15 sujets de 1 à 15 (sur un total de 26)
  • Auteur
    Messages
  • cat167
    Participant
    Nombre d'articles : 16

    Bonsoir,

    j’ai de nouveau un virus qui transforme mes fichiers en raccourcis. C’est une occurrence reguliere (via l’ordi d’un copy shop), et d’habitude je reapplique la procedure que quelqu’un m’avait renseigne ici mais je me dis que les logiciels ont sans doute ete modifies.
    J’ai suivi les procedures preliminaires par contre je ne comprends pas comment utiliser cette “BB code spoiler”. Ou dois-je coller le rapport? j’ai essaye entre les deux crochets mais ca ne donne rien…

    Merci d’avance.

    Catherine :bye:

    [ Fichier : C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [2884 octets] – [06/07/2014 22:01:39]
    AdwCleaner[S0].txt – [2827 octets] – [06/07/2014 22:05:44]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [2887 octets] ##########
    ][/spoiler]

    billmaximebillmaxime
    Moderator
    Nombre d'articles : 1402

    :hello: cat167 et :welcome: , je vois que tu connais le site :) et que tu es déjà venu pour 1 désinfection ;)

    pour ton problème, fait ceci et poste le rapport s’il te plaît

    • Télécharge UsbFix (de El Desaparecido) sur ton Bureau !
    • Branche toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Choisis l’option Nettoyage

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse

    :merci2:

    cat167
    Participant
    Nombre d'articles : 16

    [spoiler:29m60ve0]Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: Quanta (30CF)
    CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-58
    GC: NVIDIA GeForce 7150M / nForce 630M
    RAM -> [Total : 1982 Mo | Free : 595 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft™ Windows Vista (TM) Home Premium (6.0.6002 32-Bit) Service Pack 2
    WB: Internet Explorer : 9.00.8112.16421
    WB: Google Chrome : 35.0.1916.153
    WB: Mozilla Firefox : 1.9.0.17

    ################## | Security Information |

    AV: avast! Antivirus [(!) Désactivé |(!) Non à jour]
    AS: Windows Defender [Actif |A jour]
    AS: avast! Antivirus [(!) Désactivé |(!) Non à jour]
    AS: Malwarebytes Anti-Malware : 1.0.0.532
    FW: Windows Firewall [(!) Désactivé]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 136 Go (45 Go libre(s) – 33%) [] # NTFS
    D: -> Disque fixe # 13 Go (7 Go libre(s) – 58%) [PRESARIO_RP] # NTFS
    E: -> CD-ROM # 185 Mo (0 Mo libre(s) – 0%) [eHWF60] # CDFS
    F: -> CD-ROM # 6 Mo (0 Mo libre(s) – 0%) [U3 System] # CDFS
    G: -> Disque amovible # 7 Go (4 Go libre(s) – 49%) [] # FAT32

    ################## | Processus Stoppés |

    C:WINDOWSSystem32nvvsvc.exe (ID: 968|ParentID: 688)
    C:WINDOWSSystem32SLsvc.exe (ID: 1340|ParentID: 688)
    C:WINDOWSSystem32rundll32.exe (ID: 1448|ParentID: 968|SYSTEM)
    C:WINDOWSexplorer.exe (ID: 1904|ParentID: 1832|Vista)
    C:WINDOWSSystem32spoolsv.exe (ID: 396|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32taskeng.exe (ID: 468|ParentID: 1200|SYSTEM)
    C:WINDOWSSystem32taskeng.exe (ID: 832|ParentID: 1200|Vista)
    C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe (ID: 2060|ParentID: 688|SYSTEM)
    C:Program FilesBonjourmDNSResponder.exe (ID: 2092|ParentID: 688|SYSTEM)
    C:Program FilesJuniper NetworksCommon FilesdsNcService.exe (ID: 2280|ParentID: 688|SYSTEM)
    C:Program FilesCommon FilesLightScribeLSSrvc.exe (ID: 2384|ParentID: 688|SYSTEM)
    C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe (ID: 2420|ParentID: 688|SYSTEM)
    C:Program FilesMalwarebytes Anti-Malwarembam.exe (ID: 2532|ParentID: 2420|Vista)
    C:Program FilesCommon Filesmicrosoft sharedVS7DEBUGmdm.exe (ID: 2612|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32PnkBstrA.exe (ID: 2660|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32SearchIndexer.exe (ID: 2884|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32driversXAudio.exe (ID: 3000|ParentID: 688|SYSTEM)
    C:Program FilesHewlett-PackardSharedhpqwmiex.exe (ID: 3028|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32WUDFHost.exe (ID: 3180|ParentID: 1184|SERVICE LOCAL)
    C:Program FilesWindows DefenderMSASCui.exe (ID: 3612|ParentID: 1904|Vista)
    C:Program FilesHPQuickPlayQPService.exe (ID: 3628|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe (ID: 3664|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 3692|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe (ID: 3700|ParentID: 1904|Vista)
    C:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe (ID: 3716|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardSharedHpqToaster.exe (ID: 4072|ParentID: 892|Vista)
    C:Program FilesCommon FilesRealUpdate_OBrealsched.exe (ID: 3112|ParentID: 1904|Vista)
    C:Program FilesWinampwinampa.exe (ID: 1980|ParentID: 1904|Vista)
    C:WINDOWSSystem32rundll32.exe (ID: 3728|ParentID: 1904|Vista)
    C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 4104|ParentID: 1904|Vista)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 4232|ParentID: 1904|Vista)
    C:WINDOWSehomeehtray.exe (ID: 4408|ParentID: 1904|Vista)
    C:Program FilesCurseCurseClient.exe (ID: 5124|ParentID: 1904|Vista)
    C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID: 5272|ParentID: 1904|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe (ID: 5620|ParentID: 1904|Vista)
    C:UsersVistaAppDataRoamingSpotifyspotify.exe (ID: 5732|ParentID: 1904|Vista)
    C:Program FilesWindows Media Playerwmplayer.exe (ID: 6064|ParentID: 3956|Vista)
    C:WINDOWSehomeehmsas.exe (ID: 6092|ParentID: 892|Vista)
    C:Program FilesSkypePhoneSkype.exe (ID: 3148|ParentID: 1904|Vista)
    C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe (ID: 4544|ParentID: 688|SYSTEM)
    C:UsersVistaAppDataRoamingDropboxbinDropbox.exe (ID: 4744|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Health CheckHPHC_Service.exe (ID: 4148|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32wbemunsecapp.exe (ID: 4224|ParentID: 892|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 4552|ParentID: 5732|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 5412|ParentID: 5732|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 4880|ParentID: 5732|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 2244|ParentID: 5732|Vista)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5336|ParentID: 1904|Vista)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 6824|ParentID: 5336|Vista)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 6884|ParentID: 5336|Vista)

    ################## | Autorun |

    G:photos identite cath.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:BOOTEX.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:LaunchU3.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:affiche angus.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Documents.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:DEUTSCH divers non-uni.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:System.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Autorun.inf.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Zeta.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:anti dolphin protest.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:SPC_504406.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:lit 2.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Scotland at best.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:System Volume Information.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:lit 1.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:affichette.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:photo chatte.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:RECYCLER.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:RESTORE.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:GERMANIQUE USB BIS.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:ANGLAIS divers non-uni.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)

    ################## | Recherche générique |

    Supprimé! G:Berzerk.vbe[/spoiler:29m60ve0]

    cat167
    Participant
    Nombre d'articles : 16

    Bonjour! voila…c’est fait :-) :D

    cat167
    Participant
    Nombre d'articles : 16

    Bonjour,

    je pense que tu devrais creer un nouveau sujet pour ton probleme, je pense que ca serait beaucoup plus facile a gerer pour les admins…

    Catherine

    billmaximebillmaxime
    Moderator
    Nombre d'articles : 1402

    re cat167,

    le rapport n’est pas complet, tu peux le poster via 1 copier/coller si tu veux

    :merci2:

    cat167
    Participant
    Nombre d'articles : 16

    Voila, cette fois j’espere que c’est bon. Desolee d’avoir oublie un morceau!

    [spoiler:1a551ue5]############################## | UsbFix V 7.173 | [Nettoyage]

    Utilisateur: Vista (Administrateur) # PC-DE-VISTA
    Mis à jour le 04/07/2014 par El Desaparecido – SosVirus
    Lancé à 11:18:16 | 07/07/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: Quanta (30CF)
    CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-58
    GC: NVIDIA GeForce 7150M / nForce 630M
    RAM -> [Total : 1982 Mo | Free : 595 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft™ Windows Vista (TM) Home Premium (6.0.6002 32-Bit) Service Pack 2
    WB: Internet Explorer : 9.00.8112.16421
    WB: Google Chrome : 35.0.1916.153
    WB: Mozilla Firefox : 1.9.0.17

    ################## | Security Information |

    AV: avast! Antivirus [(!) Désactivé |(!) Non à jour]
    AS: Windows Defender [Actif |A jour]
    AS: avast! Antivirus [(!) Désactivé |(!) Non à jour]
    AS: Malwarebytes Anti-Malware : 1.0.0.532
    FW: Windows Firewall [(!) Désactivé]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 136 Go (45 Go libre(s) – 33%) [] # NTFS
    D: -> Disque fixe # 13 Go (7 Go libre(s) – 58%) [PRESARIO_RP] # NTFS
    E: -> CD-ROM # 185 Mo (0 Mo libre(s) – 0%) [eHWF60] # CDFS
    F: -> CD-ROM # 6 Mo (0 Mo libre(s) – 0%) [U3 System] # CDFS
    G: -> Disque amovible # 7 Go (4 Go libre(s) – 49%) [] # FAT32

    ################## | Processus Stoppés |

    C:WINDOWSSystem32nvvsvc.exe (ID: 968|ParentID: 688)
    C:WINDOWSSystem32SLsvc.exe (ID: 1340|ParentID: 688)
    C:WINDOWSSystem32rundll32.exe (ID: 1448|ParentID: 968|SYSTEM)
    C:WINDOWSexplorer.exe (ID: 1904|ParentID: 1832|Vista)
    C:WINDOWSSystem32spoolsv.exe (ID: 396|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32taskeng.exe (ID: 468|ParentID: 1200|SYSTEM)
    C:WINDOWSSystem32taskeng.exe (ID: 832|ParentID: 1200|Vista)
    C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe (ID: 2060|ParentID: 688|SYSTEM)
    C:Program FilesBonjourmDNSResponder.exe (ID: 2092|ParentID: 688|SYSTEM)
    C:Program FilesJuniper NetworksCommon FilesdsNcService.exe (ID: 2280|ParentID: 688|SYSTEM)
    C:Program FilesCommon FilesLightScribeLSSrvc.exe (ID: 2384|ParentID: 688|SYSTEM)
    C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe (ID: 2420|ParentID: 688|SYSTEM)
    C:Program FilesMalwarebytes Anti-Malwarembam.exe (ID: 2532|ParentID: 2420|Vista)
    C:Program FilesCommon Filesmicrosoft sharedVS7DEBUGmdm.exe (ID: 2612|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32PnkBstrA.exe (ID: 2660|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32SearchIndexer.exe (ID: 2884|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32driversXAudio.exe (ID: 3000|ParentID: 688|SYSTEM)
    C:Program FilesHewlett-PackardSharedhpqwmiex.exe (ID: 3028|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32WUDFHost.exe (ID: 3180|ParentID: 1184|SERVICE LOCAL)
    C:Program FilesWindows DefenderMSASCui.exe (ID: 3612|ParentID: 1904|Vista)
    C:Program FilesHPQuickPlayQPService.exe (ID: 3628|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe (ID: 3664|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 3692|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe (ID: 3700|ParentID: 1904|Vista)
    C:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe (ID: 3716|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardSharedHpqToaster.exe (ID: 4072|ParentID: 892|Vista)
    C:Program FilesCommon FilesRealUpdate_OBrealsched.exe (ID: 3112|ParentID: 1904|Vista)
    C:Program FilesWinampwinampa.exe (ID: 1980|ParentID: 1904|Vista)
    C:WINDOWSSystem32rundll32.exe (ID: 3728|ParentID: 1904|Vista)
    C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 4104|ParentID: 1904|Vista)
    C:Program FilesWindows Sidebarsidebar.exe (ID: 4232|ParentID: 1904|Vista)
    C:WINDOWSehomeehtray.exe (ID: 4408|ParentID: 1904|Vista)
    C:Program FilesCurseCurseClient.exe (ID: 5124|ParentID: 1904|Vista)
    C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (ID: 5272|ParentID: 1904|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe (ID: 5620|ParentID: 1904|Vista)
    C:UsersVistaAppDataRoamingSpotifyspotify.exe (ID: 5732|ParentID: 1904|Vista)
    C:Program FilesWindows Media Playerwmplayer.exe (ID: 6064|ParentID: 3956|Vista)
    C:WINDOWSehomeehmsas.exe (ID: 6092|ParentID: 892|Vista)
    C:Program FilesSkypePhoneSkype.exe (ID: 3148|ParentID: 1904|Vista)
    C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe (ID: 4544|ParentID: 688|SYSTEM)
    C:UsersVistaAppDataRoamingDropboxbinDropbox.exe (ID: 4744|ParentID: 1904|Vista)
    C:Program FilesHewlett-PackardHP Health CheckHPHC_Service.exe (ID: 4148|ParentID: 688|SYSTEM)
    C:WINDOWSSystem32wbemunsecapp.exe (ID: 4224|ParentID: 892|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 4552|ParentID: 5732|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 5412|ParentID: 5732|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 4880|ParentID: 5732|Vista)
    C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe (ID: 2244|ParentID: 5732|Vista)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5336|ParentID: 1904|Vista)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 6824|ParentID: 5336|Vista)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 6884|ParentID: 5336|Vista)

    ################## | Autorun |

    G:photos identite cath.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:BOOTEX.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:LaunchU3.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:affiche angus.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Documents.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:DEUTSCH divers non-uni.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:System.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Autorun.inf.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Zeta.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:anti dolphin protest.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:SPC_504406.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:lit 2.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:Scotland at best.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:System Volume Information.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:lit 1.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:affichette.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:photo chatte.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:RECYCLER.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:RESTORE.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:GERMANIQUE USB BIS.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)
    G:ANGLAIS divers non-uni.lnk -> G:Berzerk.vbe – (SHA1: 248FF7E518710FD2BE101A10CEC200AB40609167)

    ################## | Recherche générique |

    Supprimé! G:Berzerk.vbe
    Supprimé! G:BOOTEX.lnk
    Supprimé! G:LaunchU3.lnk
    Supprimé! G:photos identite cath.lnk
    Supprimé! G:photo chatte.lnk
    Supprimé! G:Scotland at best.lnk
    Supprimé! G:affichette.lnk
    Supprimé! G:lit 1.lnk
    Supprimé! G:lit 2.lnk
    Supprimé! G:SPC_504406.lnk
    Supprimé! G:anti dolphin protest.lnk
    Supprimé! G:affiche angus.lnk
    Supprimé! G:Documents.lnk
    Supprimé! G:System.lnk
    Supprimé! G:Autorun.inf.lnk
    Supprimé! G:DEUTSCH divers non-uni.lnk
    Supprimé! G:Zeta.lnk
    Supprimé! G:System Volume Information.lnk
    Supprimé! G:ANGLAIS divers non-uni.lnk
    Supprimé! G:GERMANIQUE USB BIS.lnk
    Supprimé! G:RECYCLER.lnk
    Supprimé! G:RESTORE.lnk

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] Explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32Userinit.exe,
    04 – HKCU..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKCU..Run : [ehTray.exe] C:WindowsehomeehTray.exe
    04 – HKCU..Run : [msnmsgr] “C:Program FilesMSN Messengermsnmsgr.exe” /background
    04 – HKCU..Run : [CurseClient] C:Program FilesCurseCurseClient.exe -silent
    04 – HKCU..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKCU..Run : [Spotify Web Helper] “C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKCU..Run : [Spotify] “C:UsersVistaAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKLM..Run : [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
    04 – HKLM..Run : [QPService] “C:Program FilesHPQuickPlayQPService.exe”
    04 – HKLM..Run : [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
    04 – HKLM..Run : [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    04 – HKLM..Run : [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe
    04 – HKLM..Run : [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe
    04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program FilesAdobeReader 9.0ReaderReader_sl.exe”
    04 – HKLM..Run : [Acrobat Assistant 8.0] “C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe”
    04 – HKLM..Run : [Adobe_ID0EYTHM] C:PROGRA~1COMMON~1AdobeADOBEV~1ServerbinVERSIO~2.EXE
    04 – HKLM..Run : [TkBellExe] “C:Program FilesCommon FilesRealUpdate_OBrealsched.exe” -osboot
    04 – HKLM..Run : [WinampAgent] “C:Program FilesWinampwinampa.exe”
    04 – HKLM..Run : [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
    04 – HKLM..Run : [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – HKLM..Run : [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [QuickTime Task] “C:Program FilesQuickTimeQTTask.exe” -atboottime
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    04 – HKLM..RunOnce : [Launcher] %WINDIR%SMINSTlauncher.exe
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-19..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-20..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [ehTray.exe] C:WindowsehomeehTray.exe
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [msnmsgr] “C:Program FilesMSN Messengermsnmsgr.exe” /background
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [CurseClient] C:Program FilesCurseCurseClient.exe -silent
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [Spotify Web Helper] “C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [Spotify] “C:UsersVistaAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [ehTray.exe] C:WindowsehomeehTray.exe
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [msnmsgr] “C:Program FilesMSN Messengermsnmsgr.exe” /background
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [CurseClient] C:Program FilesCurseCurseClient.exe -silent
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Spotify Web Helper] “C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Spotify] “C:UsersVistaAppDataRoamingSpotifyspotify.exe” /uri spotify:autostart
    04 – HKUS-1-5-21-460120755-3036941430-2461728175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [30/10/2013 – 23:56:48 | C | 2 Ko] – C:DelFix.txt
    [18/11/2013 – 22:46:20 | C | 11 Ko] – C:UsbFix [Scan 1] PC-DE-VISTA.txt
    [18/11/2013 – 22:59:12 | C | 12 Ko] – C:UsbFix [Clean 2] PC-DE-VISTA.txt
    [13/01/2014 – 21:32:51 | C | 10 Ko] – C:UsbFix [Scan 2] PC-DE-VISTA.txt
    [13/01/2014 – 21:45:05 | C | 11 Ko] – C:UsbFix [Clean 4] PC-DE-VISTA.txt
    [29/04/2014 – 00:59:05 | C | 12 Ko] – C:UsbFix [Scan 3] PC-DE-VISTA.txt
    [29/04/2014 – 01:09:35 | C | 12 Ko] – C:UsbFix [Clean 5] PC-DE-VISTA.txt
    [18/09/2006 – 23:43:37 | C | 0 Ko] – C:config.sys
    [24/11/2009 – 17:30:20 | C | 0 Ko] – C:MSDOS.SYS
    [24/11/2009 – 17:30:20 | C | 0 Ko] – C:IO.SYS
    [07/07/2014 – 10:42:00 | ASH | 2336948 Ko] – C:pagefile.sys
    [18/01/2008 – 06:41:20 | C | 0 Ko] – C:sqmnoopt00.sqm
    [18/01/2008 – 06:41:20 | C | 0 Ko] – C:sqmdata00.sqm
    [03/05/2008 – 23:06:53 | D] – C:System.sav
    [21/08/2008 – 11:09:43 | SHDC] – C:$RECYCLE.BIN
    [06/07/2014 – 23:32:36 | C | 1 Ko] – C:PhysicalDisk0_MBR.bin
    [24/11/2009 – 17:32:35 | C | 0 Ko] – C:AUTOEXEC.BAT
    [24/11/2009 – 17:30:26 | C | 0 Ko] – C:AUTOEXEC.ARM
    [30/03/2007 – 13:06:52 | D] – C:MCPP
    [18/01/2008 – 06:20:33 | D] – C:HP
    [03/05/2008 – 23:01:49 | SHD] – C:Documents and Settings
    [21/08/2008 – 11:10:38 | D] – C:Temp
    [21/08/2008 – 11:34:24 | D] – C:Users
    [02/09/2008 – 22:58:50 | D] – C:SwSetup
    [11/09/2008 – 11:57:34 | RD] – C:MSOCache
    [03/10/2008 – 18:45:27 | D] – C:PerfLogs
    [11/04/2009 – 08:36:36 | RAS | 325 Ko] – C:bootmgr
    [23/07/2012 – 00:22:09 | SDC] – C:boot
    [05/05/2014 – 00:29:56 | D] – C:WINDOWS
    [01/07/2014 – 17:31:53 | SHD] – C:System Volume Information
    [06/07/2014 – 22:06:49 | DC] – C:AdwCleaner
    [06/07/2014 – 22:24:24 | D] – C:ProgramData
    [06/07/2014 – 23:10:24 | D] – C:Program Files
    [07/07/2014 – 11:16:49 | DC] – C:UsbFix

    ################## | D: – Disque Fixe (NTFS) |

    [03/05/2008 – 23:04:51 | N | 0 Ko] – D:BLOCK.RIN
    [18/01/2008 – 06:40:55 | N | 1 Ko] – D:MASTER.LOG
    [10/09/2002 – 18:14:28 | N | 8 Ko] – D:Folder.htt
    [29/01/2007 – 18:56:20 | N | 107 Ko] – D:protect.ed
    [21/08/2008 – 11:09:43 | SHD] – D:$RECYCLE.BIN
    [11/09/2005 – 17:18:54 | N | 0 Ko] – D:AUTOMODE
    [04/10/2006 – 01:02:44 | N | 428 Ko] – D:bootmgr
    [18/01/2008 – 06:41:12 | N | 0 Ko] – D:USER
    [03/05/2008 – 22:32:57 | N | 0 Ko] – D:DRECOVERY
    [03/05/2008 – 22:46:49 | D] – D:boot
    [03/05/2008 – 22:46:49 | D] – D:HP
    [03/05/2008 – 22:46:49 | D] – D:preload
    [03/05/2008 – 22:46:49 | D] – D:SOURCES
    [03/05/2008 – 22:46:49 | SHD] – D:System Volume Information
    [03/05/2008 – 22:46:49 | D] – D:Tools
    [03/05/2008 – 22:46:49 | D] – D:RECOVERY
    [03/05/2008 – 22:46:49 | D] – D:WINDOWS

    ################## | G: – Disque USB (FAT32) |

    [12/10/2010 – 18:45:20 | N | 0 Ko] – G:Scotland at best.pptx
    [26/03/2014 – 14:59:42 | N | 3 Ko] – G:BOOTEX.LOG
    [05/11/2013 – 21:59:04 | N | 54 Ko] – G:lit 1.jpg
    [05/11/2013 – 22:00:20 | N | 50 Ko] – G:lit 2.jpg
    [18/03/2014 – 15:01:14 | N | 156 Ko] – G:photo chatte.jpg
    [23/10/2007 – 09:45:40 | N | 1305 Ko | VirusTotal – (0/54)] – G:LaunchU3.exe
    [01/02/2013 – 10:47:48 | N | 9117 Ko] – G:photos identite cath.doc
    [09/05/2013 – 23:59:34 | N | 226 Ko] – G:anti dolphin protest.doc
    [24/03/2014 – 17:06:26 | N | 180 Ko] – G:affichette.doc
    [30/04/2014 – 01:19:04 | N | 99 Ko] – G:SPC_504406.doc
    [23/05/2014 – 23:08:08 | N | 197 Ko] – G:affiche angus.doc
    [31/12/2007 – 10:27:26 | SHD] – G:System
    [31/12/2007 – 10:27:26 | D] – G:Documents
    [04/01/2010 – 16:37:30 | SHD] – G:RECYCLER
    [04/01/2010 – 16:37:34 | SHD] – G:RESTORE
    [12/10/2010 – 22:56:12 | D] – G:DEUTSCH divers non-uni
    [20/09/2012 – 15:11:48 | D] – G:ANGLAIS divers non-uni
    [09/10/2013 – 09:38:42 | D] – G:GERMANIQUE USB BIS
    [14/11/2013 – 12:20:36 | D] – G:Zeta
    [17/04/2014 – 17:14:08 | SHD] – G:System Volume Information

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |[/spoiler:1a551ue5]

    cat167
    Participant
    Nombre d'articles : 16

    Sinon voici les rapports de mes actions preliminaires de hier soir…

    Malwarebytes …
    [spoiler:vof68nik]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Scan Date: 06/07/2014
    Scan Time: 22:26:37
    Logfile: malw am report.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.06.07
    Rootkit Database: v2014.07.03.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows Vista Service Pack 2
    CPU: x86
    File System: NTFS
    User: Vista

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 279898
    Time Elapsed: 26 min, 58 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.Installex, C:UsersVistaDownloadsDownload (1).exe, Quarantined, [232c009cabd0043226d6a269ca3746ba],
    PUP.Optional.Installex, C:UsersVistaDownloadsDownload.exe, Quarantined, [3d120399e5964aecaf4dd5369b6637c9],

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:vof68nik]

    [spoiler:vof68nik]# AdwCleaner v3.214 – Rapport créé le 06/07/2014 à 22:05:44
    # Mis à jour le 29/06/2014 par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Nom d'utilisateur : Vista – PC-DE-VISTA
    # Exécuté depuis : C:UsersVistaDownloadsadwcleaner_3.214.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Fichier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
    Clé Supprimée : HKLMSOFTWAREClassesS
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{13086CD4-88B6-45E3-9182-3BC2664199F7}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{731D436C-464C-4F29-BFB2-DE9C458535AE}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEF00686-CAB8-4885-9CCB-78FF483041AA}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16555

    -\ Mozilla Firefox v3.0.17 (fr)

    [ Fichier : C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js ]

    -\ Google Chrome v35.0.1916.153

    [ Fichier : C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [2884 octets] – [06/07/2014 22:01:39]
    AdwCleaner[S0].txt – [2827 octets] – [06/07/2014 22:05:44]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [2887 octets] ##########[/spoiler:vof68nik]

    [spoiler:vof68nik]~ Rapport de ZHPDiag v2014.6.25.98 – Nicolas Coolman (25/06/2014)
    ~ Lancé par Vista (06/07/2014 23:22:42)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Nouvelle version disponible
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox v3.0.17 (fr)
    GCIE: Google Chrome v35.0.1916.153 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : WQD8Q
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v9.0.2018
    Malwarebytes Anti-Malware version 2.0.2.1012

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 14 Plugin
    Adobe Reader 9 – Français
    Java 7 Update 60

    —\ Informations sur le système
    ~ Processor: x86 Family 15 Model 104 Stepping 1, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1982 MB (24% free)
    System Restore: Activé (Enable)
    System drive C: has 45 GB (32%) free of 136 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-DE-VISTA
    ~ User Name: Vista
    ~ All Users Names: Vista, ASPNET, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersVistaAppDataRoamingZHP
    ~ %AppData% : C:UsersVistaAppDataRoaming
    ~ %Desktop% : C:UsersVistaDesktop
    ~ %Favorites% : C:UsersVistaFavorites
    ~ %LocalAppData% : C:UsersVistaAppDataLocal
    ~ %StartMenu% : C:UsersVistaAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:WINDOWS
    ~ %System% : C:WINDOWSSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 136 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 7 Go of 13 Go)
    E: CD-ROM drive (Free 0 Go of 0 Go)
    F: CD-ROM drive (Free 0 Go of 0 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 47 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WINDOWSExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.19/01/2008 – 08:33:37.) — C:WINDOWSSystem32Wininit.exe [96768]
    [MD5.CFD26829131439B71D0109F9D5345573] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.28/05/2014 – 17:32:59.) — C:WINDOWSSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d'ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WINDOWSSystem32Winlogon.exe [314368]
    [MD5.3911B972B55FEA0478476B2E777B29FA] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.21/04/2011 – 14:58:27.) — C:WINDOWSsystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:WINDOWSsystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.19/01/2008 – 06:28:02.) — C:WINDOWSsystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:WINDOWSsystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:WINDOWSsystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:WINDOWSsystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.19/01/2008 – 06:49:18.) — C:WINDOWSsystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.19/01/2008 – 06:56:28.) — C:WINDOWSsystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:WINDOWSsystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:WINDOWSsystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:WINDOWSsystem32Driversntfs.sys [1082232]
    [MD5.0FA9B5055484649D63C303FE404E5F4D] – (.Microsoft Corporation – Pilote de port parallèle.) (.02/11/2006 – 09:51:30.) — C:WINDOWSsystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.19/01/2008 – 06:56:34.) — C:WINDOWSsystem32DriversRasl2tp.sys [76288]
    [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.02/11/2006 – 10:03:00.) — C:WINDOWSsystem32Driversrdpdr.sys [242688]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:WINDOWSsystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:WINDOWSsystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:WINDOWSsystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4318
    ~ Mes musiques (My Musics) : 1/3452
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 1/23
    ~ Mes Documents (My Documents) : 1/154
    ~ Mon Bureau (My Desktop) : 15/225
    ~ Menu demarrer (Programs) : 1/29
    ~ Hidden Files: Scanned in 00mn 05s

    —\ Processus lancés
    [MD5.4FBC630768570E6AC35C3DE8F6EC79F5] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembam.exe [6970168] [PID.2964]
    [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] – (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe [1008184] [PID.3628]
    [MD5.041AF1711BF3D6BFF12FD9D28F0AC303] – (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe [176128] [PID.3636]
    [MD5.A04BE1DBBA0E554B2F33555CCBA5F969] – (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe [159744] [PID.3660]
    [MD5.AF849798ECA383184C88ED436CF3EFB2] – (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe [472776] [PID.3692]
    [MD5.F533507FE318B46629E84DF630A316F8] – (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe [317128] [PID.3700]
    [MD5.4D042B1F1375CF371AFBE0E0276BA627] – (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe [624248] [PID.3748]
    [MD5.89D583FC41D48328128A974C25AFAEB7] – (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [185896] [PID.3832]
    [MD5.8465733657D188C6DD509A222B55B9CF] – (…) — C:Program FilesWinampwinampa.exe [37376] [PID.3840]
    [MD5.4B555106290BD117334E9A08761C035A] – (…) — ystem32rundll32.exe [0] [PID.1488]
    [MD5.2218928CF528D7BC295B1B4C69E9846C] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [3890208] [PID.3884]
    [MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [256896] [PID.3908]
    [MD5.BF08674925F151BD4537B89A493E3E0C] – (.Microsoft Corporation – Media Center Tray Applet.) — C:WINDOWSehomeehtray.exe [125952] [PID.3924]
    [MD5.6809CE70D9679E208D13210DFFD50362] – (…) — C:Program FilesCurseCurseClient.exe [4789760] [PID.3940]
    [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] – (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [39408] [PID.3948]
    [MD5.25D88E97B23FD208C07FA65C6A870E0B] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1176632] [PID.3956]
    [MD5.3E9C9E7AA2B89CC59F37A80BDDE85121] – (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe [6189624] [PID.3980]
    [MD5.D653D895588DF213CA85164FB6901576] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20924576] [PID.3996]
    [MD5.CCCDC7B64CFF96C977B0FADC24434628] – (.Dropbox, Inc. – Dropbox.) — C:UsersVistaAppDataRoamingDropboxbinDropbox.exe [33322312] [PID.1376]
    [MD5.0F4195B9B348DE5CF9B822F81704B20E] – (.Microsoft Corporation – Media Center Media Status Aggregator Servic.) — C:Windowsehomeehmsas.exe [37376] [PID.3408]
    [MD5.241B74792CC295DFDCB7940BBF52B226] – (.Pas de propriétaire – HpqToaster Module.) — C:Program FilesHewlett-PackardSharedHpqToaster.exe [677576] [PID.4936]
    [MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] – (.Microsoft Corporation – Windows Media Player.) — C:Program FilesWindows Media Playerwmplayer.exe [168960] [PID.4640]
    [MD5.62BF806E38150D8179296D9A81C5CF6D] – (…) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe [598072] [PID.5932]
    [MD5.A5FCD42334CCC682DA1882A54338686C] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [860488] [PID.5308]
    [MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.5376]
    [MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8071680] [PID.532]
    [MD5.CF672C71844A3B407EB86042829BCE09] – (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 177.1.) — C:Windowssystem32nvvsvc.exe [203296] [PID.988]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1356]
    [MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1816]
    [MD5.F293992F9CEEF6EA00CE52C3094E59E9] – (.Apple Inc. – Apple Mobile Device Service.) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [116040] [PID.1912]
    [MD5.3F56903E124E820AEECE6D471583C6C1] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [238888] [PID.1112]
    [MD5.84F483BB929D4C6A9997978ACF4EE463] – (.Juniper Networks – Network Connect Service.) — C:Program FilesJuniper NetworksCommon FilesdsNcService.exe [688240] [PID.904]
    [MD5.559C9B7800FAC92FC515CD0003D7C631] – (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLSSrvc.exe [61440] [PID.1780]
    [MD5.D84AEA3F3329D622DFC1297DDDF6163B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe [1809720] [PID.920]
    [MD5.4F45ED469906494F9BF754E476390DBD] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamservice.exe [860472] [PID.2200]
    [MD5.7CF1B716372B89568AE4C0FE769F5869] – (.Microsoft Corporation – Machine Debug Manager.) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [335872] [PID.2304]
    [MD5.A1DD33D16F277CE34124EE52AB2C0F14] – (…) — C:Windowssystem32PnkBstrA.exe [75064] [PID.2344]
    [MD5.15A317674A08DF26BE65164D959E9203] – (.Conexant Systems, Inc. – Modem Audio Service.) — C:Windowssystem32DRIVERSxaudio.exe [386560] [PID.2812]
    [MD5.04C1DCBB226C6AE647B794833CE3CEB6] – (.Hewlett-Packard Development Company, L.P. – hpqwmiex Module.) — C:Program FilesHewlett-PackardSharedhpqwmiex.exe [135168] [PID.2824]
    [MD5.227846995AFEEFA70D328BF5334A86A5] – (.Macrovision Europe Ltd. – Activation Licensing Service.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [654848] [PID.4960]
    [MD5.2CEEB349216FEBD91A907013D4ABCFF7] – (.Hewlett-Packard – HP Health Check Service.) — C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [62984] [PID.5764]
    ~ Processes Running: Scanned in 00mn 03s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [gmekamlpkbcegncocdmhnoogddkeekgn] cats v.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 17 Legitimates Filtered in 00mn 51s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js
    M2 – MFEP: prefs.js [Vista – xi383v70.defaultbattlefieldheroespatcher@ea.com] [] Battlefield Heroes Updater v4.0.27.0 (..)
    P2 – FPN:Firefox Plugin Navigator . (.CNN – NPTURNMED.) — C:Program FilesMozilla FirefoxPluginsNPTURNMED.dll
    ~ Firefox Browser: 44 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
    F2 – REG:system.ini: Shell=C:WINDOWSexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Adobe PDF – [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
    O3 – Toolbar: Contribute Toolbar – [HKLM]{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. – Contribute IE Plugin.) — C:Program FilesAdobe\Adobe Contribute CS3contributeieplugin.dll
    O3 – Toolbar: EndNote Capture – [HKLM]{945C8270-A848-11D5-A805-00B0D092F45B} . (.Thomson Reuters – EndNote 3.8.1.) — C:Program FilesEndNote Plug-InsENWIEPlug.dll
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [Windows Defender] . (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe
    O4 – HKLM..Run: [QPService] . (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe
    O4 – HKLM..Run: [QlbCtrl] . (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
    O4 – HKLM..Run: [HP Health Check Scheduler] . (.Hewlett-Packard – HP Health Check Scheduler.) — C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    O4 – HKLM..Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    O4 – HKLM..Run: [WAWifiMessage] . (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe
    O4 – HKLM..Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
    O4 – HKLM..Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
    O4 – HKLM..Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated – Adobe Version Cue CS3.) — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3Tray.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [TkBellExe] . (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe =>.RealNetworks, Inc
    O4 – HKLM..Run: [WinampAgent] . (…) — C:Program FilesWinampwinampa.exe
    O4 – HKLM..Run: [NvCplDaemon] . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:Windowssystem32NvCpl.dll =>.NVIDIA Corporation
    O4 – HKLM..Run: [NvMediaCenter] . (.NVIDIA Corporation – NVIDIA Media Center Library.) — C:Windowssystem32NvMcTray.dll
    O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O4 – HKLM..Run: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..RunOnce: [Launcher] . (.soft thinks – Launcher.) — C:WINDOWSSMINSTlauncher.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKCU..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
    O4 – HKCU..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: Console Java (Sun) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — Clé orpheline
    O9 – Extra button: Recherche – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOFFICE11REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 – DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} ((no name)) – https://juniper.net/dana-cached/sc/JuniperSetupClient.cab” onclick=”window.open(this.href);return false;
    ~ Objets ActiveX: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{7FD84EC9-A46E-4A64-967B-16021021820F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:Windowssystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml – {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l'interface utilisateur du.) — C:WINDOWSSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Desktop General: BackupWallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
    O24 – Desktop General: WallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
    ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT: – (..) — C:WINDOWSSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineCore [1052]
    O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineUA [1056]
    ~ Scheduled Task: 16 Legitimates Filtered in 00mn 08s

    —\ Logiciels installés (O42)
    O42 – Logiciel: TBS WMP Plug-in – (.CNN.) [HKLM] — InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}
    O42 – Logiciel: e-Wörterbücher – (…) [HKLM] — {4737AD9F-13AA-4E4C-B86F-B631D557F6A7}
    ~ Logic: 23 Legitimates Filtered in 00mn 02s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareCD-MP3-Ripper]
    [HKCUSoftwarePopup Woerterbuch EWB]
    [HKLMSoftwarePopup Woerterbuch EWB]
    [HKLMSoftwareWAR]
    ~ Key Software: 331 Legitimates Filtered in 00mn 02s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 20/09/2012 – 16:10:19 – [] —-D C:ProgramDataLKG
    O43 – CFD: 15/09/2008 – 17:13:56 – [] —-D C:ProgramData{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    O43 – CFD: 04/11/2013 – 21:28:41 – [] —-D C:UsersVistaAppDataRoamingcge
    ~ Program Folder: 190 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] – 06/07/2014 – 21:03:53 —A- . (.SQLite Development Team – SQLite Dynamic Link Library (No TCL).) — C:WINDOWSSystem32sqlite3.dll [536576]
    ~ Files: 12 Legitimates Filtered in 00mn 36s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:02/09/2008 – 21:48:00 —A- . (.Oak Technology Inc. – Audio File System.) — C:WINDOWSSystem32DriversAFS.SYS [77004]
    O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswHwid.sys [24184] =>.ALWIL Software
    O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
    O58 – SDL:04/05/2014 – 23:29:54 —A- . (…) — C:WINDOWSSystem32DriversaswVmm.sys [180632] =>.ALWIL Software
    O58 – SDL:02/11/2006 – 10:51:34 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WINDOWSSystem32Driverselxstor.sys [316520]
    O58 – SDL:02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WINDOWSSystem32Driversiteatapi.sys [35944]
    O58 – SDL:02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WINDOWSSystem32Driversiteraid.sys [35944]
    O58 – SDL:27/11/2009 – 15:46:03 —A- . (…) — C:WINDOWSSystem32DriversPnkBstrK.sys [139456]
    O58 – SDL:24/02/2007 – 15:42:22 —A- . (.REDC – RICOH SD Driver.) — C:WINDOWSSystem32Driversrimmptsk.sys [39936]
    O58 – SDL:23/01/2007 – 17:40:20 —A- . (.REDC – RICOH MS Driver.) — C:WINDOWSSystem32Driversrimsptsk.sys [42496]
    O58 – SDL:23/01/2007 – 18:03:28 —A- . (.REDC – RICOH XD SM Driver.) — C:WINDOWSSystem32Driversrixdptsk.sys [37376]
    O58 – SDL:02/11/2006 – 10:51:25 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WINDOWSSystem32Driversuliahci.sys [235112]
    O58 – SDL:02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WINDOWSSystem32Driversulsata.sys [98408]
    O58 – SDL:02/11/2006 – 10:50:45 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WINDOWSSystem32Driversulsata2.sys [115816]
    O58 – SDL:02/11/2006 – 08:09:42 —A- . (…) — C:WINDOWSSystem32ANSI.SYS [9029]
    O58 – SDL:02/11/2006 – 08:09:45 —A- . (…) — C:WINDOWSSystem32country.sys [27097]
    O58 – SDL:02/11/2006 – 08:09:41 —A- . (…) — C:WINDOWSSystem32HIMEM.SYS [4768]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEY01.SYS [42809]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEYBOARD.SYS [42537]
    O58 – SDL:02/11/2006 – 08:09:29 —A- . (…) — C:WINDOWSSystem32NTDOS.SYS [27866]
    O58 – SDL:02/11/2006 – 08:09:35 —A- . (…) — C:WINDOWSSystem32NTDOS404.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:38 —A- . (…) — C:WINDOWSSystem32NTDOS411.SYS [29370]
    O58 – SDL:02/11/2006 – 08:09:40 —A- . (…) — C:WINDOWSSystem32NTDOS412.SYS [29274]
    O58 – SDL:02/11/2006 – 08:09:31 —A- . (…) — C:WINDOWSSystem32NTDOS804.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:20 —A- . (…) — C:WINDOWSSystem32NTIO.SYS [33952]
    O58 – SDL:02/11/2006 – 08:09:23 —A- . (…) — C:WINDOWSSystem32NTIO404.SYS [34672]
    O58 – SDL:02/11/2006 – 08:09:24 —A- . (…) — C:WINDOWSSystem32NTIO411.SYS [35776]
    O58 – SDL:02/11/2006 – 08:09:26 —A- . (…) — C:WINDOWSSystem32NTIO412.SYS [35536]
    O58 – SDL:02/11/2006 – 08:09:22 —A- . (…) — C:WINDOWSSystem32NTIO804.SYS [34672]
    O58 – SDL:25/10/2013 – 09:33:53 —A- . (…) — C:WINDOWSSystem32TrueSight.sys [26624]
    ~ Drivers: 102 Legitimates Filtered in 00mn 50s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 06/07/2014 – 23:27:00 —A- . (…) — C:UsersVistaDownloadsadwcleaner_3.214.exe [1346519]
    ~ 56 Fichiers temporaires (Temporary files)
    ~ 905 Fichiers cookies (Cookies files)
    ~ Files: 15 Legitimates Filtered in 00mn 07s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 02/09/2008 – C:WINDOWSSystem32DriversAFS.sys (AFS) .(.Oak Technology Inc. – Audio File System.) – LEGACY_AFS
    O64 – Services: CurCS – 04/05/2014 – C:WINDOWSsystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
    ~ Legacy: 78 Legitimates Filtered in 00mn 16s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
    O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
    ~ FASS Keys: 13 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] – (Google) – http://www.google.fr” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {74303AF0-EB91-4696-AD5E-7C2E2FC5A921} – (Yahoo! France) – http://fr.search.yahoo.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
    ~ Files: Scanned in 04mn 01s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.8EAC7D7A9E0C5D143E572232D991A8E0] [SPRF][29/11/2008] (…) — C:ProgramDataezsidmv.dat [56]
    [MD5.306EC60D64E8150B036ECA4449353EDC] [SPRF][04/07/2014] (…) — C:ProgramDatanvModes.dat [361751]
    [MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][26/11/2009] (…) — C:UsersVistaAppDataRoamingPnkBstrK.sys [138056]
    [MD5.111135A5AADFB450A83D3CD4ED07C114] [SPRF][08/06/2013] (…) — C:UsersVistaAppDataRoamingwklnhst.dat [662]
    [MD5.9EDD46B257B3A7E710DCA356EC08F502] [SPRF][10/04/2014] (…) — C:WINDOWSDownloaded Program FilesJuniperExt.exe [417328]
    ~ Files: 9 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 20/03/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe =>.Adobe Systems Incorporated
    SS – | Demand 13/06/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 28/08/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
    SS – | Demand 10/09/2008 536872 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SS – | Demand 12/02/2007 880640 | (RoxMediaDB9) . (.Sonic Solutions.) – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Demand 17/02/2007 74656 | (stllssvr) . (.MicroVision Development, Inc..) – C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
    SR – | Auto 10/09/2008 116040 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    SR – | Auto 04/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 10/04/2014 688240 | (dsNcService) . (.Juniper Networks.) – C:Program FilesJuniper NetworksCommon FilesdsNcService.exe
    SR – | Demand 21/08/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    SR – | Auto 14/03/2007 62984 | (HP Health Check Service) . (.Hewlett-Packard.) – C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
    SR – | Auto 02/05/2006 135168 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
    SR – | Auto 14/12/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) – C:Program FilesCommon FilesLightScribeLSSrvc.exe
    SR – | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 04/12/2008 203296 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSSystem32nvvsvc.exe
    SR – | Auto 26/11/2009 75064 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
    SR – | Auto 19/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
    SR – | Auto 19/01/2008 21504 | C:WINDOWSSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
    SR – | Auto 28/11/2006 386560 | (XAudioService) . (.Conexant Systems, Inc..) – C:WINDOWSSystem32DRIVERSxaudio.exe
    ~ Services: Scanned in 00mn 46s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Vista at 06/07/2014 23:32:37
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (25/06/2014)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    ~ Additionnel Scan: 582594 Items scanned in 02mn 10s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/g2-google-chrome-extensions/” onclick=”window.open(this.href);return false; =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 4 Legitimates Filtered in 00mn 00s

    ~ 858 Legitimates filtered by white list
    End of the scan (517 lines in 12mn 09s)(4)[/spoiler:vof68nik]

    cat167
    Participant
    Nombre d'articles : 16

    @cat167 wrote:

    Sinon voici les rapports de mes actions preliminaires de hier soir…

    Malwarebytes …
    [spoiler:2mmi74bo]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Scan Date: 06/07/2014
    Scan Time: 22:26:37
    Logfile: malw am report.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.06.07
    Rootkit Database: v2014.07.03.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows Vista Service Pack 2
    CPU: x86
    File System: NTFS
    User: Vista

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 279898
    Time Elapsed: 26 min, 58 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.Installex, C:UsersVistaDownloadsDownload (1).exe, Quarantined, [232c009cabd0043226d6a269ca3746ba],
    PUP.Optional.Installex, C:UsersVistaDownloadsDownload.exe, Quarantined, [3d120399e5964aecaf4dd5369b6637c9],

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:2mmi74bo]

    [spoiler:2mmi74bo]# AdwCleaner v3.214 – Rapport créé le 06/07/2014 à 22:05:44
    # Mis à jour le 29/06/2014 par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Nom d'utilisateur : Vista – PC-DE-VISTA
    # Exécuté depuis : C:UsersVistaDownloadsadwcleaner_3.214.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Fichier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
    Clé Supprimée : HKLMSOFTWAREClassesS
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{13086CD4-88B6-45E3-9182-3BC2664199F7}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{731D436C-464C-4F29-BFB2-DE9C458535AE}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEF00686-CAB8-4885-9CCB-78FF483041AA}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16555

    -\ Mozilla Firefox v3.0.17 (fr)

    [ Fichier : C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js ]

    -\ Google Chrome v35.0.1916.153

    [ Fichier : C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************
    Adware cleaner

    AdwCleaner[R0].txt – [2884 octets] – [06/07/2014 22:01:39]
    AdwCleaner[S0].txt – [2827 octets] – [06/07/2014 22:05:44]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [2887 octets] ##########[/spoiler:2mmi74bo]

    [spoiler:2mmi74bo]~ Rapport de ZHPDiag v2014.6.25.98 – Nicolas Coolman (25/06/2014)
    ~ Lancé par Vista (06/07/2014 23:22:42)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Nouvelle version disponible
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox v3.0.17 (fr)
    GCIE: Google Chrome v35.0.1916.153 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : WQD8Q
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v9.0.2018
    Malwarebytes Anti-Malware version 2.0.2.1012

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 14 Plugin
    Adobe Reader 9 – Français
    Java 7 Update 60

    —\ Informations sur le système
    ~ Processor: x86 Family 15 Model 104 Stepping 1, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1982 MB (24% free)
    System Restore: Activé (Enable)
    System drive C: has 45 GB (32%) free of 136 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-DE-VISTA
    ~ User Name: Vista
    ~ All Users Names: Vista, ASPNET, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersVistaAppDataRoamingZHP
    ~ %AppData% : C:UsersVistaAppDataRoaming
    ~ %Desktop% : C:UsersVistaDesktop
    ~ %Favorites% : C:UsersVistaFavorites
    ~ %LocalAppData% : C:UsersVistaAppDataLocal
    ~ %StartMenu% : C:UsersVistaAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:WINDOWS
    ~ %System% : C:WINDOWSSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 136 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 7 Go of 13 Go)
    E: CD-ROM drive (Free 0 Go of 0 Go)
    F: CD-ROM drive (Free 0 Go of 0 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 47 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WINDOWSExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.19/01/2008 – 08:33:37.) — C:WINDOWSSystem32Wininit.exe [96768]
    [MD5.CFD26829131439B71D0109F9D5345573] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.28/05/2014 – 17:32:59.) — C:WINDOWSSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d'ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WINDOWSSystem32Winlogon.exe [314368]
    [MD5.3911B972B55FEA0478476B2E777B29FA] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.21/04/2011 – 14:58:27.) — C:WINDOWSsystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:WINDOWSsystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.19/01/2008 – 06:28:02.) — C:WINDOWSsystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:WINDOWSsystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:WINDOWSsystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:WINDOWSsystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.19/01/2008 – 06:49:18.) — C:WINDOWSsystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.19/01/2008 – 06:56:28.) — C:WINDOWSsystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:WINDOWSsystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:WINDOWSsystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:WINDOWSsystem32Driversntfs.sys [1082232]
    [MD5.0FA9B5055484649D63C303FE404E5F4D] – (.Microsoft Corporation – Pilote de port parallèle.) (.02/11/2006 – 09:51:30.) — C:WINDOWSsystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.19/01/2008 – 06:56:34.) — C:WINDOWSsystem32DriversRasl2tp.sys [76288]
    [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.02/11/2006 – 10:03:00.) — C:WINDOWSsystem32Driversrdpdr.sys [242688]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:WINDOWSsystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:WINDOWSsystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:WINDOWSsystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4318
    ~ Mes musiques (My Musics) : 1/3452
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 1/23
    ~ Mes Documents (My Documents) : 1/154
    ~ Mon Bureau (My Desktop) : 15/225
    ~ Menu demarrer (Programs) : 1/29
    ~ Hidden Files: Scanned in 00mn 05s

    —\ Processus lancés
    [MD5.4FBC630768570E6AC35C3DE8F6EC79F5] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembam.exe [6970168] [PID.2964]
    [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] – (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe [1008184] [PID.3628]
    [MD5.041AF1711BF3D6BFF12FD9D28F0AC303] – (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe [176128] [PID.3636]
    [MD5.A04BE1DBBA0E554B2F33555CCBA5F969] – (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe [159744] [PID.3660]
    [MD5.AF849798ECA383184C88ED436CF3EFB2] – (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe [472776] [PID.3692]
    [MD5.F533507FE318B46629E84DF630A316F8] – (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe [317128] [PID.3700]
    [MD5.4D042B1F1375CF371AFBE0E0276BA627] – (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe [624248] [PID.3748]
    [MD5.89D583FC41D48328128A974C25AFAEB7] – (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [185896] [PID.3832]
    [MD5.8465733657D188C6DD509A222B55B9CF] – (…) — C:Program FilesWinampwinampa.exe [37376] [PID.3840]
    [MD5.4B555106290BD117334E9A08761C035A] – (…) — ystem32rundll32.exe [0] [PID.1488]
    [MD5.2218928CF528D7BC295B1B4C69E9846C] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [3890208] [PID.3884]
    [MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [256896] [PID.3908]
    [MD5.BF08674925F151BD4537B89A493E3E0C] – (.Microsoft Corporation – Media Center Tray Applet.) — C:WINDOWSehomeehtray.exe [125952] [PID.3924]
    [MD5.6809CE70D9679E208D13210DFFD50362] – (…) — C:Program FilesCurseCurseClient.exe [4789760] [PID.3940]
    [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] – (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [39408] [PID.3948]
    [MD5.25D88E97B23FD208C07FA65C6A870E0B] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1176632] [PID.3956]
    [MD5.3E9C9E7AA2B89CC59F37A80BDDE85121] – (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe [6189624] [PID.3980]
    [MD5.D653D895588DF213CA85164FB6901576] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20924576] [PID.3996]
    [MD5.CCCDC7B64CFF96C977B0FADC24434628] – (.Dropbox, Inc. – Dropbox.) — C:UsersVistaAppDataRoamingDropboxbinDropbox.exe [33322312] [PID.1376]
    [MD5.0F4195B9B348DE5CF9B822F81704B20E] – (.Microsoft Corporation – Media Center Media Status Aggregator Servic.) — C:Windowsehomeehmsas.exe [37376] [PID.3408]
    [MD5.241B74792CC295DFDCB7940BBF52B226] – (.Pas de propriétaire – HpqToaster Module.) — C:Program FilesHewlett-PackardSharedHpqToaster.exe [677576] [PID.4936]
    [MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] – (.Microsoft Corporation – Windows Media Player.) — C:Program FilesWindows Media Playerwmplayer.exe [168960] [PID.4640]
    [MD5.62BF806E38150D8179296D9A81C5CF6D] – (…) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe [598072] [PID.5932]
    [MD5.A5FCD42334CCC682DA1882A54338686C] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [860488] [PID.5308]
    [MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.5376]
    [MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8071680] [PID.532]
    [MD5.CF672C71844A3B407EB86042829BCE09] – (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 177.1.) — C:Windowssystem32nvvsvc.exe [203296] [PID.988]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1356]
    [MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1816]
    [MD5.F293992F9CEEF6EA00CE52C3094E59E9] – (.Apple Inc. – Apple Mobile Device Service.) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [116040] [PID.1912]
    [MD5.3F56903E124E820AEECE6D471583C6C1] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [238888] [PID.1112]
    [MD5.84F483BB929D4C6A9997978ACF4EE463] – (.Juniper Networks – Network Connect Service.) — C:Program FilesJuniper NetworksCommon FilesdsNcService.exe [688240] [PID.904]
    [MD5.559C9B7800FAC92FC515CD0003D7C631] – (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLSSrvc.exe [61440] [PID.1780]
    [MD5.D84AEA3F3329D622DFC1297DDDF6163B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe [1809720] [PID.920]
    [MD5.4F45ED469906494F9BF754E476390DBD] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamservice.exe [860472] [PID.2200]
    [MD5.7CF1B716372B89568AE4C0FE769F5869] – (.Microsoft Corporation – Machine Debug Manager.) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [335872] [PID.2304]
    [MD5.A1DD33D16F277CE34124EE52AB2C0F14] – (…) — C:Windowssystem32PnkBstrA.exe [75064] [PID.2344]
    [MD5.15A317674A08DF26BE65164D959E9203] – (.Conexant Systems, Inc. – Modem Audio Service.) — C:Windowssystem32DRIVERSxaudio.exe [386560] [PID.2812]
    [MD5.04C1DCBB226C6AE647B794833CE3CEB6] – (.Hewlett-Packard Development Company, L.P. – hpqwmiex Module.) — C:Program FilesHewlett-PackardSharedhpqwmiex.exe [135168] [PID.2824]
    [MD5.227846995AFEEFA70D328BF5334A86A5] – (.Macrovision Europe Ltd. – Activation Licensing Service.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [654848] [PID.4960]
    [MD5.2CEEB349216FEBD91A907013D4ABCFF7] – (.Hewlett-Packard – HP Health Check Service.) — C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [62984] [PID.5764]
    ~ Processes Running: Scanned in 00mn 03s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [gmekamlpkbcegncocdmhnoogddkeekgn] cats v.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 17 Legitimates Filtered in 00mn 51s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js
    M2 – MFEP: prefs.js [Vista – xi383v70.defaultbattlefieldheroespatcher@ea.com] [] Battlefield Heroes Updater v4.0.27.0 (..)
    P2 – FPN:Firefox Plugin Navigator . (.CNN – NPTURNMED.) — C:Program FilesMozilla FirefoxPluginsNPTURNMED.dll
    ~ Firefox Browser: 44 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
    F2 – REG:system.ini: Shell=C:WINDOWSexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Adobe PDF – [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
    O3 – Toolbar: Contribute Toolbar – [HKLM]{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. – Contribute IE Plugin.) — C:Program FilesAdobe\Adobe Contribute CS3contributeieplugin.dll
    O3 – Toolbar: EndNote Capture – [HKLM]{945C8270-A848-11D5-A805-00B0D092F45B} . (.Thomson Reuters – EndNote 3.8.1.) — C:Program FilesEndNote Plug-InsENWIEPlug.dll
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [Windows Defender] . (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe
    O4 – HKLM..Run: [QPService] . (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe
    O4 – HKLM..Run: [QlbCtrl] . (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
    O4 – HKLM..Run: [HP Health Check Scheduler] . (.Hewlett-Packard – HP Health Check Scheduler.) — C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    O4 – HKLM..Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    O4 – HKLM..Run: [WAWifiMessage] . (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe
    O4 – HKLM..Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
    O4 – HKLM..Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
    O4 – HKLM..Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated – Adobe Version Cue CS3.) — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3Tray.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [TkBellExe] . (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe =>.RealNetworks, Inc
    O4 – HKLM..Run: [WinampAgent] . (…) — C:Program FilesWinampwinampa.exe
    O4 – HKLM..Run: [NvCplDaemon] . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:Windowssystem32NvCpl.dll =>.NVIDIA Corporation
    O4 – HKLM..Run: [NvMediaCenter] . (.NVIDIA Corporation – NVIDIA Media Center Library.) — C:Windowssystem32NvMcTray.dll
    O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O4 – HKLM..Run: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..RunOnce: [Launcher] . (.soft thinks – Launcher.) — C:WINDOWSSMINSTlauncher.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKCU..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
    O4 – HKCU..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: Console Java (Sun) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — Clé orpheline
    O9 – Extra button: Recherche – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOFFICE11REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 – DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} ((no name)) – https://juniper.net/dana-cached/sc/JuniperSetupClient.cab” onclick=”window.open(this.href);return false;
    ~ Objets ActiveX: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{7FD84EC9-A46E-4A64-967B-16021021820F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:Windowssystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml – {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l'interface utilisateur du.) — C:WINDOWSSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Desktop General: BackupWallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
    O24 – Desktop General: WallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
    ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT: – (..) — C:WINDOWSSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineCore [1052]
    O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineUA [1056]
    ~ Scheduled Task: 16 Legitimates Filtered in 00mn 08s

    —\ Logiciels installés (O42)
    O42 – Logiciel: TBS WMP Plug-in – (.CNN.) [HKLM] — InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}
    O42 – Logiciel: e-Wörterbücher – (…) [HKLM] — {4737AD9F-13AA-4E4C-B86F-B631D557F6A7}
    ~ Logic: 23 Legitimates Filtered in 00mn 02s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareCD-MP3-Ripper]
    [HKCUSoftwarePopup Woerterbuch EWB]
    [HKLMSoftwarePopup Woerterbuch EWB]
    [HKLMSoftwareWAR]
    ~ Key Software: 331 Legitimates Filtered in 00mn 02s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 20/09/2012 – 16:10:19 – [] —-D C:ProgramDataLKG
    O43 – CFD: 15/09/2008 – 17:13:56 – [] —-D C:ProgramData{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    O43 – CFD: 04/11/2013 – 21:28:41 – [] —-D C:UsersVistaAppDataRoamingcge
    ~ Program Folder: 190 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] – 06/07/2014 – 21:03:53 —A- . (.SQLite Development Team – SQLite Dynamic Link Library (No TCL).) — C:WINDOWSSystem32sqlite3.dll [536576]
    ~ Files: 12 Legitimates Filtered in 00mn 36s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:02/09/2008 – 21:48:00 —A- . (.Oak Technology Inc. – Audio File System.) — C:WINDOWSSystem32DriversAFS.SYS [77004]
    O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswHwid.sys [24184] =>.ALWIL Software
    O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
    O58 – SDL:04/05/2014 – 23:29:54 —A- . (…) — C:WINDOWSSystem32DriversaswVmm.sys [180632] =>.ALWIL Software
    O58 – SDL:02/11/2006 – 10:51:34 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WINDOWSSystem32Driverselxstor.sys [316520]
    O58 – SDL:02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WINDOWSSystem32Driversiteatapi.sys [35944]
    O58 – SDL:02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WINDOWSSystem32Driversiteraid.sys [35944]
    O58 – SDL:27/11/2009 – 15:46:03 —A- . (…) — C:WINDOWSSystem32DriversPnkBstrK.sys [139456]
    O58 – SDL:24/02/2007 – 15:42:22 —A- . (.REDC – RICOH SD Driver.) — C:WINDOWSSystem32Driversrimmptsk.sys [39936]
    O58 – SDL:23/01/2007 – 17:40:20 —A- . (.REDC – RICOH MS Driver.) — C:WINDOWSSystem32Driversrimsptsk.sys [42496]
    O58 – SDL:23/01/2007 – 18:03:28 —A- . (.REDC – RICOH XD SM Driver.) — C:WINDOWSSystem32Driversrixdptsk.sys [37376]
    O58 – SDL:02/11/2006 – 10:51:25 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WINDOWSSystem32Driversuliahci.sys [235112]
    O58 – SDL:02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WINDOWSSystem32Driversulsata.sys [98408]
    O58 – SDL:02/11/2006 – 10:50:45 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WINDOWSSystem32Driversulsata2.sys [115816]
    O58 – SDL:02/11/2006 – 08:09:42 —A- . (…) — C:WINDOWSSystem32ANSI.SYS [9029]
    O58 – SDL:02/11/2006 – 08:09:45 —A- . (…) — C:WINDOWSSystem32country.sys [27097]
    O58 – SDL:02/11/2006 – 08:09:41 —A- . (…) — C:WINDOWSSystem32HIMEM.SYS [4768]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEY01.SYS [42809]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEYBOARD.SYS [42537]
    O58 – SDL:02/11/2006 – 08:09:29 —A- . (…) — C:WINDOWSSystem32NTDOS.SYS [27866]
    O58 – SDL:02/11/2006 – 08:09:35 —A- . (…) — C:WINDOWSSystem32NTDOS404.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:38 —A- . (…) — C:WINDOWSSystem32NTDOS411.SYS [29370]
    O58 – SDL:02/11/2006 – 08:09:40 —A- . (…) — C:WINDOWSSystem32NTDOS412.SYS [29274]
    O58 – SDL:02/11/2006 – 08:09:31 —A- . (…) — C:WINDOWSSystem32NTDOS804.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:20 —A- . (…) — C:WINDOWSSystem32NTIO.SYS [33952]
    O58 – SDL:02/11/2006 – 08:09:23 —A- . (…) — C:WINDOWSSystem32NTIO404.SYS [34672]
    O58 – SDL:02/11/2006 – 08:09:24 —A- . (…) — C:WINDOWSSystem32NTIO411.SYS [35776]
    O58 – SDL:02/11/2006 – 08:09:26 —A- . (…) — C:WINDOWSSystem32NTIO412.SYS [35536]
    O58 – SDL:02/11/2006 – 08:09:22 —A- . (…) — C:WINDOWSSystem32NTIO804.SYS [34672]
    O58 – SDL:25/10/2013 – 09:33:53 —A- . (…) — C:WINDOWSSystem32TrueSight.sys [26624]
    ~ Drivers: 102 Legitimates Filtered in 00mn 50s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 06/07/2014 – 23:27:00 —A- . (…) — C:UsersVistaDownloadsadwcleaner_3.214.exe [1346519]
    ~ 56 Fichiers temporaires (Temporary files)
    ~ 905 Fichiers cookies (Cookies files)
    ~ Files: 15 Legitimates Filtered in 00mn 07s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 02/09/2008 – C:WINDOWSSystem32DriversAFS.sys (AFS) .(.Oak Technology Inc. – Audio File System.) – LEGACY_AFS
    O64 – Services: CurCS – 04/05/2014 – C:WINDOWSsystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
    ~ Legacy: 78 Legitimates Filtered in 00mn 16s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
    O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
    ~ FASS Keys: 13 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] – (Google) – http://www.google.fr” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {74303AF0-EB91-4696-AD5E-7C2E2FC5A921} – (Yahoo! France) – http://fr.search.yahoo.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
    ~ Files: Scanned in 04mn 01s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.8EAC7D7A9E0C5D143E572232D991A8E0] [SPRF][29/11/2008] (…) — C:ProgramDataezsidmv.dat [56]
    [MD5.306EC60D64E8150B036ECA4449353EDC] [SPRF][04/07/2014] (…) — C:ProgramDatanvModes.dat [361751]
    [MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][26/11/2009] (…) — C:UsersVistaAppDataRoamingPnkBstrK.sys [138056]
    [MD5.111135A5AADFB450A83D3CD4ED07C114] [SPRF][08/06/2013] (…) — C:UsersVistaAppDataRoamingwklnhst.dat [662]
    [MD5.9EDD46B257B3A7E710DCA356EC08F502] [SPRF][10/04/2014] (…) — C:WINDOWSDownloaded Program FilesJuniperExt.exe [417328]
    ~ Files: 9 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 20/03/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe =>.Adobe Systems Incorporated
    SS – | Demand 13/06/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 28/08/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
    SS – | Demand 10/09/2008 536872 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SS – | Demand 12/02/2007 880640 | (RoxMediaDB9) . (.Sonic Solutions.) – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Demand 17/02/2007 74656 | (stllssvr) . (.MicroVision Development, Inc..) – C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
    SR – | Auto 10/09/2008 116040 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    SR – | Auto 04/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 10/04/2014 688240 | (dsNcService) . (.Juniper Networks.) – C:Program FilesJuniper NetworksCommon FilesdsNcService.exe
    SR – | Demand 21/08/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    SR – | Auto 14/03/2007 62984 | (HP Health Check Service) . (.Hewlett-Packard.) – C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
    SR – | Auto 02/05/2006 135168 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
    SR – | Auto 14/12/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) – C:Program FilesCommon FilesLightScribeLSSrvc.exe
    SR – | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 04/12/2008 203296 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSSystem32nvvsvc.exe
    SR – | Auto 26/11/2009 75064 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
    SR – | Auto 19/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
    SR – | Auto 19/01/2008 21504 | C:WINDOWSSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
    SR – | Auto 28/11/2006 386560 | (XAudioService) . (.Conexant Systems, Inc..) – C:WINDOWSSystem32DRIVERSxaudio.exe
    ~ Services: Scanned in 00mn 46s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Vista at 06/07/2014 23:32:37
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (25/06/2014)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    ~ Additionnel Scan: 582594 Items scanned in 02mn 10s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/g2-google-chrome-extensions/” onclick=”window.open(this.href);return false; =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 4 Legitimates Filtered in 00mn 00s

    ~ 858 Legitimates filtered by white list
    End of the scan (517 lines in 12mn 09s)(4)[/spoiler:2mmi74bo]

    cat167
    Participant
    Nombre d'articles : 16

    @cat167 wrote:

    @cat167 wrote:

    Sinon voici les rapports de mes actions preliminaires de hier soir…

    dans l’ordre suivant: Malwarebytes, AdwCleaner et ZHP Dialog

    [spoiler:28gxg176]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Scan Date: 06/07/2014
    Scan Time: 22:26:37
    Logfile: malw am report.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.06.07
    Rootkit Database: v2014.07.03.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows Vista Service Pack 2
    CPU: x86
    File System: NTFS
    User: Vista

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 279898
    Time Elapsed: 26 min, 58 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.Installex, C:UsersVistaDownloadsDownload (1).exe, Quarantined, [232c009cabd0043226d6a269ca3746ba],
    PUP.Optional.Installex, C:UsersVistaDownloadsDownload.exe, Quarantined, [3d120399e5964aecaf4dd5369b6637c9],

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:28gxg176]

    [spoiler:28gxg176]# AdwCleaner v3.214 – Rapport créé le 06/07/2014 à 22:05:44
    # Mis à jour le 29/06/2014 par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Nom d'utilisateur : Vista – PC-DE-VISTA
    # Exécuté depuis : C:UsersVistaDownloadsadwcleaner_3.214.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Fichier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
    Clé Supprimée : HKLMSOFTWAREClassesS
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{13086CD4-88B6-45E3-9182-3BC2664199F7}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{731D436C-464C-4F29-BFB2-DE9C458535AE}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEF00686-CAB8-4885-9CCB-78FF483041AA}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2318C2B1-4965-11D4-9B18-009027A5CD4F}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16555

    -\ Mozilla Firefox v3.0.17 (fr)

    [ Fichier : C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js ]

    -\ Google Chrome v35.0.1916.153

    [ Fichier : C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [2884 octets] – [06/07/2014 22:01:39]
    AdwCleaner[S0].txt – [2827 octets] – [06/07/2014 22:05:44]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [2887 octets] ##########[/spoiler:28gxg176]

    [spoiler:28gxg176]~ Rapport de ZHPDiag v2014.6.25.98 – Nicolas Coolman (25/06/2014)
    ~ Lancé par Vista (06/07/2014 23:22:42)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Nouvelle version disponible
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox v3.0.17 (fr)
    GCIE: Google Chrome v35.0.1916.153 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : WQD8Q
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v9.0.2018
    Malwarebytes Anti-Malware version 2.0.2.1012

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 14 Plugin
    Adobe Reader 9 – Français
    Java 7 Update 60

    —\ Informations sur le système
    ~ Processor: x86 Family 15 Model 104 Stepping 1, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1982 MB (24% free)
    System Restore: Activé (Enable)
    System drive C: has 45 GB (32%) free of 136 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-DE-VISTA
    ~ User Name: Vista
    ~ All Users Names: Vista, ASPNET, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersVistaAppDataRoamingZHP
    ~ %AppData% : C:UsersVistaAppDataRoaming
    ~ %Desktop% : C:UsersVistaDesktop
    ~ %Favorites% : C:UsersVistaFavorites
    ~ %LocalAppData% : C:UsersVistaAppDataLocal
    ~ %StartMenu% : C:UsersVistaAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:WINDOWS
    ~ %System% : C:WINDOWSSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 136 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 7 Go of 13 Go)
    E: CD-ROM drive (Free 0 Go of 0 Go)
    F: CD-ROM drive (Free 0 Go of 0 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 47 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WINDOWSExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.19/01/2008 – 08:33:37.) — C:WINDOWSSystem32Wininit.exe [96768]
    [MD5.CFD26829131439B71D0109F9D5345573] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.28/05/2014 – 17:32:59.) — C:WINDOWSSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d'ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WINDOWSSystem32Winlogon.exe [314368]
    [MD5.3911B972B55FEA0478476B2E777B29FA] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.21/04/2011 – 14:58:27.) — C:WINDOWSsystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:WINDOWSsystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.19/01/2008 – 06:28:02.) — C:WINDOWSsystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:WINDOWSsystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:WINDOWSsystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:WINDOWSsystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.19/01/2008 – 06:49:18.) — C:WINDOWSsystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.19/01/2008 – 06:56:28.) — C:WINDOWSsystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:WINDOWSsystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:WINDOWSsystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:WINDOWSsystem32Driversntfs.sys [1082232]
    [MD5.0FA9B5055484649D63C303FE404E5F4D] – (.Microsoft Corporation – Pilote de port parallèle.) (.02/11/2006 – 09:51:30.) — C:WINDOWSsystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.19/01/2008 – 06:56:34.) — C:WINDOWSsystem32DriversRasl2tp.sys [76288]
    [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.02/11/2006 – 10:03:00.) — C:WINDOWSsystem32Driversrdpdr.sys [242688]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:WINDOWSsystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:WINDOWSsystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:WINDOWSsystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4318
    ~ Mes musiques (My Musics) : 1/3452
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 1/23
    ~ Mes Documents (My Documents) : 1/154
    ~ Mon Bureau (My Desktop) : 15/225
    ~ Menu demarrer (Programs) : 1/29
    ~ Hidden Files: Scanned in 00mn 05s

    —\ Processus lancés
    [MD5.4FBC630768570E6AC35C3DE8F6EC79F5] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembam.exe [6970168] [PID.2964]
    [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] – (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe [1008184] [PID.3628]
    [MD5.041AF1711BF3D6BFF12FD9D28F0AC303] – (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe [176128] [PID.3636]
    [MD5.A04BE1DBBA0E554B2F33555CCBA5F969] – (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe [159744] [PID.3660]
    [MD5.AF849798ECA383184C88ED436CF3EFB2] – (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe [472776] [PID.3692]
    [MD5.F533507FE318B46629E84DF630A316F8] – (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe [317128] [PID.3700]
    [MD5.4D042B1F1375CF371AFBE0E0276BA627] – (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe [624248] [PID.3748]
    [MD5.89D583FC41D48328128A974C25AFAEB7] – (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [185896] [PID.3832]
    [MD5.8465733657D188C6DD509A222B55B9CF] – (…) — C:Program FilesWinampwinampa.exe [37376] [PID.3840]
    [MD5.4B555106290BD117334E9A08761C035A] – (…) — ystem32rundll32.exe [0] [PID.1488]
    [MD5.2218928CF528D7BC295B1B4C69E9846C] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [3890208] [PID.3884]
    [MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [256896] [PID.3908]
    [MD5.BF08674925F151BD4537B89A493E3E0C] – (.Microsoft Corporation – Media Center Tray Applet.) — C:WINDOWSehomeehtray.exe [125952] [PID.3924]
    [MD5.6809CE70D9679E208D13210DFFD50362] – (…) — C:Program FilesCurseCurseClient.exe [4789760] [PID.3940]
    [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] – (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [39408] [PID.3948]
    [MD5.25D88E97B23FD208C07FA65C6A870E0B] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1176632] [PID.3956]
    [MD5.3E9C9E7AA2B89CC59F37A80BDDE85121] – (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe [6189624] [PID.3980]
    [MD5.D653D895588DF213CA85164FB6901576] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20924576] [PID.3996]
    [MD5.CCCDC7B64CFF96C977B0FADC24434628] – (.Dropbox, Inc. – Dropbox.) — C:UsersVistaAppDataRoamingDropboxbinDropbox.exe [33322312] [PID.1376]
    [MD5.0F4195B9B348DE5CF9B822F81704B20E] – (.Microsoft Corporation – Media Center Media Status Aggregator Servic.) — C:Windowsehomeehmsas.exe [37376] [PID.3408]
    [MD5.241B74792CC295DFDCB7940BBF52B226] – (.Pas de propriétaire – HpqToaster Module.) — C:Program FilesHewlett-PackardSharedHpqToaster.exe [677576] [PID.4936]
    [MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] – (.Microsoft Corporation – Windows Media Player.) — C:Program FilesWindows Media Playerwmplayer.exe [168960] [PID.4640]
    [MD5.62BF806E38150D8179296D9A81C5CF6D] – (…) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe [598072] [PID.5932]
    [MD5.A5FCD42334CCC682DA1882A54338686C] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [860488] [PID.5308]
    [MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.5376]
    [MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8071680] [PID.532]
    [MD5.CF672C71844A3B407EB86042829BCE09] – (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 177.1.) — C:Windowssystem32nvvsvc.exe [203296] [PID.988]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1356]
    [MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1816]
    [MD5.F293992F9CEEF6EA00CE52C3094E59E9] – (.Apple Inc. – Apple Mobile Device Service.) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [116040] [PID.1912]
    [MD5.3F56903E124E820AEECE6D471583C6C1] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [238888] [PID.1112]
    [MD5.84F483BB929D4C6A9997978ACF4EE463] – (.Juniper Networks – Network Connect Service.) — C:Program FilesJuniper NetworksCommon FilesdsNcService.exe [688240] [PID.904]
    [MD5.559C9B7800FAC92FC515CD0003D7C631] – (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLSSrvc.exe [61440] [PID.1780]
    [MD5.D84AEA3F3329D622DFC1297DDDF6163B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe [1809720] [PID.920]
    [MD5.4F45ED469906494F9BF754E476390DBD] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamservice.exe [860472] [PID.2200]
    [MD5.7CF1B716372B89568AE4C0FE769F5869] – (.Microsoft Corporation – Machine Debug Manager.) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [335872] [PID.2304]
    [MD5.A1DD33D16F277CE34124EE52AB2C0F14] – (…) — C:Windowssystem32PnkBstrA.exe [75064] [PID.2344]
    [MD5.15A317674A08DF26BE65164D959E9203] – (.Conexant Systems, Inc. – Modem Audio Service.) — C:Windowssystem32DRIVERSxaudio.exe [386560] [PID.2812]
    [MD5.04C1DCBB226C6AE647B794833CE3CEB6] – (.Hewlett-Packard Development Company, L.P. – hpqwmiex Module.) — C:Program FilesHewlett-PackardSharedhpqwmiex.exe [135168] [PID.2824]
    [MD5.227846995AFEEFA70D328BF5334A86A5] – (.Macrovision Europe Ltd. – Activation Licensing Service.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [654848] [PID.4960]
    [MD5.2CEEB349216FEBD91A907013D4ABCFF7] – (.Hewlett-Packard – HP Health Check Service.) — C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [62984] [PID.5764]
    ~ Processes Running: Scanned in 00mn 03s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [gmekamlpkbcegncocdmhnoogddkeekgn] cats v.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 17 Legitimates Filtered in 00mn 51s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js
    M2 – MFEP: prefs.js [Vista – xi383v70.defaultbattlefieldheroespatcher@ea.com] [] Battlefield Heroes Updater v4.0.27.0 (..)
    P2 – FPN:Firefox Plugin Navigator . (.CNN – NPTURNMED.) — C:Program FilesMozilla FirefoxPluginsNPTURNMED.dll
    ~ Firefox Browser: 44 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
    F2 – REG:system.ini: Shell=C:WINDOWSexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Adobe PDF – [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
    O3 – Toolbar: Contribute Toolbar – [HKLM]{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. – Contribute IE Plugin.) — C:Program FilesAdobe\Adobe Contribute CS3contributeieplugin.dll
    O3 – Toolbar: EndNote Capture – [HKLM]{945C8270-A848-11D5-A805-00B0D092F45B} . (.Thomson Reuters – EndNote 3.8.1.) — C:Program FilesEndNote Plug-InsENWIEPlug.dll
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [Windows Defender] . (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe
    O4 – HKLM..Run: [QPService] . (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe
    O4 – HKLM..Run: [QlbCtrl] . (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
    O4 – HKLM..Run: [HP Health Check Scheduler] . (.Hewlett-Packard – HP Health Check Scheduler.) — C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
    O4 – HKLM..Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
    O4 – HKLM..Run: [WAWifiMessage] . (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe
    O4 – HKLM..Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
    O4 – HKLM..Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
    O4 – HKLM..Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated – Adobe Version Cue CS3.) — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3Tray.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [TkBellExe] . (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe =>.RealNetworks, Inc
    O4 – HKLM..Run: [WinampAgent] . (…) — C:Program FilesWinampwinampa.exe
    O4 – HKLM..Run: [NvCplDaemon] . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:Windowssystem32NvCpl.dll =>.NVIDIA Corporation
    O4 – HKLM..Run: [NvMediaCenter] . (.NVIDIA Corporation – NVIDIA Media Center Library.) — C:Windowssystem32NvMcTray.dll
    O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O4 – HKLM..Run: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..RunOnce: [Launcher] . (.soft thinks – Launcher.) — C:WINDOWSSMINSTlauncher.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKCU..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
    O4 – HKCU..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] Clé orpheline
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
    O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: Console Java (Sun) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — Clé orpheline
    O9 – Extra button: Recherche – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOFFICE11REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 – DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} ((no name)) – https://juniper.net/dana-cached/sc/JuniperSetupClient.cab” onclick=”window.open(this.href);return false;
    ~ Objets ActiveX: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{7FD84EC9-A46E-4A64-967B-16021021820F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:Windowssystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml – {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l'interface utilisateur du.) — C:WINDOWSSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Desktop General: BackupWallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
    O24 – Desktop General: WallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
    ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT: – (..) — C:WINDOWSSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineCore [1052]
    O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineUA [1056]
    ~ Scheduled Task: 16 Legitimates Filtered in 00mn 08s

    —\ Logiciels installés (O42)
    O42 – Logiciel: TBS WMP Plug-in – (.CNN.) [HKLM] — InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}
    O42 – Logiciel: e-Wörterbücher – (…) [HKLM] — {4737AD9F-13AA-4E4C-B86F-B631D557F6A7}
    ~ Logic: 23 Legitimates Filtered in 00mn 02s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareCD-MP3-Ripper]
    [HKCUSoftwarePopup Woerterbuch EWB]
    [HKLMSoftwarePopup Woerterbuch EWB]
    [HKLMSoftwareWAR]
    ~ Key Software: 331 Legitimates Filtered in 00mn 02s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 20/09/2012 – 16:10:19 – [] —-D C:ProgramDataLKG
    O43 – CFD: 15/09/2008 – 17:13:56 – [] —-D C:ProgramData{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    O43 – CFD: 04/11/2013 – 21:28:41 – [] —-D C:UsersVistaAppDataRoamingcge
    ~ Program Folder: 190 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] – 06/07/2014 – 21:03:53 —A- . (.SQLite Development Team – SQLite Dynamic Link Library (No TCL).) — C:WINDOWSSystem32sqlite3.dll [536576]
    ~ Files: 12 Legitimates Filtered in 00mn 36s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:02/09/2008 – 21:48:00 —A- . (.Oak Technology Inc. – Audio File System.) — C:WINDOWSSystem32DriversAFS.SYS [77004]
    O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswHwid.sys [24184] =>.ALWIL Software
    O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
    O58 – SDL:04/05/2014 – 23:29:54 —A- . (…) — C:WINDOWSSystem32DriversaswVmm.sys [180632] =>.ALWIL Software
    O58 – SDL:02/11/2006 – 10:51:34 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WINDOWSSystem32Driverselxstor.sys [316520]
    O58 – SDL:02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WINDOWSSystem32Driversiteatapi.sys [35944]
    O58 – SDL:02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WINDOWSSystem32Driversiteraid.sys [35944]
    O58 – SDL:27/11/2009 – 15:46:03 —A- . (…) — C:WINDOWSSystem32DriversPnkBstrK.sys [139456]
    O58 – SDL:24/02/2007 – 15:42:22 —A- . (.REDC – RICOH SD Driver.) — C:WINDOWSSystem32Driversrimmptsk.sys [39936]
    O58 – SDL:23/01/2007 – 17:40:20 —A- . (.REDC – RICOH MS Driver.) — C:WINDOWSSystem32Driversrimsptsk.sys [42496]
    O58 – SDL:23/01/2007 – 18:03:28 —A- . (.REDC – RICOH XD SM Driver.) — C:WINDOWSSystem32Driversrixdptsk.sys [37376]
    O58 – SDL:02/11/2006 – 10:51:25 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WINDOWSSystem32Driversuliahci.sys [235112]
    O58 – SDL:02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WINDOWSSystem32Driversulsata.sys [98408]
    O58 – SDL:02/11/2006 – 10:50:45 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WINDOWSSystem32Driversulsata2.sys [115816]
    O58 – SDL:02/11/2006 – 08:09:42 —A- . (…) — C:WINDOWSSystem32ANSI.SYS [9029]
    O58 – SDL:02/11/2006 – 08:09:45 —A- . (…) — C:WINDOWSSystem32country.sys [27097]
    O58 – SDL:02/11/2006 – 08:09:41 —A- . (…) — C:WINDOWSSystem32HIMEM.SYS [4768]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEY01.SYS [42809]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEYBOARD.SYS [42537]
    O58 – SDL:02/11/2006 – 08:09:29 —A- . (…) — C:WINDOWSSystem32NTDOS.SYS [27866]
    O58 – SDL:02/11/2006 – 08:09:35 —A- . (…) — C:WINDOWSSystem32NTDOS404.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:38 —A- . (…) — C:WINDOWSSystem32NTDOS411.SYS [29370]
    O58 – SDL:02/11/2006 – 08:09:40 —A- . (…) — C:WINDOWSSystem32NTDOS412.SYS [29274]
    O58 – SDL:02/11/2006 – 08:09:31 —A- . (…) — C:WINDOWSSystem32NTDOS804.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:20 —A- . (…) — C:WINDOWSSystem32NTIO.SYS [33952]
    O58 – SDL:02/11/2006 – 08:09:23 —A- . (…) — C:WINDOWSSystem32NTIO404.SYS [34672]
    O58 – SDL:02/11/2006 – 08:09:24 —A- . (…) — C:WINDOWSSystem32NTIO411.SYS [35776]
    O58 – SDL:02/11/2006 – 08:09:26 —A- . (…) — C:WINDOWSSystem32NTIO412.SYS [35536]
    O58 – SDL:02/11/2006 – 08:09:22 —A- . (…) — C:WINDOWSSystem32NTIO804.SYS [34672]
    O58 – SDL:25/10/2013 – 09:33:53 —A- . (…) — C:WINDOWSSystem32TrueSight.sys [26624]
    ~ Drivers: 102 Legitimates Filtered in 00mn 50s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 06/07/2014 – 23:27:00 —A- . (…) — C:UsersVistaDownloadsadwcleaner_3.214.exe [1346519]
    ~ 56 Fichiers temporaires (Temporary files)
    ~ 905 Fichiers cookies (Cookies files)
    ~ Files: 15 Legitimates Filtered in 00mn 07s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 02/09/2008 – C:WINDOWSSystem32DriversAFS.sys (AFS) .(.Oak Technology Inc. – Audio File System.) – LEGACY_AFS
    O64 – Services: CurCS – 04/05/2014 – C:WINDOWSsystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
    ~ Legacy: 78 Legitimates Filtered in 00mn 16s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
    O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
    ~ FASS Keys: 13 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] – (Google) – http://www.google.fr” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {74303AF0-EB91-4696-AD5E-7C2E2FC5A921} – (Yahoo! France) – http://fr.search.yahoo.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
    C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
    ~ Files: Scanned in 04mn 01s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.8EAC7D7A9E0C5D143E572232D991A8E0] [SPRF][29/11/2008] (…) — C:ProgramDataezsidmv.dat [56]
    [MD5.306EC60D64E8150B036ECA4449353EDC] [SPRF][04/07/2014] (…) — C:ProgramDatanvModes.dat [361751]
    [MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][26/11/2009] (…) — C:UsersVistaAppDataRoamingPnkBstrK.sys [138056]
    [MD5.111135A5AADFB450A83D3CD4ED07C114] [SPRF][08/06/2013] (…) — C:UsersVistaAppDataRoamingwklnhst.dat [662]
    [MD5.9EDD46B257B3A7E710DCA356EC08F502] [SPRF][10/04/2014] (…) — C:WINDOWSDownloaded Program FilesJuniperExt.exe [417328]
    ~ Files: 9 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 20/03/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe =>.Adobe Systems Incorporated
    SS – | Demand 13/06/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 28/08/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
    SS – | Demand 10/09/2008 536872 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SS – | Demand 12/02/2007 880640 | (RoxMediaDB9) . (.Sonic Solutions.) – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Demand 17/02/2007 74656 | (stllssvr) . (.MicroVision Development, Inc..) – C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
    SR – | Auto 10/09/2008 116040 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    SR – | Auto 04/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 10/04/2014 688240 | (dsNcService) . (.Juniper Networks.) – C:Program FilesJuniper NetworksCommon FilesdsNcService.exe
    SR – | Demand 21/08/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    SR – | Auto 14/03/2007 62984 | (HP Health Check Service) . (.Hewlett-Packard.) – C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
    SR – | Auto 02/05/2006 135168 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
    SR – | Auto 14/12/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) – C:Program FilesCommon FilesLightScribeLSSrvc.exe
    SR – | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 04/12/2008 203296 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSSystem32nvvsvc.exe
    SR – | Auto 26/11/2009 75064 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
    SR – | Auto 19/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
    SR – | Auto 19/01/2008 21504 | C:WINDOWSSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
    SR – | Auto 28/11/2006 386560 | (XAudioService) . (.Conexant Systems, Inc..) – C:WINDOWSSystem32DRIVERSxaudio.exe
    ~ Services: Scanned in 00mn 46s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Vista at 06/07/2014 23:32:37
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (25/06/2014)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    ~ Additionnel Scan: 582594 Items scanned in 02mn 10s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/g2-google-chrome-extensions/” onclick=”window.open(this.href);return false; =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 4 Legitimates Filtered in 00mn 00s

    ~ 858 Legitimates filtered by white list
    End of the scan (517 lines in 12mn 09s)(4)[/spoiler:28gxg176]

    billmaximebillmaxime
    Moderator
    Nombre d'articles : 1402

    re cat167 ,

    tu as déjà bien bosser :)

    firefox n’est pas a jour, met le a jour où désinstalle le via programmes et fonctionnalités du panneau de configuration

    pour le mettre a jour >> clique ici

    avast n’est pas a jour, regarde ceci pour le mettre a jour >> clique ici

    désinstalle toutes les versions d’adobe reader via programmes et fonctionnalités du panneau de configuration

    ensuite, télécharge et installe la dernière version depuis ce lien >> adobe reader

    [glow=red:brqg3k43]ps: décoche MCAFEE avant de télécharger adobe reader[/glow:brqg3k43]

    ensuite, fait ceci et poste le rapport s’il te plaît

    • Copie les lignes ci dessous :
      Script zhpfix
      O3 - ToolbarWebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
      O3 - Toolbar: Adobe PDF - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
      O3 - Toolbar: Contribute Toolbar - [HKLM]{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:Program FilesAdobe\Adobe Contribute CS3contributeieplugin.dll
      O3 - Toolbar: EndNote Capture - [HKLM]{945C8270-A848-11D5-A805-00B0D092F45B} . (.Thomson Reuters - EndNote 3.8.1.) -- C:Program FilesEndNote Plug-InsENWIEPlug.dll
      O4 - HKCU..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
      O4 - HKCU..Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
      O4 - HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
      O4 - HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
      O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
      O69 - SBI: SearchScopes [HKCU] {74303AF0-EB91-4696-AD5E-7C2E2FC5A921} - (Yahoo! France) - http://fr.search.yahoo.com
      Emptytemp
      Emptyflash

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Puis Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    :merci2:

    cat167
    Participant
    Nombre d'articles : 16

    :hello:

    j’espere avoir tout bien fait. Je n’utilise pas firefox alors je l’ai juste enleve.

    voici le lien: https://antimalware.top/www/?a=d&i=LuBw5OiggW” onclick=”window.open(this.href);return false;

    J’ai une question annexe et pas primordiale mais si tu as la solution :) : comment fait-on pour empecher un programme (en particulier spotify) de se lancer automatiquement au demarrage de l’ordi? Ca prend un temps fou et je prefererais ne le demarrer que quand je souhaite ecouter de la musique.

    A plus tard ou a demain je suppose. Merci beaucoup!

    Catherine

    billmaximebillmaxime
    Moderator
    Nombre d'articles : 1402

    :hello: cat167,

    j’espere avoir tout bien fait.

    oui, comme d’habitude :) :bravo1:

    J’ai une question annexe et pas primordiale mais si tu as la solution :) : comment fait-on pour empecher un programme (en particulier spotify) de se lancer automatiquement au demarrage de l’ordi? Ca prend un temps fou et je prefererais ne le demarrer que quand je souhaite ecouter de la musique.

    pour qu’un programme ne démarre pas quand tu démarres windows, tu as différentes possibilités

    1) dans les paramètres de certains logiciels/programmes, tu as 1 case a décochée pour que le logiciel ne se lance/s’exécute au démarrage de windows

    quelque chose du genre “exécuter spoftify au démarrage de windows”

    2) tu passes par MSCONFIG >> aide en image clique ici

    [glow=red:1x24lw7z]PS: dit moi si tu as encore des soucis en rapport avec ton problème initial et/où disfonctionnement du pc[/glow:1x24lw7z]

    :merci2:

    cat167
    Participant
    Nombre d'articles : 16

    Bonjour!

    Merci pour ta reponse. Non, les raccourcis ont disparu de ma cle. :super:
    Et j’espere qu’au prochain demarrage, je gagnerai quelques minutes.
    Juste une question encore, je conserve les divers programmes que je viens d’installer ou bien ca ne vaut pas la peine?

    Mille mercis en tt cas.

    Cath (et le chaton qui est fascine par l’ecran)

    billmaximebillmaxime
    Moderator
    Nombre d'articles : 1402

    :hello: cat167,

    Merci pour ta reponse. Non, les raccourcis ont disparu de ma cle. :super:
    Et j’espere qu’au prochain demarrage, je gagnerai quelques minutes.

    ça va le faire :P: la cle est désinfectée et vaccinée

    j’ai 1 question vis à vis de ton problème:

    j’ai de nouveau un virus qui transforme mes fichiers en raccourcis. C’est une occurrence reguliere (via l’ordi d’un copy shop)

    te souviens tu si la cle qui a été infectée, celle-ci >> G: -> Disque amovible # 7 Go (4 Go libre(s) – 49%) [] # FAT32

    avait déjà été désinfectée et vaccinée avec usbfix :interro:

    Juste une question encore, je conserve les divers programmes que je viens d’installer ou bien ca ne vaut pas la peine?

    non, tu vas tout désinstaller avec delfix

    fait ceci et poste les rapports s’il te plaît

    1)

    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    2)

    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • [glow=red:3dpczsrx]dans delfix,coche les cases suivantes :[/glow:3dpczsrx]
      • Réactiver l’UAC
        Supprimer les outils de désinfection
        Purger la restauration système

    poste le rapport via 1 copier/coller

    PS:

    Cath (et le chaton qui est fascine par l’ecran)

    dit au chat de bien suivre les manipulations, la prochaine fois c’est lui qui s’occupera de la désinfection mdr

    :merci2:

15 sujets de 1 à 15 (sur un total de 26)
  • Vous devez être connecté pour répondre à ce sujet.