Stephane
Participant
Nombre d'articles : 6

Alors je n’ai plus le soucis que j’avais ! A savoir ma clef USB est à nouveau disponible (sans devoir taper l’adresse exacte du fichier) on peut parcourir les répertoires etc. Elle a même garder mon fichier autorun^^ !
C’est super merci beaucoup.

Sinon pour les rapports :

Malwarebytes Anti-Malware:
[spoiler:izilwu4b]Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

Version de la base de données: v2013.09.14.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Stephane :: STEPHANE-PC [administrateur]

14/09/2013 15:00:12
mbam-log-2013-09-14 (15-00-12).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 217058
Temps écoulé: 3 minute(s), 26 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)[/spoiler:izilwu4b]
AdwCleaner:
[spoiler:izilwu4b]# AdwCleaner v3.003 – Rapport créé le 14/09/2013 à 15:06:07
# Mis à jour le 07/09/2013 par Xplode
# Système d'exploitation : Windows 8 Pro with Media Center (64 bits)
# Nom d'utilisateur : Stephane – STEPHANE-PC
# Exécuté depuis : C:UsersStephaneDesktopadwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\ Internet Explorer v10.0.9200.16688

-\ Mozilla Firefox v

[ Fichier : C:UsersStephaneAppDataRoamingMozillaFirefoxProfiles583ud1r0.defaultprefs.js ]

-\ Google Chrome v29.0.1547.66

[ Fichier : C:UsersStephaneAppDataLocalGoogleChromeUser DataDefaultpreferences ]

*************************

AdwCleaner[R0].txt – [934 octets] – [14/09/2013 15:05:02]
AdwCleaner[S0].txt – [856 octets] – [14/09/2013 15:06:07]

########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [915 octets] ##########[/spoiler:izilwu4b]
ZHPDiag:
[spoiler:izilwu4b]~ Rapport de ZHPDiag v2013.9.14.26 – Nicolas Coolman (14/09/2013)
~ Lancé par Stephane (14/09/2013 15:17:58)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

—\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16688
GCIE: Google Chrome v29.0.1547.66 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Business Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : VMFFQ
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

—\ Logiciels d'optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Java 7 Update 40

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4085 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 26 GB (43%) free of 60 GB

—\ Mode de connexion au système
~ Computer Name: STEPHANE-PC
~ User Name: Stephane
~ All Users Names: Stephane, openpgsvc, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d'environnement
~ System Unit : C:
~ %AppData% : C:UsersStephaneAppDataRoaming
~ %Desktop% : C:UsersStephaneDesktop
~ %Favorites% : C:UsersStephaneFavorites
~ %LocalAppData% : C:UsersStephaneAppDataLocal
~ %StartMenu% : C:UsersStephaneAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 26 Go of 60 Go)
D: Hard drive, Flash drive, Thumb drive (Free 306 Go of 406 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Hard drive, Flash drive, Thumb drive (Free 373 Go of 931 Go)
M: Floppy drive, Flash card reader, USB Key (Free 8 Go of 30 Go)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
~ Security Center: 34 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] – (.Microsoft Corporation – Explorateur Windows.) (.01/06/2013 – 12:34:21.) — C:WindowsExplorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] – (.Microsoft Corporation – Application de démarrage de Windows.) (.26/07/2012 – 04:08:50.) — C:WindowsSystem32Wininit.exe [132608]
[MD5.6DBE239FF1C9650A794C974B8C7913D7] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.21/08/2013 – 05:12:06.) — C:WindowsSystem32wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/10/2012 – 06:46:58.) — C:WindowsSystem32Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] – (.Microsoft Corporation – Bibliothèque de licences.) (.26/07/2012 – 04:07:20.) — C:WindowsSystem32sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.06/11/2012 – 04:53:44.) — C:Windowssystem32DriversAFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.26/07/2012 – 06:00:48.) — C:Windowssystem32Driversatapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] – (.Microsoft Corporation – CD-ROM File System Driver.) (.26/07/2012 – 03:30:10.) — C:Windowssystem32DriversCdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.26/07/2012 – 03:26:36.) — C:Windowssystem32DriversCdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.26/07/2012 – 03:26:53.) — C:Windowssystem32DriversDfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/09/2012 – 07:08:44.) — C:Windowssystem32DriversHDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] – (.Microsoft Corporation – Pilote de port i8042.) (.26/07/2012 – 03:28:51.) — C:Windowssystem32Driversi8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] – (.Microsoft Corporation – IP Network Address Translator.) (.26/07/2012 – 03:23:01.) — C:Windowssystem32DriversIpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.05/02/2013 – 23:29:09.) — C:Windowssystem32DriversMRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] – (.Microsoft Corporation – MBT Transport driver.) (.26/07/2012 – 03:24:28.) — C:Windowssystem32DriversnetBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.02/02/2013 – 11:54:54.) — C:Windowssystem32Driversntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] – (.Microsoft Corporation – Pilote de port parallèle.) (.26/07/2012 – 03:29:53.) — C:Windowssystem32DriversParport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.26/07/2012 – 03:23:17.) — C:Windowssystem32DriversRasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 – 03:25:18.) — C:Windowssystem32Driversrdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] – (.Microsoft Corporation – TDI Translation Driver.) (.26/07/2012 – 06:26:47.) — C:Windowssystem32Driverstdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.01/06/2013 – 12:26:33.) — C:Windowssystem32Driversvolsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/5
Mes Documents (My Documents) : 2/2 (Modified)
~ Mon Bureau (My Desktop) : 1/2033
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s

—\ Processus lancés
[MD5.D213F06AE294341F3503FD74E22E7DDA] – (.Microsoft Corporation – Microsoft SkyDrive.) — C:UsersStephaneAppDataLocalMicrosoftSkyDriveSkyDrive.exe [257136] [PID.3764]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.3892]
[MD5.D15FE044EF9776466FBA00D7FBD7B7B6] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [7953408] [PID.752]
~ Processes Running: Scanned in 00mn 00s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersStephaneAppDataLocalGoogleChromeUser DataDefaultPreferences
G0 – GCSP: Preference [User DataDefault][HomePage] file:///D:/Divers/Page%20accueil/liens_utiles.html
G0 – GCSP: Preference [User DataDefault] file:///D:/Divers/Page%20accueil/liens_utiles.html” ]
G2 – GCE: Preference [User DataDefault] [aapocclcgogkmnckokdopfmhonfmgoek] Présentations Google v.0.6 (Désactivé)
G2 – GCE: Preference [User DataDefault] [ealjoljnibpdkocmldliaoojpgdkcdob] Slick RSS v.2.993 (Désactivé)
G2 – GCE: Preference [User DataDefault] [eoieeedlomnegifmaghhjnghhmcldobl] Google Apps Script v.1.3 (Désactivé)
G2 – GCE: Preference [User DataDefault] [felcaaldnbdncclmgdcncolpebgiejap] Feuilles de calcul Google v.0.6 (Désactivé)
G2 – GCE: Preference [User DataDefault] [jhknlonaankphkkbnmjdlpehkinifeeg] Formulaires Google v.0.5 (Désactivé)
G2 – GCE: Preference [User DataDefault] [mkaakpdehdafacodkgkpghoibnmamcme] Dessins Google v.0.8 (Désactivé)
G2 – GCE: Preference [User DataDefault] [mpajmofiejfjgeaakelmjklenjaekppa] Slick RSS : Feed Finder v.1.3 (Désactivé)
G2 – GCE: Preference [User DataDefault] [ohcpnigalekghcmgcdcenkpelffpdolg] ColorPick Eyedropper v.0.0.1.73, (Désactivé)
~ Google Browser: 27 Legitimates Filtered in 00mn 09s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Stephane]: Calculette.lnk . (.Microsoft Corporation – Calculatrice de Windows.) — C:WindowsSystem32calc.exe
O4 – GSDesktop [Stephane]: DiskDefrag.lnk . (.LiberKey.com – LiberKey Launcher – Auslogics Disk Defrag.) — D:LiberKeyAppsDiskDefragDiskDefragLKL.exe
O4 – GSDesktop [Stephane]: eclipse.lnk . (…) — C:WebAppseclipseeclipse.exe
O4 – GSDesktop [Stephane]: Excel 2013.lnk . (…) — C:Program Files (x86)Microsoft OfficeOffice15EXCEL.exe (.not file.)
O4 – GSDesktop [Stephane]: Frozen Throne.lnk . (.Blizzard Entertainment – Frozen Throne.) — D:DiversWarcraft 3Frozen Throne.exe
O4 – GSDesktop [Stephane]: Onenote 2013.lnk . (…) — C:Program Files (x86)Microsoft OfficeOffice15ONENOTE.exe (.not file.)
O4 – GSDesktop [Stephane]: Powerpoint 2013.lnk . (…) — C:Program Files (x86)Microsoft OfficeOffice15POWERPNT.exe (.not file.)
O4 – GSDesktop [Stephane]: Publisher 2013.lnk . (…) — C:Program Files (x86)Microsoft OfficeOffice15MSPUB.exe (.not file.)
O4 – GSDesktop [Stephane]: RocketDock.lnk . (.LiberKey.com – RocketDock – LiberKey Portable Edition.) — D:LiberKeyAppsRocketDockRocketDockLKL.exe
O4 – GSDesktop [Stephane]: uTorrent.lnk . (.PortableApps.com – uTorrent Portable (PortableApps.com Launche.) — D:PortableAppsPortableAppsuTorrentPortableuTorrentPortable.exe =>P2P.µTorrent
O4 – GSDesktop [Stephane]: Word 2013.lnk . (…) — C:Program Files (x86)Microsoft OfficeOffice15WINWORD.exe (.not file.)
~ Global Startup: 41 Legitimates Filtered in 00mn 00s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSStartup [Stephane]: uTorrent.lnk . (.PortableApps.com – uTorrent Portable (PortableApps.com Launche.) — D:PortableAppsPortableAppsuTorrentPortableuTorrentPortable.exe =>P2P.µTorrent
O4 – HKLM..Run: [EvtMgr6] . (.Logitech, Inc. – Logitech SetPoint Event Manager (UNICODE).) — C:Program FilesLogitechSetPointPSetPoint.exe
O4 – HKCU..Run: [SkyDrive] . (.Microsoft Corporation – Microsoft SkyDrive.) — C:UsersStephaneAppDataLocalMicrosoftSkyDriveSkyDrive.exe
O4 – HKCU..Run: [44A055D50C91D88E167AF0F93D8BE6A7764CC2A5._service_run] . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – HKCU..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2003.1112amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKCU..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2006.0314amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKCU..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2010.0530amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKCU..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2011.0627amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
O4 – HKUSS-1-5-21-2336812399-1731229822-2358142557-1001..Run: [SkyDrive] . (.Microsoft Corporation – Microsoft SkyDrive.) — C:UsersStephaneAppDataLocalMicrosoftSkyDriveSkyDrive.exe
O4 – HKUSS-1-5-21-2336812399-1731229822-2358142557-1001..Run: [44A055D50C91D88E167AF0F93D8BE6A7764CC2A5._service_run] . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – HKUSS-1-5-21-2336812399-1731229822-2358142557-1001..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2003.1112amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKUSS-1-5-21-2336812399-1731229822-2358142557-1001..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2006.0314amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKUSS-1-5-21-2336812399-1731229822-2358142557-1001..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2010.0530amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
O4 – HKUSS-1-5-21-2336812399-1731229822-2358142557-1001..RunOnce: [Uninstall C:UsersStephaneAppDataLocalMicrosoftSkyDrive17.0.2011.0627amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program Files (x86)MICROS~1Office15ONBttnIE.dll
O9 – Extra button: Cliquer pour appeler Lync [64Bits] – {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation – Microsoft Lync.) — C:Program FilesMicrosoft OfficeOffice15lync.exe
O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program Files (x86)MICROS~1Office15ONBTTN~1.dll
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{121E2325-2B75-4EA6-B97E-2B8210069BB9}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpip..{4640E17B-57BA-44AB-94BB-138084425BF6}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{121E2325-2B75-4EA6-B97E-2B8210069BB9}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{4640E17B-57BA-44AB-94BB-138084425BF6}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll
O18 – Filter: text/xml [64Bits] – {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE15MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: LBTWlgn . (.Logitech, Inc. – Logitech Bluetooth Service.) — c:program filescommon fileslogishrdbluetoothLBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 02/08/2013 – 18:36:44 – [0] —-D C:UsersStephaneAppDataRoamingReg
~ Program Folder: 116 Legitimates Filtered in 00mn 15s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.90ECD2FBB45C15F02D551022C83F47A8] – 14/09/2013 – 13:38:27 —A- . (…) — C:UsbFix [Clean 2] STEPHANE-PC.txt [10202]
O44 – LFC:[MD5.DC439458E80BFB2160FBD1212E3BE2A4] – 14/09/2013 – 12:50:36


. (…) — C:UsbFix [Scan 1] STEPHANE-PC.txt [5675]
O44 – LFC:[MD5.2CE63B3A60C54BF7421B090429C286B0] – 11/09/2013 – 19:45:17 —A- . (…) — C:WindowsSysNativeApnDatabase.xml [387583]
O44 – LFC:[MD5.2CE63B3A60C54BF7421B090429C286B0] – 11/09/2013 – 19:45:17 RSHAD . (…) — C:WindowsSystem32ApnDatabase.xml [387583]
~ Files: 157 Legitimates Filtered in 00mn 07s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 03/11/2133 – 15:32:54 – C:WindowsPrefetchReadyBoot
O45 – LFCP:[MD5.06D5A50CDCFD9F6EEDC808D10C74C8C3] – 07/09/2013 – 00:01:49 —A- – C:WindowsPrefetchVLCPORTABLE.EXE-38719A76.pf
O45 – LFCP:[MD5.EC5FF60A7304710497C717B28588CD36] – 07/09/2013 – 18:10:26 —A- – C:WindowsPrefetchSYSTEMSETTINGS.EXE-6069CEA4.pf
O45 – LFCP:[MD5.40A8148578C1FAB7B02B34A519226D4C] – 07/09/2013 – 20:16:28 —A- – C:WindowsPrefetchPHOTOREC_WIN.EXE-52670C85.pf
O45 – LFCP:[MD5.ACE0DE960B467E0645E664CD8A39AEAC] – 07/09/2013 – 23:18:58 —A- – C:WindowsPrefetchTESTDISK_WIN.EXE-F4708F00.pf
O45 – LFCP:[MD5.3C6B3DE9D2A03B1063A1411F90EA1A0F] – 11/09/2013 – 16:02:04 —A- – C:WindowsPrefetchSKYPEWEBPLUGIN.EXE-B3ABD20B.pf
O45 – LFCP:[MD5.8871E3A2B4FAA21788A80AA680C2751D] – 11/09/2013 – 17:14:35 —A- – C:WindowsPrefetchdynreservedpri.db
O45 – LFCP:[MD5.81E740A4D2C2024468D28042CB93E791] – 13/09/2013 – 23:58:28 —A- – C:WindowsPrefetchXCOPY.EXE-1DC50843.pf
O45 – LFCP:[MD5.2FBDEF25024A8549F0582282AE7C5D3D] – 14/09/2013 – 00:16:00 —A- – C:WindowsPrefetchADB.EXE-B19EED67.pf
O45 – LFCP:[MD5.4A51545B1ED3E7DE1AC392CCBF80B4AF] – 14/09/2013 – 01:11:33 —A- – C:WindowsPrefetch7-ZIPPORTABLE.EXE-F352122A.pf
O45 – LFCP:[MD5.46CEA8F9A85937537F1DEF52DFE53218] – 14/09/2013 – 01:42:27 —A- – C:WindowsPrefetchEMULATOR-ARM.EXE-9C29D158.pf
O45 – LFCP:[MD5.C21E8FBF976E0B6B4F6F475E3C14F271] – 14/09/2013 – 01:42:27 —A- – C:WindowsPrefetchEMULATOR.EXE-7C5BB70F.pf
O45 – LFCP:[MD5.1312DBCA347B6F74A76EF140D783E409] – 14/09/2013 – 01:44:57 —A- – C:WindowsPrefetchAAPT.EXE-F139F54B.pf
O45 – LFCP:[MD5.10DA4E85A1DE658BD0ACE664D0E83B53] – 14/09/2013 – 01:44:59 —A- – C:WindowsPrefetchZIPALIGN.EXE-7E985B10.pf
O45 – LFCP:[MD5.0C34275CF56179D31C747D11D7817055] – 14/09/2013 – 12:34:12 —A- – C:WindowsPrefetchMPC-HC64.EXE-D0F48C48.pf
O45 – LFCP:[MD5.B5C485B369475232F4788E780182CEE9] – 14/09/2013 – 12:39:30 —A- – C:WindowsPrefetchROCKETDOCKLKL.EXE-922D0320.pf
O45 – LFCP:[MD5.5D58AA40601A8AC58F1CB82DE379CD06] – 14/09/2013 – 13:33:50 —A- – C:WindowsPrefetchGO.EXE-0A7DE786.pf
O45 – LFCP:[MD5.6B4F50E985504CFA7FB92ED7059A7089] – 14/09/2013 – 13:55:20 —A- – C:WindowsPrefetchCNMSE83.EXE-C8F5C1E2.pf
O45 – LFCP:[MD5.9E952BE9489B012ECE84EBDD15DE6D83] – 14/09/2013 – 13:58:14 —A- – C:WindowsPrefetchUTORRENTPORTABLE.EXE-7199A5C2.pf =>P2P.µTorrent
O45 – LFCP:[MD5.6D9C7CED5792EEBD82D2775BC887DF7C] – 14/09/2013 – 13:58:21 —A- – C:WindowsPrefetchSETPOINT.EXE-3D9C2601.pf
O45 – LFCP:[MD5.192C69509564FBC4DE07FE6BD81371E1] – 14/09/2013 – 13:58:30 —A- – C:WindowsPrefetchCSISYN~1.EXE-524EB4DF.pf
O45 – LFCP:[MD5.458A71E74F3708C7900DB5A2B8F86F58] – 14/09/2013 – 14:15:17 —A- – C:WindowsPrefetchNOTEPAD++PORTABLE.EXE-8A3C17EE.pf
O45 – LFCP:[MD5.FF40E25A85F7D171AF2D543EAF2CB5DD] – 17/08/2013 – 13:57:30 —A- – C:WindowsPrefetchBETASERIESW8.EXE-38BE0D70.pf
~ Prefetcher: 217 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.B9430166FEB246F6070A62B3554932C9] – 19/09/2012 – 10:02:08 . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG USB Composite Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudbus.sys [102368]
~ Drivers: 17 Legitimates Filtered in 00mn 02s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 11/09/2013 – 21:41:49 —A- . (…) — C:UsersStephane.androidddms.cfg [121]
O61 – LFC: 11/09/2013 – 22:48:52 —A- . (…) — C:UsersStephane.androidadbkey [1704]
O61 – LFC: 11/09/2013 – 22:48:52 —A- . (…) — C:UsersStephane.androidadbkey.pub [716]
O61 – LFC: 11/09/2013 – 23:37:23 —A- . (…) — C:UsersStephane.androidsites-settings.cfg [675]
O61 – LFC: 12/09/2013 – 00:55:42 —A- . (…) — C:UsersStephane.androiddebug.keystore [2146]
O61 – LFC: 13/09/2013 – 21:16:29 —A- . (…) — C:UsersStephane.androidavdtest.avduserdata.img [4048704]
O61 – LFC: 13/09/2013 – 21:16:43 —A- . (…) — C:UsersStephane.androidandroidtool.cfg [90]
O61 – LFC: 13/09/2013 – 21:16:44 —A- . (…) — C:UsersStephane.androiddefault.keyset [784]
O61 – LFC: 13/09/2013 – 21:16:45 —A- . (…) — C:UsersStephane.androidavdtest.avdcache.img [0]
O61 – LFC: 13/09/2013 – 21:16:49 —A- . (…) — C:UsersStephane.androidavdtest.avduserdata-qemu.img [4048704]
O61 – LFC: 14/09/2013 – 00:12:17 —A- . (…) — C:UsersStephane.androidandroidwin.cfg [201]
O61 – LFC: 14/09/2013 – 00:12:17 —A- . (…) — C:UsersStephane.androidrepositories.cfg [83]
O61 – LFC: 14/09/2013 – 01:42:27 —A- . (…) — C:UsersStephane.androidavdtest.avdcache.img.lockpid [4]
O61 – LFC: 14/09/2013 – 01:42:27 —A- . (…) — C:UsersStephane.androidavdtest.avdhardware-qemu.ini.lockpid [4]
O61 – LFC: 14/09/2013 – 01:42:27 —A- . (…) — C:UsersStephane.androidavdtest.avduserdata-qemu.img.lockpid [4]
O61 – LFC: 14/09/2013 – 12:34:11 —A- . (…) — C:UsersStephaneAppDataRoamingMedia Player Classicdefault.mpcpl [64]
O61 – LFC: 14/09/2013 – 12:46:11 —A- . (…) — C:UsersStephaneAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [263374]
O61 – LFC: 14/09/2013 – 13:56:16 —A- . (…) — C:UsersStephaneAppDataLocalGoogleChromeUser DataLocal State [44320]
O61 – LFC: 14/09/2013 – 13:56:17 —A- . (…) — C:UsersStephaneAppDataLocalGoogleChromeUser Datachrome_shutdown_ms.txt [4]
~ 26 Fichiers temporaires (Temporary files)
~ Files: 488 Legitimates Filtered in 00mn 14s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – SosVirus.net.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1
~ ADS: Scanned in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] ${searchCLSID} – (@ieframe.dll,-12512) – http://search.live.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3BF79E6868B44D3ADB2796BA99521891] [SPRF][07/09/2013] (…) — C:UsersStephaneAppDataLocalTempQuarantine.exe [344583]
[MD5.720CBF9C4E60540122BED3EA8CC0EAAC] [SPRF][14/09/2013] (…) — C:UsersStephaneDesktopadwcleaner.exe [1037278]
~ Files: 5 Legitimates Filtered in 00mn 00s

—\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Auto 22/01/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 22/01/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) – C:Program FilesCommon FilesLogiShrdBluetoothlbtserv.exe
SS – | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
SS – | Demand 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe
SR – | Demand 20/09/2012 29696 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 03s

—\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Stephane at 14/09/2013 15:21:43
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s

—\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
Run by Stephane at 14/09/2013 15:21:45

********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

—\ Scan Additionnel (O88)
Database Version : 12917 – (14/09/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 173875 Items scanned in 00mn 16s

~ 1603 Legitimates filtered by white list
End of the scan (395 lines in 04mn 02s)(0)[/spoiler:izilwu4b]

Et encore merci à toi de prendre de ton Samedi pour moi ! :)