26/07/2012 – 03:34:25.) — C:Windowssystem32DriversDfsC.sys [92160]
    [MD5.4A219AB84D6936C2A61FF44D32EF378D] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/09/2012 – 06:29:43.) — C:Windowssystem32DriversHDAudBus.sys [62464]
    [MD5.11EDC37780E8A2F8E311D73F7658A4D7] – (.Microsoft Corporation – Pilote de port i8042.) (.26/07/2012 – 03:36:23.) — C:Windowssystem32Driversi8042prt.sys [89600]
    [MD5.57B0C0D982013C72911A3F5CBA795034] – (.Microsoft Corporation – IP Network Address Translator.) (.26/07/2012 – 03:29:57.) — C:Windowssystem32DriversIpNat.sys [126976]
    [MD5.5FAC7AC77D9ADD42579EDF678F08DF9F] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.05/02/2013 – 23:30:11.) — C:Windowssystem32DriversMRxSmb.sys [304128]
    [MD5.303A053C25E468B9925C22288BEF8484] – (.Microsoft Corporation – MBT Transport driver.) (.26/07/2012 – 03:31:28.) — C:Windowssystem32DriversnetBT.sys [254464]
    [MD5.99C73E3FE9B36275BD91D2009F2BA2E0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.02/02/2013 – 10:53:24.) — C:Windowssystem32Driversntfs.sys [1614568]
    [MD5.8BCE63AF5B52642E832630F862DE96EF] – (.Microsoft Corporation – Pilote de port parallèle.) (.26/07/2012 – 03:38:17.) — C:Windowssystem32DriversParport.sys [90624]
    [MD5.6E0649D7325D85C47C844EB3267E4625] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.26/07/2012 – 03:30:07.) — C:Windowssystem32DriversRasl2tp.sys [88064]
    [MD5.2CAD2A13569741C67CD9C52F97E0F992] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 – 03:32:22.) — C:Windowssystem32Driversrdpdr.sys [156160]
    [MD5.0886D9F1B5A5334FBB143A260E4BFB5C] – (.Microsoft Corporation – TDI Translation Driver.) (.26/07/2012 – 05:17:16.) — C:Windowssystem32Driverstdx.sys [97792]
    [MD5.C9C8573006D7A8391AFE35D99036B6A0] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.01/06/2013 – 10:41:30.) — C:Windowssystem32Driversvolsnap.sys [281344]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 3/15386
    ~ Mes musiques (My Musics) : 4/3291
    ~ Mes Videos (My Videos) : 2/12
    ~ Mes Favoris (My Favorites) : 1/28
    ~ Mes Documents (My Documents) : 2/2072
    ~ Mon Bureau (My Desktop) : 3/955
    ~ Menu demarrer (Programs) : 1/48
    ~ Hidden Files: Scanned in 00mn 02s

    —\ Processus lancés
    [MD5.0854491F73AEA9BE5728C5A0EBC3B0DC] – (.Microsoft Corporation – IPoint.exe.) — C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [1668224] [PID.2752]
    [MD5.3E7332DE76AF4704B02036B2B49C662C] – (.Microsoft Corporation – Processus hôte pour Tâches Windows.) — C:WINDOWSsystem32taskhostex.exe [53760] [PID.2760]
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe [532040] [PID.2772]
    [MD5.96B56EA42E3D6F39159E1495BDE1445E] – (.Microsoft Corporation – IType.exe.) — C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1093744] [PID.2796]
    [MD5.674E33892FCFC25DF29954D017325C8C] – (.Microsoft Corporation – Communications Service.) — C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbweLiveComm.exe [138672] [PID.2648]
    [MD5.77F791522FCA324328CB8BBC71BBB933] – (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtHDVCpl.exe [9726568] [PID.3900]
    [MD5.97FDFBFEFEBA6AF5D5A890907C7E0E4F] – (.Western Digital – WD Drive Auto Unlock.) — C:Program FilesWestern DigitalWD SecurityWDDriveAutoUnlock.exe [1688008] [PID.4876]
    [MD5.51DE37D122CE5BB7955A050D9D8A614F] – (.Western Digital Technologies, Inc. – WD Drive Manager Status.) — C:Program FilesWestern DigitalWD SmartWareWDDMStatus.exe [3998616] [PID.5288]
    [MD5.C948AC73822CA662CF44185B909EA18B] – (.Microsoft Corporation – Microsoft Office Document Cache.) — C:Program FilesMicrosoft OfficeOffice14MSOSYNC.exe [720064] [PID.5276]
    [MD5.DF1BBA1168C0AD1D080A1F1B99576A76] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [829392] [PID.5144]
    [MD5.C64E9B1C9EA057DCECDCB98F34377811] – (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program FilesMicrosoft OfficeOffice14ONENOTEM.exe [228552] [PID.5476]
    [MD5.AD3A07FEBB3B9F0110C90C26FC95E029] – (.Microsoft Corporation – Runtime Broker.) — C:WindowsSystem32RuntimeBroker.exe [29808] [PID.6100]
    [MD5.B8341F5F578A4BBEDEB65F77EC71F448] – (.Nicolas Coolman – ZHPDiag.) — C:UsersvincentDesktopZHPDiagZHPDiag.exe [7971840] [PID.4972]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersvincentAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [lmhgbkdmpednmhihlplngapkopaophij] L'Equipe.fr v.1.0.2 (Désactivé)
    G2 – GCE: Preference [User DataDefault] [nbldodhfmmfcfaooalepihkfkmjhnmei] Coloriages v.1.1, (Activé)
    ~ Google Browser: 19 Legitimates Filtered in 00mn 07s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 109

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Easy Photo Print – [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology – Epson Easy Photo Print (TBL).) — C:Program FilesEpson SoftwareEasy Photo PrintEPTBL.dll
    O3 – Toolbar: Adobe Acrobat Create PDF Toolbar – [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program FilesCommon FilesAdobeAcrobatWCIEActiveXAcroIEFavClient.dll
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSProgram [Public]: Desktop.lnk – Clé orpheline
    O4 – GSProgram [Public]: Polar WebLink.lnk . (.Polar Electro Oy – Pas de description.) — C:Program FilesPolarWebLink 2.4WebLink.exe
    O4 – GSProgram [Public]: Safari.lnk . (…) — C:WindowsInstaller{C779648B-410E-4BBA-B75B-5815BCEFE71D}SafariIco.exe
    O4 – GSQuickLaunch [vincent]: Apple Safari.lnk . (…) — C:WindowsInstaller{C779648B-410E-4BBA-B75B-5815BCEFE71D}SafariIco.exe
    O4 – GSQuickLaunch [vincent]: Free Easy Burner.lnk . (.Koyote Soft – Main Application.) — C:Program FilesFree Easy CD DVD BurnerFreeEasyBurner.exe
    O4 – GSQuickLaunch [vincent]: FrostWire 5.2.3.lnk . (.FrostWire Group – FrostWire.) — C:Program FilesFrostWire 5FrostWire.exe
    O4 – GSQuickLaunch [vincent]: PokerStove.lnk . (…) — C:Program FilesPokerStovePokerStove.exe
    O4 – GSQuickLaunch [vincent]: XnView.lnk . (.XnView, http://www.xnview.com” onclick=”window.open(this.href);return false; – XnView for Windows.) — C:Program FilesXnViewxnview.exe
    O4 – GSProgram [vincent]: EverestPoker.fr.lnk . (.Playtech – Playtech Client Engine Application.) — C:PokerEverestPoker.frcasino.exe
    O4 – GSProgram [vincent]: Free Easy CD DVD Burner.lnk . (.Koyote Soft – Main Application.) — C:Program FilesFree Easy CD DVD BurnerFreeEasyBurner.exe
    O4 – GSDesktop [postgres]: Album Cover Art Downloader.lnk . (…) — C:Program FilesAlbum Cover Art Downloaderalbumart-qt.exe
    O4 – GSDesktop [postgres]: PokerTracker 3.lnk . (…) — C:Program FilesPokerTracker 3PokerTracker.exe (.not file.)
    ~ Global Startup: 73 Legitimates Filtered in 00mn 01s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – GSStartup [vincent]: Dropbox.lnk . (.Dropbox, Inc. – Dropbox.) — C:UsersvincentAppDataRoamingDropboxbinDropbox.exe
    O4 – GSStartup [vincent]: media center Bouygues Telecom.lnk . (…) — C:ProgramDatamedia center Bouygues Telecommedia centerexternalMediaServerTray.exe
    O4 – GSStartup [vincent]: OneNote 2010 – Capture d’écran et lancement.lnk . (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program FilesMicrosoft OfficeOffice14ONENOTEM.exe
    O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtHDVCpl.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe
    O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe
    O4 – HKLM..Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated – Adobe CS5 Service Manager.) — C:Program FilesCommon FilesAdobeCS5ServiceManagerCS5ServiceManager.exe
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [BCSSync] . (.Microsoft Corporation – Microsoft Office 2010 component.) — C:Program FilesMicrosoft OfficeOffice14BCSSync.exe
    O4 – HKLM..Run: [DNS7reminder] . (.Nuance Communications, Inc. – Ereg.) — C:Program FilesNuanceNaturallySpeaking10EregEreg.exe
    O4 – HKLM..Run: [EEventManager] . (.SEIKO EPSON CORPORATION – EEventManager Application.) — C:Program FilesEpson SoftwareEvent ManagerEEventManager.exe
    O4 – HKLM..Run: [ISUSScheduler] . (.InstallShield Software Corporation – InstallShield Update Service Scheduler.) — C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
    O4 – HKLM..Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. – SSBkgdUpdate.) — C:Program FilesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe
    O4 – HKLM..Run: [StartCCC] . (.Advanced Micro Devices, Inc. – Catalyst® Control Center Launcher.) — C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe
    O4 – HKLM..Run: [SwitchBoard] . (.Adobe Systems Incorporated – SwitchBoard Server (32 bit).) — C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe
    O4 – HKLM..Run: [WinampAgent] . (.Nullsoft, Inc. – Winamp Agent.) — C:Program FilesWinampwinampa.exe
    O4 – HKLM..Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 11.0AcrobatAcrotray.exe
    O4 – HKLM..Run: [LogMeIn GUI] . (.LogMeIn, Inc. – LogMeIn Desktop Application.) — C:Program FilesLogMeInx86LogMeInSystray.exe
    O4 – HKLM..Run: [Zune Launcher] . (.Microsoft Corporation – Zune Auto-Launcher.) — C:Program FilesZuneZuneLauncher.exe
    O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O4 – HKLM..Run: [Bonus.SSR.FR11] . (.ABBYY. – ABBYY ScreenshotReader.) — C:Program FilesABBYY FineReader 11Bonus.ScreenshotReader.exe
    O4 – HKLM..Run: [WD Drive Unlocker] . (.Western Digital – WD Drive Auto Unlock.) — C:Program FilesWestern DigitalWD SecurityWDDriveAutoUnlock.exe
    O4 – HKLM..Run: [WD Quick View] . (.Western Digital Technologies, Inc. – WD Drive Manager Status.) — C:Program FilesWestern DigitalWD SmartWareWDDMStatus.exe
    O4 – HKLM..Run: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesHelper.exe
    O4 – HKLM..Run: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe
    O4 – HKCU..Run: [Epson Stylus SX525WD(Réseau)] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:Windowssystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKCU..Run: [EPSON SX525WD Series] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:Windowssystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKCU..Run: [Grid] . (.Pas de propriétaire – HydraGrid Application.) — C:Program FilesATI TechnologiesHydraVisionHydraGrd.exe
    O4 – HKCU..Run: [TomTomHOME.exe] . (.TomTom – System Tray application for TomTom HOME.) — C:Program FilesTomTom HOME 2TomTomHOMERunner.exe
    O4 – HKCU..Run: [ISUSPM Startup] . (.InstallShield Software Corporation – InstallShield Update Service Update Manager.) — C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
    O4 – HKCU..Run: [SkyDrive] . (.Microsoft Corporation – Microsoft SkyDrive.) — C:UsersvincentAppDataLocalMicrosoftSkyDriveSkyDrive.exe
    O4 – HKCU..Run: [Hobbyist Software VLC Streamer] . (.Hobbyist Software – VLC Streamer Configuration.) — C:Program FilesHobbyist SoftwareVLC StreamerVLC Streamer Configuration.exe
    O4 – HKCU..Run: [iCloudServices] . (.Apple Inc. – iCloud.) — C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe
    O4 – HKCU..Run: [EPSON699E87 (Epson Stylus SX525WD)] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:WINDOWSsystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKCU..Run: [OfficeSyncProcess] . (.Microsoft Corporation – Microsoft Office Document Cache.) — C:Program FilesMicrosoft OfficeOffice14MSOSYNC.exe
    O4 – HKCU..Run: [gStart] . (.GARMIN Corp. – gStart Application.) — C:Program FilesGarminTraining CentergStart.exe
    O4 – HKUSS-1-5-18..Run: [EPSON699E87 (Epson Stylus SX525WD)] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:WINDOWSsystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [Epson Stylus SX525WD(Réseau)] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:Windowssystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [EPSON SX525WD Series] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:Windowssystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [Grid] . (.Pas de propriétaire – HydraGrid Application.) — C:Program FilesATI TechnologiesHydraVisionHydraGrd.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [TomTomHOME.exe] . (.TomTom – System Tray application for TomTom HOME.) — C:Program FilesTomTom HOME 2TomTomHOMERunner.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [ISUSPM Startup] . (.InstallShield Software Corporation – InstallShield Update Service Update Manager.) — C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [SkyDrive] . (.Microsoft Corporation – Microsoft SkyDrive.) — C:UsersvincentAppDataLocalMicrosoftSkyDriveSkyDrive.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [Hobbyist Software VLC Streamer] . (.Hobbyist Software – VLC Streamer Configuration.) — C:Program FilesHobbyist SoftwareVLC StreamerVLC Streamer Configuration.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [iCloudServices] . (.Apple Inc. – iCloud.) — C:Program FilesCommon FilesAppleInternet ServicesiCloudServices.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [EPSON699E87 (Epson Stylus SX525WD)] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:WINDOWSsystem32spoolDRIVERSW32X863E_FATIGAE.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [OfficeSyncProcess] . (.Microsoft Corporation – Microsoft Office Document Cache.) — C:Program FilesMicrosoft OfficeOffice14MSOSYNC.exe
    O4 – HKUSS-1-5-21-242652452-4115954367-244113886-1000..Run: [gStart] . (.GARMIN Corp. – gStart Application.) — C:Program FilesGarminTraining CentergStart.exe
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~3Office14ONBttnIE.dll
    O9 – Extra button: Notes &liées OneNote – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~3Office14ONBTTN~1.dll
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{405A4303-B374-404C-82FF-D5A2D7A16466}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCCSServicesTcpip..{AE6B505C-626D-48FF-9FB2-3AD9EAAC793E}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCCSServicesTcpip..{C411FC10-9367-4ABB-B3FD-E9A34EC8EAD7}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCCSServicesTcpip..{FCAF1E95-FB18-4A48-9225-7B6F3F5FAB57}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCS1ServicesTcpip..{405A4303-B374-404C-82FF-D5A2D7A16466}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCS1ServicesTcpip..{AE6B505C-626D-48FF-9FB2-3AD9EAAC793E}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCS1ServicesTcpip..{C411FC10-9367-4ABB-B3FD-E9A34EC8EAD7}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCS1ServicesTcpip..{FCAF1E95-FB18-4A48-9225-7B6F3F5FAB57}: DhcpNameServer = 89.2.0.1 89.2.0.2
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 89.2.0.1 89.2.0.2
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Photo Gallery Album Download Protocol Handl.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O18 – Filter: text/xml – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Polar Daemon (Polar Daemon) . (…) – C:Program FilesPolarDaemonpolard.exe
    O23 – Service: WDRules (WDRulesService) . (.Western Digital – WD Business Rule Engine.) – C:Program FilesWestern DigitalWD SmartWareWDRulesEngine.exe
    ~ Services: 12 Legitimates Filtered in 00mn 03s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT:Automatic Planified Task – C:WindowsTasksDriverNavigator Scheduled Scan.job [440]
    ~ Scheduled Task: 13 Legitimates Filtered in 00mn 02s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Album Cover Art Downloader 1.6.6 – (.Sami Kyöstilä.) [HKLM] — Album Cover Art Downloader
    O42 – Logiciel: Creevity Mp3 Cover Downloader – (.Diego Alicata.) [HKLM] — Mp3 Cover Downloader_is1
    O42 – Logiciel: PokerStars.fr – (.PokerStars.fr.) [HKLM] — PokerStars.fr
    O42 – Logiciel: PokerStove version 1.24 – (…) [HKLM] — {6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1
    O42 – Logiciel: PokerTracker 3 (remove only) – (…) [HKLM] — PokerTracker3
    ~ Logic: 201 Legitimates Filtered in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwarePokerStove]
    ~ Key Software: 265 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 07/06/2012 – 19:43:16 – [20,589] —-D C:Program FilesAlbum Cover Art Downloader
    O43 – CFD: 07/06/2012 – 19:49:41 – [4,857] —-D C:Program FilesCreevity Mp3 Cover Downloader
    O43 – CFD: 24/08/2013 – 18:35:26 – [269,324] —-D C:Program FilesmyPIX
    O43 – CFD: 21/06/2012 – 18:33:18 – [64,039] —-D C:Program FilesPokerStars.FR
    O43 – CFD: 23/04/2012 – 19:38:34 – [3,835] —-D C:Program FilesPokerStove
    O43 – CFD: 02/09/2013 – 23:25:31 – [44,785] —-D C:Program FilesPokerTracker 3
    O43 – CFD: 21/08/2013 – 10:58:17 – [11,844] —-D C:Program FilesPolar
    O43 – CFD: 07/04/2013 – 12:08:37 – [0,693] —-D C:ProgramDataInstallMate
    O43 – CFD: 07/06/2012 – 19:49:48 – [0,000] —-D C:UsersvincentAppDataRoamingCreevity Mp3 Cover Downloader
    O43 – CFD: 28/08/2013 – 00:00:04 – [0] —-D C:UsersvincentAppDataRoamingwam
    O43 – CFD: 15/01/2011 – 01:12:27 – [2,375] —-D C:UsersvincentAppDataRoamingwam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
    O43 – CFD: 23/09/2011 – 18:54:20 – [0] –HAD C:UsersvincentAppDataLocal2zXPfquxmpH
    O43 – CFD: 21/06/2012 – 18:58:08 – [0,632] —-D C:UsersvincentAppDataLocalPokerStars.FR
    O43 – CFD: 07/06/2012 – 19:43:12 – [0] —-D C:UsersvincentAppDataRoamingMicrosoftWindowsStart MenuProgramsAlbum Cover Art Downloader
    O43 – CFD: 02/11/2012 – 12:35:43 – [0,003] —-D C:UsersvincentAppDataRoamingMicrosoftWindowsStart MenuProgramsPokerStars.FR
    O43 – CFD: 02/11/2012 – 12:35:43 – [0,001] —-D C:UsersvincentAppDataRoamingMicrosoftWindowsStart MenuProgramsPokerStove
    O43 – CFD: 26/11/2011 – 14:10:16 – [0] —-D C:UsersvincentAppDataRoamingMicrosoftWindowsStart MenuProgramsPokerTracker 3
    ~ 8 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 320 Legitimates Filtered in 01mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.9B72509C97A2122FC837AC375D560BE5] – 19/09/2013 – 06:56:33 —A- . (…) — C:UsbFix [Scan 2] VINCENT-PC.txt [10525]
    O44 – LFC:[MD5.D06A088218F88C5D2D77FAC1765E47BA] – 15/09/2013 – 12:41:52 —A- . (…) — C:WindowsSystem32lame_enc.dll [484352]
    O44 – LFC:[MD5.2CE63B3A60C54BF7421B090429C286B0] – 12/09/2013 – 22:18:31 —A- . (…) — C:WindowsSystem32ApnDatabase.xml [387583]
    ~ Files: 96 Legitimates Filtered in 00mn 02s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.CBA20933770F169914ECC8C3DF213DBB] – 01/09/2013 – 13:03:33 —A- – C:WindowsPrefetchWEBLINK.EXE-095B925F.pf
    O45 – LFCP:[MD5.F0184F12DBD7118C0B46A447A9E4FBFD] – 04/09/2013 – 07:04:13 —A- – C:WindowsPrefetchMAPSOURCE.EXE-066B177A.pf
    O45 – LFCP:[MD5.26FB53F441BB75CDCBB64329687C04A8] – 04/09/2013 – 14:05:15 —A- – C:WindowsPrefetchBASECAMP.EXE-4CFD92E3.pf
    O45 – LFCP:[MD5.BF3A64C8C31D318A171313191D418C50] – 07/09/2013 – 09:23:21 —A- – C:WindowsPrefetchGSTART.EXE-5B942965.pf
    O45 – LFCP:[MD5.F210B00143942835E563FE835EDA7C42] – 07/09/2013 – 10:16:44 —A- – C:WindowsPrefetchDEEZER.EXE-0D1B1254.pf
    O45 – LFCP:[MD5.92D2231810D78D41796CC1E22B317B0D] – 10/09/2013 – 19:16:39 —A- – C:WindowsPrefetchFACEBOOKNETWORK.EXE-964055DB.pf
    O45 – LFCP:[MD5.43670A04F6B330C13B12E8ACC57925D9] – 14/09/2013 – 10:52:27 —A- – C:WindowsPrefetchBOOKREADER.EXE-D453E145.pf
    O45 – LFCP:[MD5.D8E41354335EABA3071DA843B6AB7742] – 14/09/2013 – 11:13:28 —A- – C:WindowsPrefetchADE_2.0_INSTALLER.EXE-A38CBF78.pf
    O45 – LFCP:[MD5.F20623D7048F49491464BCE4156688E7] – 14/09/2013 – 23:31:30 —A- – C:WindowsPrefetchCDEX_CDEX_1.7_BETA_4_ANGLAIS_-DABD2FC5.pf
    O45 – LFCP:[MD5.405AF10C5CE489C49D985741525FB5B9] – 15/09/2013 – 12:39:33 —A- – C:WindowsPrefetchCDEX.EXE-9BE650F9.pf
    O45 – LFCP:[MD5.BF0ED19364A8F9717834D2246E1F8CE3] – 15/09/2013 – 12:41:13 —A- – C:WindowsPrefetchFREEEASYCDDVDBURNERSETUP-R101-DE5EBCD5.pf
    O45 – LFCP:[MD5.E38B0BCE34166241DDCB682A7CF11769] – 15/09/2013 – 12:41:56 —A- – C:WindowsPrefetchPACK.TMP-97BED4E7.pf
    O45 – LFCP:[MD5.7B142FA5970612EA77DA634EFE21066D] – 15/09/2013 – 12:42:09 —A- – C:WindowsPrefetchFREEEASYBURNER.EXE-250BBA1E.pf
    O45 – LFCP:[MD5.45B74BC3EB6316054E915FF2079EAD37] – 15/09/2013 – 22:00:00 —A- – C:WindowsPrefetchLIGHTROOM.EXE-44BA3C30.pf
    O45 – LFCP:[MD5.B99476B5564145832D9B8CBD8D1DCBD1] – 17/09/2013 – 17:18:19 —A- – C:WindowsPrefetchdynreservedpri.db
    O45 – LFCP:[MD5.A7BFBB1AC57087D2523D62BA879F6DC8] – 18/09/2013 – 16:00:53 —A- – C:WindowsPrefetchBOOTIM.EXE-26F038E5.pf
    O45 – LFCP:[MD5.30AE2BF75CF62287199DEDC1CF7A3AF8] – 18/09/2013 – 17:32:20 —A- – C:WindowsPrefetchACDSEEPRO4.EXE-954165F3.pf
    O45 – LFCP:[MD5.2C91625058CB97151B33093D4A2E0AF2] – 18/09/2013 – 20:03:25 —A- – C:WindowsPrefetchMDESERVER.EXE-EFBF806C.pf
    O45 – LFCP:[MD5.0E93A6D0298F31C9119D74B6DF70B254] – 18/09/2013 – 20:03:25 —A- – C:WindowsPrefetchWMPDMC.EXE-EDC91EDB.pf
    O45 – LFCP:[MD5.78A5053B70FB96BEBFE923A5EFCC842E] – 18/09/2013 – 21:29:49 —A- – C:WindowsPrefetchTSKILL.EXE-C0832FBA.pf
    O45 – LFCP:[MD5.C57B78FF6B809FFC4A72C6CBAB6C4BE0] – 18/09/2013 – 21:29:53 —A- – C:WindowsPrefetchFROSTWIRE.EXE-6950FF7C.pf
    O45 – LFCP:[MD5.99CB4E248876C0366326353FEFA63706] – 18/09/2013 – 21:35:05 —A- – C:WindowsPrefetchBTDOWNLOADGUI.EXE-585EC366.pf
    O45 – LFCP:[MD5.C7FE29C6F131A2BF03A076270F873564] – 18/09/2013 – 21:35:48 —A- – C:WindowsPrefetchUPDATER-FA08357C.pf
    O45 – LFCP:[MD5.17A5FA6D33202E0D46C0AF1FEDA2C86A] – 18/09/2013 – 22:08:53 —A- – C:WindowsPrefetchCORE10K.EXE-6F799C16.pf
    O45 – LFCP:[MD5.3B7ED63A9528F5E434E5075E28070FB5] – 18/09/2013 – 22:09:03 —A- – C:WindowsPrefetchKEYGEN.EXE-68F1916C.pf
    O45 – LFCP:[MD5.2CE8525661CB78158FAEA23BE4E595CF] – 18/09/2013 – 22:22:17 —A- – C:WindowsPrefetchSETUP32.EXE-24121A75.pf
    O45 – LFCP:[MD5.3A159DCDEBBAA8A5E4F34D16AEED94CF] – 18/09/2013 – 22:22:30 —A- – C:WindowsPrefetchSETUP32.EXE-CA4E6528.pf
    O45 – LFCP:[MD5.165E9381FBBE14227FA5F113D1AF8F52] – 18/09/2013 – 22:31:00 —A- – C:WindowsPrefetchDYNAMICLINKMEDIASERVER.EXE-CB0FAEEC.pf
    O45 – LFCP:[MD5.AF56DC6376AAA975398286BD28D8DD4E] – 19/09/2013 – 00:25:22 —A- – C:WindowsPrefetchLIGHTROOM.EXE-F88ABF0B.pf
    O45 – LFCP:[MD5.830146429DDEBCF01B2F4A9BF323646E] – 19/09/2013 – 06:51:51 —A- – C:WindowsPrefetchGO.EXE-759C3391.pf
    O45 – LFCP:[MD5.591BF5345E3E73334F53AC1D9F590C01] – 19/09/2013 – 07:15:20 —A- – C:WindowsPrefetchWINAMAX POKER.EXE-F44E6FAD.pf
    O45 – LFCP:[MD5.E079F62E47F218223941A23460E96E37] – 20/08/2013 – 11:37:59 —A- – C:WindowsPrefetchSPRINT.EXE-C199ACF8.pf
    O45 – LFCP:[MD5.801558FDA74869A0B59ADF1A5839D027] – 23/08/2013 – 13:50:17 —A- – C:WindowsPrefetchCIV4BEYONDSWORD.EXE-576771F4.pf
    O45 – LFCP:[MD5.08C81F1EC09537A96491F4FF54BF681B] – 24/08/2013 – 17:35:26 —A- – C:WindowsPrefetchSETUP_MES_CREATIONS_PHOTO_MYP-53E74687.pf
    O45 – LFCP:[MD5.F9F6C6E6D1E2F3DC73FE44A5D661B502] – 24/08/2013 – 18:13:18 —A- – C:WindowsPrefetchMES CRÉATIONS PHOTO MYPIX.COM-CBB0F722.pf
    O45 – LFCP:[MD5.5002190C4C6263FBC825BACD941FE05F] – 24/08/2013 – 18:16:25 —A- – C:WindowsPrefetchGALERIE PHOTO MYPIX.COM.EXE-F775468A.pf
    O45 – LFCP:[MD5.A2801D101784879B9ABA47BDEAB44F80] – 28/08/2013 – 00:30:37 —A- – C:WindowsPrefetchWLXPGSS.SCR-6CB227FB.pf
    O45 – LFCP:[MD5.031155F35BE634447A39B46793158409] – 29/08/2013 – 18:07:11 —A- – C:WindowsPrefetchFINEREADER.EXE-4896FAE0.pf
    O45 – LFCP:[MD5.524BD514CD468DA9BE339B38CCC6204E] – 30/08/2013 – 17:16:02 —A- – C:WindowsPrefetchGSTARTER.EXE-ABC7C850.pf
    O45 – LFCP:[MD5.1878AD829FFFDE1C226D7BF76A48B93C] – 30/08/2013 – 17:49:48 —A- – C:WindowsPrefetchSETUP-STUB.EXE-A5139133.pf
    O45 – LFCP:[MD5.A4FFF12AE4C23AEFFEDE8C7DC93238D8] – 31/08/2013 – 14:33:52 —A- – C:WindowsPrefetchFOOBAR2000_1-2-9_FR_11022.EXE-01D88376.pf
    O45 – LFCP:[MD5.A1B06A0FD5E2DCA92C903FEADE7ABC6B] – 31/08/2013 – 14:34:37 —A- – C:WindowsPrefetchFOOBAR2000.EXE-28DE0E27.pf
    ~ Prefetcher: 279 Legitimates Filtered in 00mn 00s

    —\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~3Office14GROOVEEX.DLL
    ~ ShellExecuteHooks: Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKCU…PoliciesSystem] – “EnableLUA”=0
    ~ MWPS: 18 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.3BE1651C63954067940E7F473498AD70] – 06/09/2010 – 08:16:58 —A- . (.Devguru Co., Ltd – Device Error Recovery SDK(x86).) — C:WindowsSystem32Driversdgderdrv.sys [18120]
    O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 25/07/2012 – 23:52:51 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    ~ Drivers: 18 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 17/09/2013 – 16:51:51 —A- . (…) — C:UsersvincentAppDataRoamingMicrosoftIdentityCRLproductionMetaConfig.xml [163]
    O61 – LFC: 17/09/2013 – 18:24:52 —A- . (…) — C:UsersvincentDownloadsCamille.Redouble.2012.FRENCH.BRRip.x264.AC3-FUNKY [www.frenchtorrentdb.com].torrent [3951]
    O61 – LFC: 17/09/2013 – 18:25:48 —A- . (…) — C:UsersvincentDownloadsDexter.S08E11.PROPER.VOSTFR.HDTV.XviD-ATeam [www.frenchtorrentdb.com].torrent [1786]
    O61 – LFC: 17/09/2013 – 21:11:39 —A- . (…) — C:UsersvincentAppDataRoaming.BitTornadodatacache0ed8f1d37d3b370ab2932fc4c2681a8e4e3135f [305]
    O61 – LFC: 17/09/2013 – 23:27:47 —A- . (…) — C:UsersvincentAppDataRoaming.BitTornadodatacache9e325701b83c3ec6c31980dd6a6f4dc93dbe874b [305]
    O61 – LFC: 18/09/2013 – 21:29:46 —A- . (…) — C:Usersvincent.frostwire5skins.dat [9]
    O61 – LFC: 18/09/2013 – 21:35:23 —A- . (…) — C:Usersvincent.frostwire5search_dbsearch_db.h2.db [39127040]
    O61 – LFC: 18/09/2013 – 21:35:26 —A- . (…) — C:Usersvincent.frostwire5frostwire.props [776]
    O61 – LFC: 18/09/2013 – 21:35:26 —A- . (…) — C:Usersvincent.frostwire5installation.props [315]
    O61 – LFC: 18/09/2013 – 21:35:26 —A- . (…) — C:Usersvincent.frostwire5library_dblibrary_db.h2.db [61440]
    O61 – LFC: 18/09/2013 – 21:35:26 —A- . (…) — C:Usersvincent.frostwire5questions.props [91]
    O61 – LFC: 18/09/2013 – 21:35:26 —A- . (…) — C:Usersvincent.frostwire5tables.props [632]
    O61 – LFC: 18/09/2013 – 21:38:48 —A- . (…) — C:UsersvincentAppDataRoamingwam#airversion3.8.0.1430 [0]
    O61 – LFC: 18/09/2013 – 22:13:01 —A- . (…) — C:UsersvincentAppDataRoaming.BitTornadodatacachecd2e3a017171dce66b5c9ef1187462c0f1cf5471 [370]
    O61 – LFC: 19/09/2013 – 00:30:07 —A- . (…) — C:UsersvincentAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [259047]
    O61 – LFC: 19/09/2013 – 07:50:00 —A- . (…) — C:UsersvincentAppDataLocalGoogleChromeUser DataLocal State [67672]
    ~ 31 Fichiers temporaires (Temporary files)
    ~ Files: 648 Legitimates Filtered in 00mn 19s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: < .html> [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 19 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Apple Inc. – Safari.) — C:Program FilesSafariSafari.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    F:archiveAdobe.Photoshop.Lightroom.v3.2.Multilingual.Incl.Keymaker-COREkeygen.exe
    F:jeuxNikSoft.Silver.Efex.1 – KopiaNik.Software.Silver.Efex.Pro.v1.0.Inclkeygen.exe
    F:PokerTracker.3.Holdem.v3.00.Beta.23.WinAll.Cracked-CRDcrackPokerTracker.exe
    F:PokerTracker.3.Holdem.v3.00.Beta.23.WinAll.Cracked-CRDcrd.exe
    F:PokerTracker.3.Holdem.v3.00.Beta.23.WinAll.Cracked-CRDsetupPT-Install-v3.00.b23.pgsql.exe
    F:retouche photoAdobe.Photoshop.Lightroom.v3.2.Multilingual.Incl.Keymaker-COREkeygen.exe
    G:Adobe.Creative.Suite.5.Master.Collection.Multilingual.ESD.ISO-COREkeygen.exe
    G:Adobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-COREkeygen.exe
    G:Allo.Adobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-COREAdobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-COREkeygen.exe
    J:Adobe_Photoshop_Lightroom_5.2Adobe Photoshop Lightroom 5.2Adobe Photoshop Lightroom 5.2 RCkeygen.exe
    ~ Files: Scanned in 01mn 32s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.CC1E61A268456790F640C93241434894] [SPRF][03/09/2013] (…) — C:UsersvincentAppDataLocalTempMapSource.reg [392]
    [MD5.6A6CE9A0410A29061FCF6CAD8DE0387C] [SPRF][19/09/2013] (…) — C:UsersvincentDesktopadwcleaner.exe [1039554]
    [MD5.353D9DF4CB532B1F86ED3512BBCD1D90] [SPRF][16/08/2013] (.Gracenote, Inc. – Gracenote SDK component.) — C:Program Filesgnsdk_dsp.dll [3008536]
    [MD5.AF73DD7FA42F5C2A207B10EB023CA119] [SPRF][16/08/2013] (.Gracenote, Inc. – Gracenote SDK component.) — C:Program Filesgnsdk_musicid.dll [219672]
    [MD5.A76C167A8D31059F62C509ABC91D23C6] [SPRF][16/08/2013] (.Gracenote, Inc. – Gracenote SDK component.) — C:Program Filesgnsdk_sdkmanager.dll [776216]
    [MD5.72405B94C00A2E60D8C6E98050C99F04] [SPRF][16/08/2013] (.Gracenote, Inc. – Gracenote SDK component.) — C:Program Filesgnsdk_submit.dll [262680]
    ~ Files: 19 Legitimates Filtered in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “{02492F98-0521-457C-B7DA-3A6F0F2891A8}” |In – Private – P17 – TRUE | .(…) — C:Program FilesFiraxis GamesSid Meier's Civilization 4Civilization4.exe (.not file.)
    O87 – FAEL: “{437C0B1A-DF48-4C04-BE83-B3E3F0F6FCA9}” |In – Private – P6 – TRUE | .(…) — C:Program FilesFiraxis GamesSid Meier's Civilization 4Civilization4.exe (.not file.)
    O87 – FAEL: “UDP Query User{30BB6B00-D528-4DF8-B474-C6D3A9B21B91}C:program filesbittornadobtdownloadgui.exe” | In – Private – P17 – TRUE | .(…) — C:program filesbittornadobtdownloadgui.exe
    O87 – FAEL: “TCP Query User{478C9274-2B67-42E5-9DE7-235F65E90CBE}C:program filesbittornadobtdownloadgui.exe” | In – Private – P6 – TRUE | .(…) — C:program filesbittornadobtdownloadgui.exe
    ~ Firewall: 288 Legitimates Filtered in 00mn 00s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “562BBA1AB629C184A815185265D6EF28” . (.Polar WebLink 2.4.13.) — C:WINDOWSInstaller{A1ABB265-926B-481C-8A51-8125566DFE82}ARPPRODUCTICON.exe
    O90 – PUC: “D0239AB2160E17C4CABCCAE0D9F48CB2” . (.Polar Daemon.) — C:WINDOWSInstaller{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}ARPPRODUCTICON.exe
    ~ Update Products: 180 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.99792C466D9164D252146EC54BBF03E2] [WIS][31/07/2012] (.Bouygues Telecom – media center.) — C:WindowsInstaller17aaab.msi [38912]
    [MD5.C4E4244EC7DE87268BADAC2CB04DFE38] [WIS][19/09/2008] (.PostgreSQL Global Development Group – PostgreSQL.) — C:WindowsInstaller52482b.msi [24567808]
    ~ WIS: 183 Legitimates Filtered in 00mn 24s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Disabled 18/08/2011 819976 | (ABBYY.Licensing.FineReader.Professional.11.0) . (.ABBYY.) – C:Program FilesABBYY FineReader 11NetworkLicenseServer.exe
    SS – | Disabled 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) – C:Program FilesCommon FilesABBYYFineReaderSprint9.00LicensingNetworkLicenseServer.exe
    SS – | Disabled 01/09/2011 169624 | (AdobeActiveFileMonitor10.0) . (.Adobe Systems Incorporated.) – C:Program FilesAdobeElements 10 OrganizerPhotoshopElementsFileAgent.exe
    SS – | Disabled 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SS – | Disabled 03/10/2011 176128 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SS – | Disabled 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SS – | Disabled 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SS – | Disabled 30/09/2011 1437480 | (BytelMediaServer) . (…) – C:ProgramDatamedia center Bouygues TelecomMediaServer.exe
    SR – | Auto 06/09/2010 95568 | (dgdersvc) . (.Devguru Co., Ltd..) – C:Windowssystem32dgdersvc.exe
    SR – | Auto 19/12/2006 94208 | (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) – C:Program FilesCommon FilesEPSONEBAPIeEBSVC.exe
    SR – | Auto 07/11/2011 153600 | (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) – C:Program FilesCommon FilesEPSONEPW!3 SSRPE_S50ST7.exe
    SS – | Disabled 06/09/2010 217088 | (FsUsbExService) . (.Teruten.) – C:Windowssystem32FsUsbExService.exe
    SS – | Auto 10/04/2011 136176 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 10/04/2011 136176 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 11/06/2010 136120 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 16/08/2013 553288 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SS – | Disabled 08/06/2013 375120 | (LMIGuardianSvc) . (.LogMeIn, Inc..) – C:Program FilesLogMeInx86LMIGuardianSvc.exe
    SS – | Disabled 08/06/2013 202576 | (LMIMaint) . (.LogMeIn, Inc..) – C:Program FilesLogMeInx86RaMaint.exe
    SS – | Disabled 29/11/2012 390528 | (LogMeIn) . (.LogMeIn, Inc..) – C:Program FilesLogMeInx86LogMeIn.exe
    SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe
    SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe
    SS – | Demand 14/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Disabled 21/02/2011 66560 | (nlsX86cc) . (.Nalpeiron Ltd..) – C:Windowssystem32nlssrv32.exe
    SS – | Disabled 19/09/2008 65536 | (pgsql-8.3) . (.PostgreSQL Global Development Group.) – C:Program FilesPostgreSQL8.3binpg_ctl.exe
    SR – | Auto 12/12/2012 419536 | (Polar Daemon) . (…) – C:Program FilesPolarDaemonpolard.exe
    SS – | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe
    SS – | Disabled 22/04/2011 92592 | (TomTomHOMEService) . (.TomTom.) – C:Program FilesTomTom HOME 2TomTomHOMEService.exe
    SR – | Auto 15/12/2011 265624 | (WDDMService) . (.WDC.) – C:Program FilesWestern DigitalWD SmartWareWDDMService.exe
    SR – | Auto 06/09/2012 248248 | (WDDriveService) . (.Western Digital.) – C:Program FilesWestern DigitalWD Drive ManagerWDDriveService.exe
    SR – | Auto 15/12/2011 1591176 | (WDFMEService) . (.Western Digital.) – C:Program FilesWestern DigitalWD SmartWareWDFME.exe
    SR – | Auto 15/12/2011 1091992 | (WDRulesService) . (.Western Digital.) – C:Program FilesWestern DigitalWD SmartWareWDRulesEngine.exe
    SS – | Demand 20/09/2012 23040 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 25s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by vincent at 19/09/2013 08:52:42

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 12920 – (18/09/2013)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 0

    C:ProgramDataInstallMate =>Toolbar.Tarma
    ~ Additionnel Scan: 562916 Items scanned in 00mn 18s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma” onclick=”window.open(this.href);return false; =>Toolbar.Tarma
    ~ MSI: 1 link(s) detected in 00mn 18s

    ~ 2346 Legitimates filtered by white list
    End of the scan (585 lines in 04mn 16s)(10)[/spoiler:116cl3zx]
    :merci2:

  • Photo du profil de jlpjlpjlpjlp
    Participant
    Post count: 35

    bonjour

    encore des soucis avec ton pc?

    il faut éviter ceci:

    —\ Logiciels de partage PeerToPeer
    eMule
    FrostWire 5.2.3 v5.2.3.0

    et supprimer les cracks vecteurs d’infections:

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    F:archiveAdobe.Photoshop.Lightroom.v3.2.Multilingual.Incl.Keymaker-COREkeygen.exe
    F:jeuxNikSoft.Silver.Efex.1 – KopiaNik.Software.Silver.Efex.Pro.v1.0.Inclkeygen.exe
    F:PokerTracker.3.Holdem.v3.00.Beta.23.WinAll.Cracked-CRDcrackPokerTracker.exe
    F:PokerTracker.3.Holdem.v3.00.Beta.23.WinAll.Cracked-CRDcrd.exe
    F:PokerTracker.3.Holdem.v3.00.Beta.23.WinAll.Cracked-CRDsetupPT-Install-v3.00.b23.pgsql.exe
    F:retouche photoAdobe.Photoshop.Lightroom.v3.2.Multilingual.Incl.Keymaker-COREkeygen.exe
    G:Adobe.Creative.Suite.5.Master.Collection.Multilingual.ESD.ISO-COREkeygen.exe
    G:Adobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-COREkeygen.exe
    G:Allo.Adobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-COREAdobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-COREkeygen.exe
    J:Adobe_Photoshop_Lightroom_5.2Adobe Photoshop Lightroom 5.2Adobe Photoshop Lightroom 5.2 RCkeygen.exe

    mets à jour java et adobe reader (sans installer ask proposé notamment)
    http://www.java.com/fr/” onclick=”window.open(this.href);return false;
    http://www.adobe.com/fr/products/reader.html” onclick=”window.open(this.href);return false;

    je regarde le rapport et te dis la suite

  • Photo du profil de vinceluluvincelulu
    Participant
    Post count: 4

    Bonjour et merci jlpjlp,
    Je vais commencer par supprimer les keygens que tu m’a indiqué et les logiciels de p2p.
    J’avais bloquer la mise à jour de Java car elle me le demandait à chaque démarrage, dois-je quand même mettre à jour manuellement ce logiciel ?

  • Photo du profil de jlpjlpjlpjlp
    Participant
    Post count: 35

    oui il faut faire la mise à jour car de nombreuses infections utilisent les failles de java

  • Photo du profil de vinceluluvincelulu
    Participant
    Post count: 4

    Ok merci pour ton aide, j’ai mis à jour.
    Dois-je enlever des logiciels au démarrage ?

  • Photo du profil de jlpjlpjlpjlp
    Participant
    Post count: 35

    zut le message posté n’est pas passé…

    fais attention avec les jeux de pokers…

    pour le démarrage va dans recherche puis tape msconfig et dans l’onglet démarrrer tu peux en supprimer effectivement : par exemple quicktime, tomtom, garmin, zune, office, epson…

    Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l’écusson vert)
    Copie/colle les lignes en gras suivantes :




    C:ProgramDataInstallMate =>Toolbar.Tarma
    EmptyCLSID
    EmptyFlash
    EmptyTemp

    _____________________________________________

    * Lance ZHPFix à partir du raccourci sur ton Bureau (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit –> Exécuter en tant qu’administrateur)
    * Clique sur l’icone représentant le presse-papier (“coller le presse-papier”)
    e script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le (Ctrl+v)
    * Clique sur le bouton GO pour lancer le nettoyage
    * Copie/colle la totalité du rapport dans ta prochaine réponse.

  • Photo du profil de vinceluluvincelulu
    Participant
    Post count: 4

    Les logiciels de poker que j’utilise sont tous agrées par l’arjel donc normalement ça devrait le faire, non ?
    Voilà le rapport après suppression :
    [spoiler:enjohax0]Rapport de ZHPFix 2013.9.15.7 par Nicolas Coolman, Update du 15/09/2013
    Fichier d'export Registre :
    Run by vincent at 19/09/2013 17:38:11
    High Elevated Privileges : OK
    Windows 8 Business Edition, 32-bit (Build 9200)

    Corbeille vidée

    ========== Dossiers ==========
    SUPPRIMÉ: C:UsersvincentAppDataLocal{2E74537A-5618-40A6-BAEA-7C4054C356BA}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{35B42FF1-EE0B-47D6-AAA9-5C50E64A6DB8}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{3FB541D8-66E1-4A3F-B4CF-1AEF38CC0CE7}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{68C83BD0-731F-4713-ADCD-668BA15623C3}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{93908C27-F5A5-4161-9493-4E78E7E4E7F4}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{B2D30B53-ACDC-4626-9C95-B3AC7E660FC0}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{BE770B9D-8658-48C9-AE69-D07BE8124DBC}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{DD52CCBA-F6E6-4846-9760-43B185EEE2E8}
    SUPPRIMÉ: C:UsersvincentAppDataLocal{EE637F48-AD31-46E2-95EB-4C938A7840C6}
    SUPPRIME Flash Cookies
    SUPPRIME Temporaires Windows

    ========== Fichiers ==========
    SUPPRIME Flash Cookies
    SUPPRIME Temporaires Windows

    ========== Récapitulatif ==========
    11 : Dossiers
    2 : Fichiers

    End of clean in 00mn 10s

    ========== Chemin de fichier rapport ==========
    C:ZHPZHPFix[R1].txt – 19/09/2013 17:38:15 [1298][/spoiler:enjohax0]
    Voilà

  • Photo du profil de vinceluluvincelulu
    Participant
    Post count: 4

    Ah et j’avais déjà désactivé normalement les logiciels que tu m’as signalé au démarrage de windows par msconfig ( sauf epson). Est-ce normal qu’il apparaissent quand même dans le rapport. Je précise que j’ai Windows 8.

  • Photo du profil de jlpjlpjlpjlp
    Participant
    Post count: 35

    pour le poker cela devrait au niveau infectieux, c’est plutôt au niveau financier… : siffle

    encore des problèmes avec ton pc?

Le sujet ‘nettoyer mon pcc pour le retrouver comme neuf’ est fermé à de nouvelles réponses.