Cheval de troie : virus apparaît aussitôt et m'invite à acheter security (résolu)

aureliejuliette aureliejuliette
61 contributions
Membre depuis le 10/03/2010
Envoyé le 08/04/2013 à 18:08 Modifié par Modération


Bonjour,
j'ai un trojan et je ne peux plus rien faire : il me propose toujours security à acheter ?
merci par avance.



J_D J_D
10 736 contributions
Membre depuis le 12/11/2001
Envoyé le 08/04/2013 à 18:15


Bonjour,
Je déplace dans sécurité et Virus, attends d'avoir les instructions de la personne qui prend en charge les désinfections !
Je ne réponds pas aux messages privés non sollicités ! C'est pas toujours facile...
loumax91 loumax91
99 contributions
Membre depuis le 16/03/2013
Envoyé le 08/04/2013 à 19:03


Bonjour,

Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :

• Télécharge ZHPDiag (de Nicolas Coolman)
• Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en tant qu'administrateur)
• Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)
• Il se lancera automatiquement à la fin de l'installation
• Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
• Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
• Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

"Celui qui aime à apprendre est bien près du savoir" (Confucius)
aureliejuliette aureliejuliette
61 contributions
Membre depuis le 10/03/2010
Envoyé le 08/04/2013 à 20:38


Bonjour,
le souci c'est que je ne peux pas accéder à Internet, le virus apparaît aussitôt !


loumax91 loumax91
99 contributions
Membre depuis le 16/03/2013
Envoyé le 08/04/2013 à 21:43


Manifestement tu as affaire à un rogue, c'est à dire un faux logiciel de sécurité annonçant la présence de fausses infections pour te faire peur et te pousser à acheter une fausse protection (plus d'infos ici)... Ignore les fausses alertes du rogue, et ne l'achète surtout pas, je vais t'aider à t'en débarrasser.
_________________________________________________________________

Pour commencer utilise l'outil ci-dessous, tu le télécharge depuis un autre ordinateur et le glisse sur une clé USB, tu ouvre la clé USB avec l'ordinateur infecté et tu glisse RogueKiller sur le bureau, ensuite suis la procédure :

  • Télécharger sur le bureau RogueKiller (par tigzy)
  • Quitter tous les programmes en cours
  • Lancer RogueKiller.exe
  • Attendre la fin du Prescan ...
  • Cliquer sur Suppression. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse

Pour t'aider


"Celui qui aime à apprendre est bien près du savoir" (Confucius)
aureliejuliette aureliejuliette
61 contributions
Membre depuis le 10/03/2010
Envoyé le 09/04/2013 à 01:50


Bonjour,
merci beaucoup pour ces infos, je ne ferai la manip que dans deux jours car je vais être absente.


aureliejuliette aureliejuliette
61 contributions
Membre depuis le 10/03/2010
Envoyé le 09/04/2013 à 22:14


Bonjour,
j'ai téléchargé Roguekiller et je l'ai installé sur le pc infesté.
quand j'ai voulu lancer exe, une fenêtre s'ouvre me disant que roguekiller est infecté comme pour tous les autres docs.
merci par avance.


loumax91 loumax91
99 contributions
Membre depuis le 16/03/2013
Envoyé le 09/04/2013 à 22:52


Ne tiens pas compte de cette alerte (tu ne crains rien), s'il le faut répète l'opération plusieurs fois jusqu'à ce que RogueKiller se lance.

Si vraiment tu n'y arrive pas, essaies de le lancer en mode sans échec.

"Celui qui aime à apprendre est bien près du savoir" (Confucius)
aureliejuliette aureliejuliette
61 contributions
Membre depuis le 10/03/2010
Envoyé le 10/04/2013 à 10:50


Bonjour,
je t'adresse un rapport effectué sur un autre ordi qui présentait des aspects douteux. merci par avance.
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130410_j9r10l13y14s8

loumax91 loumax91
99 contributions
Membre depuis le 16/03/2013
Envoyé le 10/04/2013 à 11:57


Bonjour,

Pas mal d'infections sur ce PC, commence par ceci dans l'ordre :

  • Télécharger sur le bureau RogueKiller (par tigzy)
  • Quitter tous les programmes en cours
  • Lancer RogueKiller.exe
  • Attendre la fin du Prescan ...
  • Cliquer sur Suppression. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse

Pour t'aider

A suivre :
Utilise cet outil de désinfection spécifique aux logiciels publicitaires :

  • Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
  • Lance le puis clique sur [Suppression]. Sauvegarde tout travail en cours puis accepte la fermeture des programmes en cours d'exécution.
  • Patiente le temps du nettoyage.
  • Une fois le scan fini, il te sera proposé de redémarrer.
  • Au redémarrage du PC, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
  • Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt



"Celui qui aime à apprendre est bien près du savoir" (Confucius)
aureliejuliette aureliejuliette
61 contributions
Membre depuis le 10/03/2010
Envoyé le 10/04/2013 à 14:27


Bonjour, dois-je faire suppression ?
# AdwCleaner v1.606 - Rapport créé le 10/04/2013 à 14:18:40
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : utilisateur - MARINO-3C5608AD
# Exécuté depuis : D:\Mes documents\Downloads\AdwCleaner_1.606_En (1).exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Documents and Settings\utilisateur\Local Settings\Application Data\Conduit
Dossier Présent : C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\BabylonToolbar
Dossier Présent : C:\Documents and Settings\utilisateur\Application Data\Babylon
Dossier Présent : C:\Documents and Settings\utilisateur\Application Data\PriceGong
Dossier Présent : C:\Documents and Settings\All Users\Application Data\Babylon
Dossier Présent : C:\Documents and Settings\All Users\Application Data\SweetIM
Dossier Présent : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Dossier Présent : C:\Program Files\Babylon
Dossier Présent : C:\Program Files\Conduit
Dossier Présent : C:\Program Files\PricePeep
Dossier Présent : C:\Program Files\SweetIM

***** [Registre] *****

  • Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT3242339
    Clé Présente : HKCU\Toolbar
    Clé Présente : HKCU\Software\BabylonToolbar
    Clé Présente : HKCU\Software\Conduit
    Clé Présente : HKCU\Software\ConduitSearchScopes
    Clé Présente : HKCU\Software\DataMngr
    Clé Présente : HKCU\Software\DataMngr_Toolbar
    Clé Présente : HKCU\Software\PriceGong
    Clé Présente : HKCU\Software\Smartbar
    Clé Présente : HKCU\Software\SweetIm
    Clé Présente : HKCU\Software\AppDataLow\Software\PricePeep
    Clé Présente : HKLM\SOFTWARE\Babylon
    Clé Présente : HKLM\SOFTWARE\Conduit
    Clé Présente : HKLM\SOFTWARE\DataMngr
    Clé Présente : HKLM\SOFTWARE\SweetIM
    Clé Présente : HKLM\SOFTWARE\Tarma Installer
    Clé Présente : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Clé Présente : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Clé Présente : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
    Clé Présente : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
    Clé Présente : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
    Clé Présente : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
    Clé Présente : HKLM\SOFTWARE\Classes\sim-packages
    Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
    Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
    Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
    Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]

    ***** [Registre - GUID] *****

    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
    Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v [Impossible d'obtenir la version]

    -\\ Google Chrome v26.0.1410.64

    Fichier : C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Présente : "explicit_host": [ "chrome://favicon/*", "hxxp://*.sweetim.com/*" ]
    Présente : "permissions": [ "tabs", "hxxp://*.sweetim.com/*", "bookmarks", "chrome://favicon/", [...]
    Présente : "update_url": "hxxp://www.sweetim.com/simgcbar/GCToolbarUpdate.xml",

    *************************

    AdwCleaner[R1].txt - [9577 octets] - [10/04/2013 14:14:06]
    AdwCleaner[R2].txt - [9512 octets] - [10/04/2013 14:18:40]

    ########## EOF - C:\AdwCleaner[R2].txt - [9640 octets] ##########



  • loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 10/04/2013 à 14:30


    Oui tu peux passer le mode Suppression, n'oublies pas RogueKiller.

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 10/04/2013 à 14:34


    Bonjour,

    merci pour la qualité et la rapidité de tes réponses.

    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 10/04/2013 à 21:33


    Bonjour,
    Voici le rapport de roguekiller après suppression.
    y a-t-il encore qqchose de suspect ?

    RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees :
    http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits
    version
    Demarrage : Mode normal
    Utilisateur : bureau [Droits d'admin]
    Mode : Recherche -- Date : 07/04/2013 23:07:37
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 3 ¤¤¤
    [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer
    (hxxp=127.0.0.1:7180) -> TROUVÉ
    [HJ DESK] HKCU\[...]\ClassicStartMenu :
    {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
    [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D}
    (1) -> TROUVÉ

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
    [Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] Dot4.sys : C:\WINDOWS\system32\drivers\Dot4.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ccdecode.sys : C:\WINDOWS\system32\drivers\ccdecode.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bdasup.sys : C:\WINDOWS\system32\drivers\bdasup.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] avc.sys : C:\WINDOWS\system32\drivers\avc.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] 61883.sys : C:\WINDOWS\system32\drivers\61883.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ac97via.sys : C:\WINDOWS\system32\drivers\ac97via.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] pcouffin.sys : C:\WINDOWS\system32\drivers\pcouffin.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] parport.sys : C:\WINDOWS\system32\drivers\parport.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] sdbus.sys : C:\WINDOWS\system32\drivers\sdbus.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ndisip.sys : C:\WINDOWS\system32\drivers\ndisip.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hdaudbus.sys : C:\WINDOWS\system32\drivers\hdaudbus.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] fltmgr.sys : C:\WINDOWS\system32\drivers\fltmgr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bthprint.sys : C:\WINDOWS\system32\drivers\bthprint.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] wstcodec.sys : C:\WINDOWS\system32\drivers\wstcodec.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] bthenum.sys : C:\WINDOWS\system32\drivers\bthenum.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ipfltdrv.sys : C:\WINDOWS\system32\drivers\ipfltdrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nwlnknb.sys : C:\WINDOWS\system32\drivers\nwlnknb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] atinbtxx.sys : C:\WINDOWS\system32\drivers\atinbtxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] tosdvd.sys : C:\WINDOWS\system32\drivers\tosdvd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] vdmindvd.sys : C:\WINDOWS\system32\drivers\vdmindvd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] nwrdr.sys : C:\WINDOWS\system32\drivers\nwrdr.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] imagedrv.sys : C:\WINDOWS\system32\drivers\imagedrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbprint.sys : C:\WINDOWS\system32\drivers\usbprint.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] imagesrv.sys : C:\WINDOWS\system32\drivers\imagesrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] irbus.sys : C:\WINDOWS\system32\drivers\irbus.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] irstusb.sys : C:\WINDOWS\system32\drivers\irstusb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ptserlp.sys : C:\WINDOWS\system32\drivers\ptserlp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mqac.sys : C:\WINDOWS\system32\drivers\mqac.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] rt73.sys : C:\WINDOWS\system32\drivers\rt73.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] vmodem.sys : C:\WINDOWS\system32\drivers\vmodem.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] RT2500.sys : C:\WINDOWS\system32\drivers\RT2500.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] vpctcom.sys : C:\WINDOWS\system32\drivers\vpctcom.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rasirda.sys : C:\WINDOWS\system32\drivers\rasirda.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] VX3000.sys : C:\WINDOWS\system32\drivers\VX3000.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] vvoice.sys : C:\WINDOWS\system32\drivers\vvoice.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] adildr.sys : C:\WINDOWS\system32\drivers\adildr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] e4ldr.sys : C:\WINDOWS\system32\drivers\e4ldr.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] e4usbaw.sys : C:\WINDOWS\system32\drivers\e4usbaw.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] viaide.sys : C:\WINDOWS\system32\drivers\viaide.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] GEARAspiWDM.sys :
    C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] usbscan.sys : C:\WINDOWS\system32\drivers\usbscan.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] SONYPVU1.SYS : C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] uagp35.sys : C:\WINDOWS\system32\drivers\uagp35.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mouhid.sys : C:\WINDOWS\system32\drivers\mouhid.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ssmdrv.sys : C:\WINDOWS\system32\drivers\ssmdrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] streamip.sys : C:\WINDOWS\system32\drivers\streamip.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] slip.sys : C:\WINDOWS\system32\drivers\slip.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] StMp3Rec.sys : C:\WINDOWS\system32\drivers\StMp3Rec.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] pcmcia.sys : C:\WINDOWS\system32\drivers\pcmcia.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ntfs.sys : C:\WINDOWS\system32\drivers\ntfs.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] nmnt.sys : C:\WINDOWS\system32\drivers\nmnt.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] nic1394.sys : C:\WINDOWS\system32\drivers\nic1394.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] nabtsfec.sys : C:\WINDOWS\system32\drivers\nabtsfec.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] mstee.sys : C:\WINDOWS\system32\drivers\mstee.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] msdv.sys : C:\WINDOWS\system32\drivers\msdv.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mpe.sys : C:\WINDOWS\system32\drivers\mpe.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] mf.sys : C:\WINDOWS\system32\drivers\mf.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] wpdusb.sys : C:\WINDOWS\system32\drivers\wpdusb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] irda.sys : C:\WINDOWS\system32\drivers\irda.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hidusb.sys : C:\WINDOWS\system32\drivers\hidusb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] gameenum.sys : C:\WINDOWS\system32\drivers\gameenum.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] usbccgp.sys : C:\WINDOWS\system32\drivers\usbccgp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] WudfPf.sys : C:\WINDOWS\system32\drivers\WudfPf.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] fssfltr_tdi.sys :
    C:\WINDOWS\system32\drivers\fssfltr_tdi.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] WudfRd.sys : C:\WINDOWS\system32\drivers\WudfRd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mbam.sys : C:\WINDOWS\system32\drivers\mbam.sys [-] -->
    TROUVÉ
    [Faked.Drv][FILE] USBAUDIO.sys : C:\WINDOWS\system32\drivers\USBAUDIO.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] avgntdd.sys : C:\WINDOWS\system32\drivers\avgntdd.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] avgntmgr.sys : C:\WINDOWS\system32\drivers\avgntmgr.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] mbamswissarmy.sys :
    C:\WINDOWS\system32\drivers\mbamswissarmy.sys [-] --> TROUVÉ
    [Faked.Drv][FILE] avipbb.sys : C:\WINDOWS\system32\drivers\avipbb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] avgntflt.sys : C:\WINDOWS\system32\drivers\avgntflt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] PxHelp20.sys : C:\WINDOWS\system32\drivers\PxHelp20.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] cvintdrv.sys : C:\WINDOWS\system32\drivers\cvintdrv.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] Camd905c.sys : C:\WINDOWS\system32\drivers\Camd905c.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] Capt905c.sys : C:\WINDOWS\system32\drivers\Capt905c.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] Dot4usb.sys : C:\WINDOWS\system32\drivers\Dot4usb.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] Dot4scan.sys : C:\WINDOWS\system32\drivers\Dot4scan.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] Dot4Prt.sys : C:\WINDOWS\system32\drivers\Dot4Prt.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] VIAAGP1.SYS : C:\WINDOWS\system32\drivers\VIAAGP1.SYS
    [-] --> TROUVÉ
    [Faked.Drv][FILE] viaidexp.sys : C:\WINDOWS\system32\drivers\viaidexp.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] rtl8139.sys : C:\WINDOWS\system32\drivers\rtl8139.sys
    [-] --> TROUVÉ
    [Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys
    [-] --> TROUVÉ

    ¤¤¤ Driver : [CHARGE] ¤¤¤
    SSDT[41] : NtCreateKey @ 0x805737EF -> HOOKED (Unknown @ 0xF8BD22F6)
    SSDT[53] : NtCreateThread @ 0x8057888D -> HOOKED (Unknown @ 0xF8BD22EC)
    SSDT[63] : NtDeleteKey @ 0x80595A22 -> HOOKED (Unknown @ 0xF8BD22FB)
    SSDT[65] : NtDeleteValueKey @ 0x80593642 -> HOOKED (Unknown @ 0xF8BD2305)
    SSDT[98] : NtLoadKey @ 0x805ADC0B -> HOOKED (Unknown @ 0xF8BD230A)
    SSDT[122] : NtOpenProcess @ 0x80574B29 -> HOOKED (Unknown @ 0xF8BD22D8)
    SSDT[128] : NtOpenThread @ 0x80590C64 -> HOOKED (Unknown @ 0xF8BD22DD)
    SSDT[193] : NtReplaceKey @ 0x8064FFD4 -> HOOKED (Unknown @ 0xF8BD2314)
    SSDT[204] : NtRestoreKey @ 0x8064FB69 -> HOOKED (Unknown @ 0xF8BD230F)
    SSDT[247] : NtSetValueKey @ 0x8057DA5B -> HOOKED (Unknown @ 0xF8BD2300)
    SSDT[257] : NtTerminateProcess @ 0x805857B9 -> HOOKED (Unknown @ 0xF8BD22E7)

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD1200JB-00GVC0 +++++
    --- User ---
    [MBR] 1be7f8313f362b0eec9bd276ca41f12a
    [BSP] 47a81aeedd9cfde5104f8d826c30040a : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 114470
    Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: QUANTUM FIREBALLP LM10.2 +++++
    --- User ---
    [MBR] 458b05ea09903d5369f71e3060e4c35a
    [BSP] 754f3d4ad0b5b8bf15d7ae62a2da314c : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 9726 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive2: Seagate FreeAgent USB Device +++++
    --- User ---
    [MBR] cbef5b9aea600020e0cefaae22b4fcd0
    [BSP] c5dd116113482641baa73e59e7212f5f : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Termine : << RKreport[1]_S_07042013_230737.txt >>
    RKreport[1]_S_07042013_230737.txt







    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 11/04/2013 à 08:19


    Bonjour,

    Oui encore un peu de boulot [:D]
    Poste aussi le rapport de Suppression d'AdwCleaner.
    ______________________________________________________

    Faire ceci dans l'ordre :
    ---------------->1
    • Quitter tous les programmes en cours
    • Lancer RogueKiller.exe
    • Attendre la fin du Prescan ...
    • Cliquer sur Suppression. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse


    ---------------->2
    • Quitter tous les programmes en cours
    • Lancer RogueKiller.exe
    • Attendre la fin du Prescan ...
    • Cliquer sur Proxy RAZ. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse

    Pour t'aider

    ---------------->3
    Utilise ce logiciel de désinfection généraliste :

    • Télécharge et installe Malwarebytes' Anti-Malware
    • A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
    • Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
    • Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
    • Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
    • A la fin de l'analyse, clique sur Afficher les résultats
    • Coche tous les éléments détectés puis clique sur Supprimer la sélection
    • Enregistre le rapport
    • S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
    • Poste dans ta prochaine réponse le rapport apparaissant après la suppression
    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 11/04/2013 à 13:43


    Bonjour,
    voici le rapport :
    )Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    www.malwarebytes.org

    Version de la base de données: v2013.04.11.06

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    utilisateur :: MARINO-3C5608AD [administrateur]

    Protection: Activé

    11/04/2013 12:28:49
    mbam-log-2013-04-11 (12-28-49).txt

    Type d'examen: Examen complet (C:\|D:\|G:\|)
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 307299
    Temps écoulé: 55 minute(s), 16 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)



    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 11/04/2013 à 15:02


    Yep,

    Poste aussi les deux rapports de RogueKiller stp, Suppression et Proxy RAZ.
    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 11/04/2013 à 19:31


    Bonjour,
    voici les derniers rapports :
    RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur : utilisateur [Droits d'admin]
    Mode : Recherche -- Date : 11/04/2013 18:43:26
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [CHARGE] ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD3200AAJS-60Z0A0 +++++
    --- User ---
    [MBR] 31e44f7757e92284211b1af1dee3feb7
    [BSP] fdc9a18f6fb593395a327f7a863eaab8 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 149997 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307195904 | Size: 155245 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Termine : << RKreport[1]_S_11042013_184326.txt >>
    RKreport[1]_S_11042013_184326.txt


    RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur : utilisateur [Droits d'admin]
    Mode : Suppression -- Date : 11/04/2013 18:44:58
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [CHARGE] ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD3200AAJS-60Z0A0 +++++
    --- User ---
    [MBR] 31e44f7757e92284211b1af1dee3feb7
    [BSP] fdc9a18f6fb593395a327f7a863eaab8 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 149997 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307195904 | Size: 155245 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Termine : << RKreport[2]_D_11042013_184458.txt >>
    RKreport[1]_S_11042013_184326.txt ; RKreport[2]_D_11042013_184458.txt



    RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur : utilisateur [Droits d'admin]
    Mode : Proxy RAZ -- Date : 11/04/2013 18:45:07
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Driver : [CHARGE] ¤¤¤

    Termine : << RKreport[3]_PR_11042013_184507.txt >>
    RKreport[1]_S_11042013_184326.txt ; RKreport[2]_D_11042013_184458.txt ; RKreport[3]_PR_11042013_184507.txt



    RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur : utilisateur [Droits d'admin]
    Mode : Proxy RAZ -- Date : 11/04/2013 18:45:07
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Driver : [CHARGE] ¤¤¤

    Termine : << RKreport[3]_PR_11042013_184507.txt >>
    RKreport[1]_S_11042013_184326.txt ; RKreport[2]_D_11042013_184458.txt ; RKreport[3]_PR_11042013_184507.txt



    RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur : utilisateur [Droits d'admin]
    Mode : Proxy RAZ -- Date : 11/04/2013 18:45:07
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Driver : [CHARGE] ¤¤¤

    Termine : << RKreport[3]_PR_11042013_184507.txt >>
    RKreport[1]_S_11042013_184326.txt ; RKreport[2]_D_11042013_184458.txt ; RKreport[3]_PR_11042013_184507.txt

    Rapport de ZHPDiag v2013.4.9.53 par Nicolas Coolman, Update du 09/04/2013
    Run by utilisateur at 11/04/2013 18:46:40
    State : Nouvelle version disponible
    High Elevated Privileges : OK
    UAC : Not Found


    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.18702
    GCIE: Google Chrome v26.0.1410.64 (Defaut)

    ---\\ Windows Product Information
    ~ Langage: Français
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Windows Automatic Updates : OK
    Windows Genuine Advantage : KO

    ---\\ System Protection

    ---\\ System Information
    ~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1023 MB (31% free)
    System Restore: Activé (Enable)
    System drive C: has 115 GB (78%) free of 146 GB

    ---\\ Logged in mode
    ~ Computer Name: MARINO-3C5608AD
    ~ User Name: utilisateur
    ~ All Users Names: utilisateur, SUPPORT_388945a0, HelpAssistant, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Documents and Settings\utilisateur\Application Data\
    ~ %Desktop% : C:\Documents and Settings\utilisateur\Bureau\
    ~ %Favorites% : C:\Documents and Settings\utilisateur\Favoris\
    ~ %LocalAppData% : C:\Documents and Settings\utilisateur\Local Settings\Application Data\
    ~ %StartMenu% : C:\Documents and Settings\utilisateur\Menu Démarrer\
    ~ %Windir% : C:\WINDOWS\
    ~ %System% : C:\WINDOWS\system32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 115 Go of 146 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 119 Go of 152 Go)
    E:\ CD-ROM drive (Not Inserted)
    F:\ CD-ROM drive (Not Inserted)
    G:\ Hard drive, Flash drive, Thumb drive (Free 278 Go of 298 Go)
    H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
    [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
    ~ Security Center: Scanned in 00mn 00s



    ---\\ Recherche particulière de fichiers génériques
    [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
    [MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
    [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
    [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
    [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
    [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
    [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
    [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
    [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
    [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
    [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
    [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
    [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
    [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
    [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
    [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
    [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
    [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
    [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
    ~ Generic Processes: Scanned in 00mn 00s



    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 5/7778
    ~ Mes musiques (My Musics) : 1/11
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 3/69
    ~ Mes Documents (My Documents) : 5/8944
    ~ Mon Bureau (My Desktop) : 0/60
    ~ Menu demarrer (Programs) : 1/33
    ~ Hidden Files: Scanned in 00mn 15s



    ---\\ Processus lancés
    [MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1332]
    [MD5.DE5D05FD449798EF88CC34AD4B1E7F85] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153352] [PID.1100]
    [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.164]
    [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.404]
    [MD5.2E6ED9FE65A9B3EC606603ED0F33DD7D] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\WINDOWS\system32\nvsvc32.exe [146024] [PID.440]
    [MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.492]
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2880]
    [MD5.F0EEED52FC29BEC6E917CAB2788148B2] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe [68096] [PID.2572]
    [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\RUNDLL32.exe [0] [PID.1132]
    [MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.3296]
    [MD5.84EEB34CEF30CBB4992D8332F818A4B3] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe [98304] [PID.3488]
    [MD5.D5BC63D2822B8E244E53D2FF8078CC6B] - (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [69632] [PID.3580]
    [MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.3948]
    [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.3088]
    [MD5.59380D1808A83AA4150F550F45BEE3A9] - (.Pas de propriétaire - hpgs2wnf Module.) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe [77824] [PID.1676]
    [MD5.5E118E606E2AF56419A699210DFCF450] - (.Dropbox, Inc. - Dropbox.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe [29106336] [PID.2380]
    [MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11322880] [PID.3240]
    [MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11314688] [PID.3252]
    [MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.4080]
    [MD5.7E52CC3AE4C554DABDAB096157F367FF] - (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe [60416] [PID.3672]
    [MD5.B588979D6910F9BE2D244FCBE2111DBF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6620160] [PID.2756]
    ~ Processes Running: Scanned in 00mn 04s



    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
    G1 - GCS: Preference [User Data\Default] None
    ~ Google Browser: Scanned in 00mn 00s



    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    ~ Firefox Browser: 9 Legitimates Scanned in 00mn 00s



    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com =>Toolbar.DeltaSearch
    R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wuuta.com
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.delta-search.com =>Toolbar.DeltaSearch
    ~ IE Browser: 12 Legitimates Scanned in 00mn 00s



    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s



    ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
    F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
    ~ Keys: Scanned in 00mn 00s



    ---\\ Redirection du fichier Hosts (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20



    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: WiseConvert 1.5 - {19803860-b306-423c-bbb5-f60a7d82cde5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5\prxtbWise.dll =>Toolbar.Conduit
    O2 - BHO: SpeedAnalysis.com - {45564571-A21B-48ED-B584-69752EEE9C3D} . (.SpeedAnalysis.com - ScriptHost.) -- C:\Program Files\SpeedAnalysis.com\ScriptHost.dll
    O2 - BHO: Smiley Bar for Facebook - {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} . (.Plus Winks - ScriptHost.) -- C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll
    O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} . (.XingHao Software - LyricsPal.) -- C:\Program Files\XingHaoLyrics\lrcspal.dll
    O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll =>Toolbar.DeltaSearch
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    ~ BHO: 12 Legitimates Scanned in 00mn 01s



    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: EPSON Web-To-Page - [HKLM]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: WiseConvert 1.5 Toolbar - [HKLM]{19803860-b306-423c-bbb5-f60a7d82cde5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5\prxtbWise.dll =>Toolbar.Conduit
    O3 - Toolbar: Delta Toolbar - [HKLM]{82E1477C-B154-48D3-9891-33D83C26BCD3} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll =>Toolbar.DeltaSearch
    ~ Toolbar: Scanned in 00mn 00s



    ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
    O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
    O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
    O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
    O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe
    O4 - HKLM\..\Run: [zzzHPSETUP] F:\Setup.exe (.not file.)
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] . (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-21-1078081533-1788223648-839522115-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-1078081533-1788223648-839522115-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    ~ Application: Scanned in 00mn 00s



    ---\\ Autres liens utilisateurs (O4)
    O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
    O4 - GS\Programs: Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA - Registration Wizard for Readiris 5.0.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\DocProc\regipe.exe
    O4 - GS\Programs: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
    O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
    O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
    O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
    O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    ~ Global Startup: Scanned in 00mn 01s



    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
    O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    ~ IE Extra Buttons: Scanned in 00mn 00s



    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    ~ Winsock: 3 Legitimates Scanned in 00mn 00s



    ---\\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} ((no name)) - http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    ~ Objets ActiveX: Scanned in 00mn 00s



    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s



    ---\\ Protocole additionnel (O18)
    O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll
    ~ Protocole Additionnel: Scanned in 00mn 00s



    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
    O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    ~ Winlogon: Scanned in 00mn 00s



    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    ~ SSODL: 5 Legitimates Scanned in 00mn 00s



    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
    ~ Services: 8 Legitimates Scanned in 00mn 08s



    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



    ---\\ BootExecute (O34)
    ~ BEX: 1 Legitimates Scanned in 00mn 00s



    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsPal Update.job [394]
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SyncBack mesdocuments.job [446]
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SyncBack outlook express.job [452]
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SyncBack Sauvegarde sur disque externe.job [480]
    ~ Scheduled Task: 9 Legitimates Scanned in 00mn 00s



    ---\\ Composants installés (ActiveSetup Installed Components) (O40)
    ~ Active Setup: 21 Legitimates Scanned in 00mn 00s



    ---\\ Pilotes lancés au démarrage (O41)
    ~ Drivers: 63 Legitimates Scanned in 00mn 00s



    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Reader X (10.1.6) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
    O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Toolbar.Babylon
    O42 - Logiciel: Delta Chrome Toolbar - (.Visual Tools.) [HKLM] -- Delta Chrome Toolbar
    O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM] -- delta
    O42 - Logiciel: Guide d'utilisation ESPR240 - (...) [HKLM] -- Guide d'utilisation ESPR240
    O42 - Logiciel: Jet - (.Performersoft.) [HKCU] -- Jet
    O42 - Logiciel: Lidl-Photos FR - (...) [HKLM] -- Lidl-Photos FR
    O42 - Logiciel: LyricsPal - (.XingHao Software.) [HKLM] -- lrcspal@xinghao.net
    O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
    O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
    O42 - Logiciel: SweetPacks Updater - (...) [HKLM] -- WNLT =>PUP.SweetIM
    O42 - Logiciel: ULi AGP Driver - (...) [HKLM] -- {0DD0650C-5113-4FEE-BDDA-AC0B76FD0BD1}
    O42 - Logiciel: ULi LAN Driver - (...) [HKLM] -- {143BE018-D8F8-4014-8CB6-AF63F5799D21}
    O42 - Logiciel: ULi SATA Driver - (.ULi.) [HKLM] -- {FDC53DC6-137A-4541-BFA2-A9BAE4A7FE99}
    O42 - Logiciel: VisDGI - (...) [HKLM] -- VisDGIUninstall
    O42 - Logiciel: WiseConvert 1.5 Toolbar - (.WiseConvert 1.5.) [HKLM] -- WiseConvert_1.5 Toolbar
    O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
    ~ Logic: 110 Legitimates Scanned in 00mn 00s



    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\855888bb36dbe44]
    [HKCU\Software\Amazon]
    [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
    [HKCU\Software\BI]
    [HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
    [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
    [HKCU\Software\Delta]
    [HKCU\Software\IM]
    [HKCU\Software\ImInstaller]
    [HKCU\Software\IncrediMail]
    [HKCU\Software\LOGIDOC]
    [HKCU\Software\PerformerSoft LLC]
    [HKCU\Software\WNLT]
    [HKCU\Software\WiseConvert_1.5]
    [HKLM\Software\855888bb36dbe44]
    [HKLM\Software\ALi]
    [HKLM\Software\Amazon]
    [HKLM\Software\Appia]
    [HKLM\Software\Delta]
    [HKLM\Software\ULi]
    [HKLM\Software\WiseConvert_1.5]
    ~ Key Software: 185 Legitimates Scanned in 00mn 00s



    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 09/07/2012 - 16:40:41 - [70,451] ----D C:\Program Files\Amazon
    O43 - CFD: 09/04/2013 - 14:33:05 - [5,554] ----D C:\Program Files\Delta
    O43 - CFD: 02/08/2012 - 10:28:16 - [196,668] ----D C:\Program Files\Lidl-Photos
    O43 - CFD: 09/04/2013 - 11:43:39 - [0,359] ----D C:\Program Files\sweetpacks bundle uninstaller =>PUP.SweetIM
    O43 - CFD: 08/04/2013 - 10:36:45 - [7,839] ----D C:\Program Files\WiseConvert_1.5
    O43 - CFD: 09/04/2013 - 11:51:50 - [0,801] ----D C:\Program Files\Yontoo =>PUP.Yontoo
    O43 - CFD: 19/04/2012 - 14:19:14 - [1,215] ----D C:\Program Files\Fichiers communs\VisDGIsharedDLLs
    O43 - CFD: 09/04/2013 - 14:33:59 - [1,942] ----D C:\Documents and Settings\utilisateur\Application Data\BabSolution =>Hijacker.BabSolution
    O43 - CFD: 09/04/2013 - 14:53:20 - [0,259] ----D C:\Documents and Settings\utilisateur\Application Data\Delta
    O43 - CFD: 09/04/2013 - 11:51:25 - [0,308] ----D C:\Documents and Settings\utilisateur\Application Data\File Scout
    O43 - CFD: 10/04/2013 - 14:43:29 - [0] ----D C:\Documents and Settings\utilisateur\Application Data\PerformerSoft
    O43 - CFD: 09/04/2013 - 14:57:34 - [0,066] ----D C:\Documents and Settings\utilisateur\Application Data\SpecialSavings
    O43 - CFD: 10/04/2013 - 14:04:35 - [0,076] ----D C:\Documents and Settings\utilisateur\Application Data\SpeedanAlysis
    O43 - CFD: 09/04/2013 - 11:51:45 - [0,041] ----D C:\Documents and Settings\utilisateur\Application Data\Yontoo =>PUP.Yontoo
    O43 - CFD: 09/07/2012 - 16:40:52 - [0,244] ----D C:\Documents and Settings\utilisateur\Local Settings\Application Data\Amazon
    O43 - CFD: 09/04/2013 - 14:22:49 - [234,597] ----D C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft
    O43 - CFD: 08/04/2013 - 17:51:10 - [8,764] ----D C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5
    O43 - CFD: 09/07/2012 - 16:40:54 - [0,003] ----D C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Amazon
    O43 - CFD: 09/04/2013 - 14:34:49 - [0,001] ----D C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\BrowserProtect =>Toolbar.Babylon
    O43 - CFD: 09/04/2013 - 14:22:31 - [0,003] ----D C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Jet
    ~ Program Folder: 127 Legitimates Scanned in 00mn 25s



    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.A24326A586AE26C93942D4E63AE5EF73] - 11/04/2013 - 13:14:29 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
    O44 - LFC:[MD5.46C3B9D73A33F926BEF54A2A28CCE441] - 11/04/2013 - 13:14:28 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
    O44 - LFC:[MD5.35859245C90EF8019D746B13FB851B51] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30914]
    O44 - LFC:[MD5.8F6184B057F68FF7825D0F9BA5DA5F42] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\comsetup.log [10118]
    O44 - LFC:[MD5.367DAF179A0FCA166ABC344AFBA2B75D] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\iis6.log [4835]
    O44 - LFC:[MD5.40D2498D9A7B4EFFE5C032385F97FA61] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
    O44 - LFC:[MD5.42CAD4901C6789FC3EC60BD8DCF3649F] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1545]
    O44 - LFC:[MD5.9A51348D7F0326EFAE33CD1B09063979] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6127]
    O44 - LFC:[MD5.C1B5A2C53280221ACDF3C00F7DDCB755] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\ocgen.log [14780]
    O44 - LFC:[MD5.CF44A8EE3FF3055F23387CA8EAB9A80C] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710]
    O44 - LFC:[MD5.BF603628B8C8BDE6C2DF46968A69CD48] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\tsoc.log [11795]
    O44 - LFC:[MD5.2E9F043B9BEE995AE22E22DCD19496BD] - 10/04/2013 - 02:06:35 ---A- . (...) -- C:\WINDOWS\updspapi.log [3669]
    O44 - LFC:[MD5.602C79790D4EAA22FB90F8C337E8F1BE] - 10/04/2013 - 02:05:26 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2013 - 09:38:29 ---A- . (...) -- C:\END [0]
    O44 - LFC:[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - 27/02/2013 - 12:24:40 ---A- . (...) -- C:\WINDOWS\system32\dmwu.exe [1013552]
    O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 27/02/2013 - 12:21:38 ---A- . (...) -- C:\WINDOWS\system32\ImHttpComm.dll [28160]
    O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 13/05/2011 - 15:59:22 ---A- . (...) -- C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest [1870]
    ~ Files: 49 Legitimates Scanned in 00mn 33s



    ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 - LFCP:[MD5.7BA4B5254F50B2B1393D917773BAFBD4] - 10/04/2013 - 12:52:36 ---A- - C:\WINDOWS\Prefetch\WISECONVERT_1.5TOOLBARHELPER.-2DA0ACE3.pf
    O45 - LFCP:[MD5.9A1FD3FFCFEE13B2376A528638B359D7] - 10/04/2013 - 16:53:40 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-09C4817C.pf
    O45 - LFCP:[MD5.E24C97A0D44FC23B1FA4EAD679D72047] - 11/04/2013 - 13:21:14 ---A- - C:\WINDOWS\Prefetch\SOUNDMAN.EXE-19745A34.pf
    O45 - LFCP:[MD5.169E887A70C64AAC9C228B35C5B232C3] - 11/04/2013 - 13:21:18 ---A- - C:\WINDOWS\Prefetch\HPGS2WND.EXE-06AC8C27.pf
    O45 - LFCP:[MD5.751C9FFD6887AF96859EA54242BF1954] - 11/04/2013 - 13:21:19 ---A- - C:\WINDOWS\Prefetch\HPGS2WNF.EXE-0E86C34B.pf
    O45 - LFCP:[MD5.20B97C7BF4C0A4C3BB6FE2040C286FB9] - 11/04/2013 - 16:00:14 ---A- - C:\WINDOWS\Prefetch\SYNCBACK.EXE-08A8AC42.pf
    O45 - LFCP:[MD5.917536CF4B13ED137E341ABC6306FDDF] - 11/04/2013 - 17:13:49 ---A- - C:\WINDOWS\Prefetch\PROPERTYSYNC.EXE-01B5D25E.pf
    O45 - LFCP:[MD5.C389F476FD4A5F71EA3AED0FD6C7875F] - 11/04/2013 - 17:13:50 ---A- - C:\WINDOWS\Prefetch\PROPERTYSYNC.EXE-0F3994CB.pf
    ~ Prefetcher: 90 Legitimates Scanned in 00mn 01s



    ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
    ~ ShellExecuteHooks: Scanned in 00mn 00s



    ---\\ Export de clé d'application autorisée (O47)
    O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\dmwu.exe
    O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ARFC\wrtc.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\ARFC\wrtc.exe
    ~ Keys Export: 9 Legitimates Scanned in 00mn 01s



    ---\\ Déni du service (Local Security Authority) (O48)
    ~ LSA: 6 Legitimates Scanned in 00mn 00s



    ---\\ Contrôle du Safe Boot (CSB) (O49)
    ~ CBS: 21 Legitimates Scanned in 00mn 00s



    ---\\ Image File Execution Options (IFEO) (O50)
    O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
    ~ IFEO: Scanned in 00mn 00s



    ---\\ Trojan Driver Search Data (HKLM) (O52)
    ~ TDSD: 12 Legitimates Scanned in 00mn 00s



    ---\\ Microsoft Control Security Providers (O54)
    ~ MSCP: 6 Legitimates Scanned in 00mn 00s



    ---\\ Microsoft Windows Policies System (O55)
    ~ MWPS: 5 Legitimates Scanned in 00mn 00s



    ---\\ Microsoft Windows Policies Explorer (O56)
    ~ MWPE Keys: 1 Legitimates Scanned in 00mn 00s



    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.B34B1AB0A7690A0E2301FEC6D17B2FC1] - 25/10/2011 - 17:35:06 ---A- . (.Oak Technology Inc. - Audio File System.) -- C:\WINDOWS\system32\Drivers\AFS2K.SYS [82380]
    O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
    ~ Drivers: Scanned in 00mn 00s



    ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 - LFC: 08/04/2013 - 08:10:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [3072]
    O61 - LFC: 08/04/2013 - 08:10:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [3608]
    O61 - LFC: 08/04/2013 - 09:38:12 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{3341E4A7-EFA7-45EA-8287-C25B48962F28}.ico [1150]
    O61 - LFC: 08/04/2013 - 09:38:21 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ThirdPartyComponents.xml [6925]
    O61 - LFC: 08/04/2013 - 09:50:08 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk [1501]
    O61 - LFC: 08/04/2013 - 09:50:08 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk [1539]
    O61 - LFC: 08/04/2013 - 09:50:09 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk [1525]
    O61 - LFC: 08/04/2013 - 09:50:09 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk [1519]
    O61 - LFC: 08/04/2013 - 09:50:09 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk [1487]
    O61 - LFC: 08/04/2013 - 09:50:09 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk [1555]
    O61 - LFC: 08/04/2013 - 09:50:09 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk [1519]
    O61 - LFC: 08/04/2013 - 09:50:09 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Assistance à distance.lnk [1599]
    O61 - LFC: 08/04/2013 - 10:40:20 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.google.fr_0.localstorage [3072]
    O61 - LFC: 08/04/2013 - 10:40:20 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.google.fr_0.localstorage-journal [3608]
    O61 - LFC: 08/04/2013 - 16:41:14 ---A- C:\Documents and Settings\utilisateur\Recent\RP 2013 Culture 2.lnk [699]
    O61 - LFC: 08/04/2013 - 16:41:37 ---A- C:\Documents and Settings\utilisateur\Recent\RP12042013.lnk [675]
    O61 - LFC: 08/04/2013 - 16:49:39 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\ToolbarSettings\data.txt [46467]
    O61 - LFC: 08/04/2013 - 16:49:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_16_319_CT3196716_Images_634677797331567756_png.png [675]
    O61 - LFC: 08/04/2013 - 16:49:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_Email_xml-10-Classic-633439771938243750_gif.gif [573]
    O61 - LFC: 08/04/2013 - 16:49:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_SearchActivationButton-go_but01_gif-General-633629754908675000_gif.gif [117]
    O61 - LFC: 08/04/2013 - 16:49:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_MarketPlace_93_ce3_93951332-f9a7-4af7-af02-17ec3d749ce3_Appearance_634159521796627506_24x24_png.png [1749]
    O61 - LFC: 08/04/2013 - 16:49:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_bankimages_iconsGallery_24_5369227798842747855_png.png [1267]
    O61 - LFC: 08/04/2013 - 16:49:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif [419]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png [263]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_eula_png.png [513]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif [403]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif [278]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif [405]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif [425]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif [399]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=fr.xml [7239]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=fr.xml [5676]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=fr.xml [6764]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=fr.xml [5675]
    O61 - LFC: 08/04/2013 - 16:49:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\DynamicDialogs\data.txt [117189]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590750635300000_gif.gif [230]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590751044362500_gif.gif [308]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590751926237500_gif.gif [171]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590752453893750_gif.gif [240]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633590753577643750_gif.gif [613]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_68_300_CT3008668_Images_633629754211018750_gif.gif [352]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_Menu_uninstall-icon_png.png [617]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_dictionary_search_gif.gif [986]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_ebay_search_gif.gif [216]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_encyc_search_gif.gif [395]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif [405]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif [371]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_shopping_search_gif.gif [381]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_SearchEngines_weather_icon_gif.gif [165]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif [414]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif [405]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif [361]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif [381]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif [351]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif [322]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\RadioPlayer\IP_Stations_Media_List.xml [2112]
    O61 - LFC: 08/04/2013 - 16:49:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\RadioPlayer\Predefined_Media_List.xml [2112]
    O61 - LFC: 08/04/2013 - 16:49:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___weather_conduit_com_images_weather_Default_mostly_cloudy_gif.gif [386]
    O61 - LFC: 08/04/2013 - 16:49:51 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\ToolbarLogin\data.txt [5428]
    O61 - LFC: 08/04/2013 - 16:49:51 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\SearchInNewTab\SearchInNewTabContent.xml [70231]
    O61 - LFC: 08/04/2013 - 16:51:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_widget_png.png [1642]
    O61 - LFC: 08/04/2013 - 16:51:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_file_tools_icon_png.png [1350]
    O61 - LFC: 08/04/2013 - 16:51:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ExternalComponent\http___oryte_com_content_translate_xml_tools_xml.xml [7598]
    O61 - LFC: 08/04/2013 - 16:51:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\ExternalComponent\http___tools_wiseconvert_com_tools_xml.xml [4037]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_calendar_png.png [3308]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_map_gif.gif [990]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_todo_img_favicon_ico.ico [1150]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_archive_icon_png.png [3545]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_flv_icon_png.png [1819]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_image_icon_png.png [1565]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_open_documents_png.png [3529]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_pdf_icon_png.png [1633]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_video_icon_png.png [1586]
    O61 - LFC: 08/04/2013 - 16:51:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_view_pdf_icon_png.png [3448]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_calculator_gif.gif [600]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_calculator_sci_gif.gif [1657]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_calories_png.png [3437]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_clock_ico.ico [1150]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_clothes_ico.ico [1150]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_coins_png.png [672]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_datecalc_ico.ico [1150]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_fileconverter_png.png [719]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_spellchecker_png.png [944]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_stopwatch_ico.ico [1150]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_translator_png.png [3711]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_unitconverter_gif.gif [381]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___oryte_com_content_icons_worddef_png.png [3568]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png [821]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png [729]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png [531]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png [669]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png [734]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png [562]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png [493]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png [706]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png [674]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png [607]
    O61 - LFC: 08/04/2013 - 16:51:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\CacheIcons\http___tools_wiseconvert_com_images_menu_audio_icon_png.png [3429]
    O61 - LFC: 08/04/2013 - 17:05:53 ---A- C:\Documents and Settings\utilisateur\Recent\RP12042013 MA.lnk [684]
    O61 - LFC: 08/04/2013 - 17:31:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072]
    O61 - LFC: 08/04/2013 - 17:31:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608]
    O61 - LFC: 08/04/2013 - 19:10:17 ---A- C:\Documents and Settings\utilisateur\Recent\RP12042013 MA V2.lnk [696]
    O61 - LFC: 08/04/2013 - 19:11:08 ---A- C:\Documents and Settings\utilisateur\Recent\RP12042013 MA (Copie en conflit de marc pascal 2013-04-08) (Copie en conflit de marc pascal 2013-04-08).lnk [954]
    O61 - LFC: 08/04/2013 - 19:11:37 ---A- C:\Documents and Settings\utilisateur\Recent\rythmes scolaire reunion publique.lnk [744]
    O61 - LFC: 08/04/2013 - 19:20:22 ---A- C:\Documents and Settings\utilisateur\Favoris\memoclic forum - Recherche Google.url [464]
    O61 - LFC: 09/04/2013 - 08:35:13 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 08:35:13 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 09:28:18 ---A- C:\Documents and Settings\utilisateur\Recent\EDF-EAU.lnk [469]
    O61 - LFC: 09/04/2013 - 10:52:57 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage [377856]
    O61 - LFC: 09/04/2013 - 10:52:57 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal [6704]
    O61 - LFC: 09/04/2013 - 10:53:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 10:53:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 10:56:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\store-pp.jbs [20480000]
    O61 - LFC: 09/04/2013 - 11:06:13 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\VideoPerformer\Video Performer.lnk [772]
    O61 - LFC: 09/04/2013 - 11:06:21 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\VideoPerformer\Uninstall.lnk [747]
    O61 - LFC: 09/04/2013 - 11:46:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000005.sst [231]
    O61 - LFC: 09/04/2013 - 13:07:39 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage [3072] =>Toolbar.Wajam
    O61 - LFC: 09/04/2013 - 13:07:39 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage-journal [3608] =>Toolbar.Wajam
    O61 - LFC: 09/04/2013 - 13:13:11 ---A- C:\Documents and Settings\utilisateur\Recent\RKreport[1]_S_09042013_140930.lnk [601]
    O61 - LFC: 09/04/2013 - 13:18:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000014.sst [231]
    O61 - LFC: 09/04/2013 - 13:21:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\24.0.1293.0\Installer\unins000.exe [818813]
    O61 - LFC: 09/04/2013 - 13:22:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\24.0.1293.0\Installer\setup.exe [1559520]
    O61 - LFC: 09/04/2013 - 13:22:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\VisualElementsManifest.xml [383]
    O61 - LFC: 09/04/2013 - 13:22:31 ---A- C:\Documents and Settings\utilisateur\Bureau\Jet.lnk [2253]
    O61 - LFC: 09/04/2013 - 13:22:31 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Jet\Jet.lnk [2265]
    O61 - LFC: 09/04/2013 - 13:22:31 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Jet\Uninstall Jet.lnk [1375]
    O61 - LFC: 09/04/2013 - 13:22:40 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\24.0.1293.0\Installer\unins000.dat [50867]
    O61 - LFC: 09/04/2013 - 13:22:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\First Run [0]
    O61 - LFC: 09/04/2013 - 13:22:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Archived History [57344]
    O61 - LFC: 09/04/2013 - 13:22:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Archived History-journal [512]
    O61 - LFC: 09/04/2013 - 13:22:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Network Action Predictor [5120]
    O61 - LFC: 09/04/2013 - 13:22:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Network Action Predictor-journal [1544]
    O61 - LFC: 09/04/2013 - 13:22:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extension State\LOCK [0]
    O61 - LFC: 09/04/2013 - 13:22:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Shortcuts [12288]
    O61 - LFC: 09/04/2013 - 13:22:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Shortcuts-journal [512]
    O61 - LFC: 09/04/2013 - 13:22:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\User StyleSheets\Custom.css [0]
    O61 - LFC: 09/04/2013 - 13:22:54 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\background.js [442]
    O61 - LFC: 09/04/2013 - 13:22:54 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\background.js [3558]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\popup.html [388]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\enable.png [1670]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\resources\plugins.json [4256]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\savevid.html [447]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\savevid.js [230]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\utube_1_48.png [1647]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\background.html [376]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\contentscript.js [109]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\csstart.js [110]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\js\background.js [217]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\js\jquery.min.js [93870]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\js\json2.js [3417]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\popup.html [398]
    O61 - LFC: 09/04/2013 - 13:22:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\popup.js [106]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\icons\16.png [897]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\icons\19.png [1182]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\icons\32.png [2541]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\icons\48.png [4590]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\bjjfodhlphjfggjmoflgngmnkflcaahd\1.0.2_0\manifest.json [812]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\icons\19.png [1670]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\plugin\mediagrabber.dll [411136]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\icons\48.png [1390]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\js\unserialize.js [3943]
    O61 - LFC: 09/04/2013 - 13:22:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\dgkhclhmmllgiknablaihlbdpnjahmoe\1.0.0_0\manifest.json [1047]
    O61 - LFC: 09/04/2013 - 13:22:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\disable.png [758]
    O61 - LFC: 09/04/2013 - 13:22:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\icons\16.png [650]
    O61 - LFC: 09/04/2013 - 13:22:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\icons\32.png [1317]
    O61 - LFC: 09/04/2013 - 13:22:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\icons\48.png [1644]
    O61 - LFC: 09/04/2013 - 13:22:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\cdfnmkpcclnhemmfoabfnlaoiknikdci\1.0.3_0\manifest.json [893]
    O61 - LFC: 09/04/2013 - 13:22:59 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Login Data [12288]
    O61 - LFC: 09/04/2013 - 13:22:59 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Login Data-journal [512]
    O61 - LFC: 09/04/2013 - 13:23:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Safe Browsing Cookies [6144]
    O61 - LFC: 09/04/2013 - 13:23:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Safe Browsing Cookies-journal [1544]
    O61 - LFC: 09/04/2013 - 13:23:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_dgkhclhmmllgiknablaihlbdpnjahmoe_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 13:23:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_dgkhclhmmllgiknablaihlbdpnjahmoe_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\328.gif [28816]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\background.html [126]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\background.js [4654]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\disable.png [1687]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\enable.png [1808]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\jquery-1.8.2.min.js [93433]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\loading.png [86160]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\background.html [482]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\help.html [3445]
    O61 - LFC: 09/04/2013 - 13:23:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\jetlogo.png [24354]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\off.png [1439]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\plugin\jethelper.dll [590336]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\torrent.html [2004]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\torrent.js [1816]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\menu.html [606]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\newtab.html [22534]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\options.html [50438]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\search.html [3904]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\statistics.html [2916]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\background.html [320]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\ci.bg.pack.js [8346]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\ci.browser.helper.js [340]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\ci.content.pack.js [2428]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\content.js [9721]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\background.html [129]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\background.js [10534]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\gmail_logged_in.png [1679]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\background.html [1312]
    O61 - LFC: 09/04/2013 - 13:23:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\icon-loggedout.png [415]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\icons\16.png [768]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\icons\19.png [868]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\icons\32.png [1554]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\icons\48.png [1737]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\aaljkbcnhapfmkpadhhkejpkilcgebnn\1.0.3_0\manifest.json [891]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\AutoSuggest.js [5697]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\checkboxes.js [5225]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\jquery.autocomplete.js [14641]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\apps.js [7231]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\background.js [14210]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\changes.txt [62]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\common.js [2561]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\createBookmarks.js [1191]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\db.js [48575]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\help.js [279]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\logo.json [6631]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\options.background.js [3687]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\options.base64.js [3233]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\options.export.js [2118]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\options.js [4630]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\options.page.js [35363]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\popup_menu.js [547]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\shortcut.js [904]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\sidebar.bookmarks.js [2087]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\sidebar.delicious.js [4490]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\sidebar.gbookmarks.js [11193]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\sidebar.history.js [3593]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\sidebar.js [3271]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\sidebar.pinboard.js [5120]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\speeddial.js [36627]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\statistics.js [6212]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\themes.js [3537]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js_system\welcome.js [2160]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\resources\searchengines.json [26315]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\welcome.html [1253]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\icon128.png [12061]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\icon16.png [637]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\icon48.png [2923]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\jquery-1.6.2.min.js [91731]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\jquery.uuid.js [454]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\manifest.json [1112]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\mz\background.js [1827]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\mz\content.js [1837]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\popup.js [66]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\iajehcjgcdeggeeapbegjmcoegiagmep\1.0.0.1_0\settings.json [186]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\indicator_white_large.gif [1894]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\js\desktop_notifications.js [10181]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\js\options.js [1714]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\options.html [154]
    O61 - LFC: 09/04/2013 - 13:23:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\popup.html [4432]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\loading.gif [1553]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\misc.questionmark.png [4978]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\misc.sand-pattern-small.png [3208]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\misc.sand-pattern.png [11916]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.close.png [1260]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\jquery.min.js [93870]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\jquery.mousewheel.min.js [1392]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\jquery.ui.min.js [66273]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\jscolor.js [20144]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\json2.js [3417]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\searchplugins.js [2832]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\tools.js [5324]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\tooltip.js [5956]
    O61 - LFC: 09/04/2013 - 13:23:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\js\underscore-min.js [12821]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.favicon-background.png [1389]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.first-dial.png [6175]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.help.png [3248]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.highlighted.png [2932]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.menubar-flip.png [12460]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.menubar.png [12564]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.no-thumbnail.png [3214]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.overlay.png [931]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.plus.png [2542]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.plus_.png [3075]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.remove-dial-circle.png [1940]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.remove-dial.png [853]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.remove-dial_.png [1340]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.settings.png [1789]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\icon128.png [7815]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\icon16.png [211]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\icon19.png [402]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\icon32.png [1040]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\images\icon48.png [1810]
    O61 - LFC: 09/04/2013 - 13:23:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\manifest.json [963]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\newtab.sidebar.arrow.png [1132]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.check.png [1576]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.clock.png [710]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.delicious.gif [1544]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.dial.jpg [8367]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.input.range.png [975]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.mediatemple.png [4758]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.sync-indicator.png [219]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.sync.jpg [2783]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\options.sync.login.png [4688]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\search.ico [1150]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow.png [2194]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow5.png [566]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow6.png [1349]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_aside.png [2506]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_block.png [1378]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_box.png [1062]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_circle.png [2089]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_double.png [3555]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_drop.png [1215]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_paper.png [2860]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\shadow_paper_2.png [4480]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.back.png [1064]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.closetag-active.gif [1283]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.closetag.gif [1283]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.folder.png [1299]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.png [990]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.restore-tabs.png [1128]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.search.png [1240]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.tag.gif [348]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\sidebar.toggle.png [2416]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\iw\messages.json [47]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\no\messages.json [48]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\or\messages.json [47]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Top Sites [20480]
    O61 - LFC: 09/04/2013 - 13:23:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Top Sites-journal [12824]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\dial.css [5352]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes - Copy\off.png [1016]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes - Copy\on.png [1029]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes - Copy\slider.png [1228]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\master.css [37425]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\options.css [10995]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\search.css [6770]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\welcome.css [2998]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\icons\19.png [3612]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\colorpicker\_colorpicker.gif [882]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\colorpicker\arrow.gif [66]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\colorpicker\cross.gif [83]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\colorpicker\hs.png [2684]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\colorpicker\hv.png [2865]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\abstract\preview.jpg [1763]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\android\preview.jpg [8161]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\classic\preview.jpg [2504]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\clouds\preview.jpg [3326]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\dark\preview.jpg [2794]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\greenglare\preview.jpg [4088]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\grey\preview.jpg [6602]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\light\background_strip.jpg [8778]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\light\background_top.jpg [52539]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\light\preview.jpg [8681]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\lines\preview.jpg [13927]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\list.txt [1004]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\images\themes\wood\preview.jpg [11071]
    O61 - LFC: 09/04/2013 - 13:23:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\zh_HK\messages.json [46]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\font\nobile\nobile-webfont.ttf [48528]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes - Copy\slider_center.png [260]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes - Copy\slider_left.png [1058]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes - Copy\slider_right.png [1060]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes\off.png [1016]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes\on.png [1029]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes\slider.png [1228]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes\slider_center.png [260]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes\slider_left.png [1058]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\css\images\iphone-style-checkboxes\slider_right.png [1060]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\images\background.png [474]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\images\frame.png [27594]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\images\ntpback.png [132628]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\manifest.json [1404]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_aaljkbcnhapfmkpadhhkejpkilcgebnn_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 13:23:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_aaljkbcnhapfmkpadhhkejpkilcgebnn_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\_locales\en\messages.json [30373]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\icons\128.png [14426]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\icons\16.png [677]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\icons\32.png [1856]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\icons\48.png [3372]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\hikijlgbicakpjmfhpcabpchcmlakiog\1.6.1.4_0\manifest.json [1346]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\ar\messages.json [1184]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\bg\messages.json [1379]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\ca\messages.json [618]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\cs\messages.json [666]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\da\messages.json [586]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\de\messages.json [598]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\el\messages.json [1543]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\en\messages.json [533]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\en_GB\messages.json [533]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\es\messages.json [647]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\es_419\messages.json [614]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\et\messages.json [565]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\fi\messages.json [613]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\fil\messages.json [588]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\fr\messages.json [675]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\he\messages.json [1164]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\hi\messages.json [1338]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\hr\messages.json [613]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\hu\messages.json [634]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\id\messages.json [578]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\it\messages.json [582]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\ja\messages.json [828]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\ko\messages.json [806]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\lt\messages.json [729]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\lv\messages.json [642]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\nb\messages.json [554]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\nl\messages.json [581]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\pl\messages.json [667]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\pt_BR\messages.json [617]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\pt_PT\messages.json [631]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\ro\messages.json [656]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\ru\messages.json [1330]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\sk\messages.json [715]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\sl\messages.json [586]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\sr\messages.json [1266]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\sv\messages.json [576]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\th\messages.json [1322]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\tr\messages.json [663]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\uk\messages.json [1668]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\vi\messages.json [830]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\zh_CN\messages.json [675]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\_locales\zh_TW\messages.json [687]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\gmail_not_logged_in.png [789]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\icon_128.png [2063]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\nfdniiplbakagpebmlmllelimdkamami\4.4.1_0\manifest.json [818]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ar\messages.json [77]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\bg\messages.json [101]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\bn\messages.json [89]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ca\messages.json [68]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\cs\messages.json [85]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\da\messages.json [71]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\de\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\el\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\en\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\en_GB\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\es\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\es_419\messages.json [68]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\et\messages.json [67]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\fi\messages.json [67]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\fil\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\fr\messages.json [70]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\gu\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\hi\messages.json [83]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\hr\messages.json [71]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\hu\messages.json [67]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\id\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\it\messages.json [69]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ja\messages.json [77]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\kn\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ko\messages.json [71]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\lt\messages.json [76]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\lv\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ml\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\mr\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\nl\messages.json [69]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\pl\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\pt_BR\messages.json [67]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\pt_PT\messages.json [67]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ro\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ru\messages.json [125]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\sk\messages.json [85]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\sl\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\sr\messages.json [107]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\sv\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\ta\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\te\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\th\messages.json [83]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\tr\messages.json [90]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\uk\messages.json [66]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\vi\messages.json [68]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\zh_CN\messages.json [71]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\_locales\zh_TW\messages.json [71]
    O61 - LFC: 09/04/2013 - 13:23:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\images\toolbar.png [132628]
    O61 - LFC: 09/04/2013 - 13:23:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\Cached Theme.pak [466265]
    O61 - LFC: 09/04/2013 - 13:23:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\databases\Databases.db [7168]
    O61 - LFC: 09/04/2013 - 13:23:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\databases\Databases.db-journal [5672]
    O61 - LFC: 09/04/2013 - 13:23:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\databases\chrome-extension_hikijlgbicakpjmfhpcabpchcmlakiog_0\1 [9216]
    O61 - LFC: 09/04/2013 - 13:23:59 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Session Storage\LOCK [0]
    O61 - LFC: 09/04/2013 - 13:32:22 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Session Storage\000005.sst [681]
    O61 - LFC: 09/04/2013 - 13:32:40 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\README [160]
    O61 - LFC: 09/04/2013 - 13:32:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\http_www.performersoft.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 13:32:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\http_www.performersoft.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:33:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\https_www.google.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 13:33:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\https_www.google.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:34:03 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extension Cookies [6144]
    O61 - LFC: 09/04/2013 - 13:34:03 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extension Cookies-journal [4640]
    O61 - LFC: 09/04/2013 - 13:34:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Origin Bound Certs [12288]
    O61 - LFC: 09/04/2013 - 13:34:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Origin Bound Certs-journal [3608]
    O61 - LFC: 09/04/2013 - 13:34:50 ---A- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\BrowserProtect\Uninstall BrowserProtect.lnk [1418] =>Toolbar.Babylon
    O61 - LFC: 09/04/2013 - 13:35:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Last Tabs [2294]
    O61 - LFC: 09/04/2013 - 13:35:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Session Storage\000008.sst [601]
    O61 - LFC: 09/04/2013 - 13:35:12 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Last Session [2469]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome.manifest [328]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\background.html [118]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\button.xml [1582]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\config.js [242]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\content.js [66]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\framework.js [19068]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\framework.xul [1921]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\icon128.png [21232]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\icon16.png [1831]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\icon48.png [6434]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\jquery-1.6.2.min.js [91731]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz\background.js [2162]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz\content.js [1926]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\options.xul [1583]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\settings.json [230]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\skin\framework.css [1326]
    O61 - LFC: 09/04/2013 - 13:57:35 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\install.rdf [1028]
    O61 - LFC: 09/04/2013 - 13:57:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data [110592]
    O61 - LFC: 09/04/2013 - 13:58:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extension State\CURRENT [16]
    O61 - LFC: 09/04/2013 - 13:58:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extension State\000019.sst [9148]
    O61 - LFC: 09/04/2013 - 13:58:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Extension State\MANIFEST-000016 [723]
    O61 - LFC: 09/04/2013 - 13:58:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Web Data [75776]
    O61 - LFC: 09/04/2013 - 13:58:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Web Data-journal [16384]
    O61 - LFC: 09/04/2013 - 13:58:40 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Session Storage\000011.sst [541]
    O61 - LFC: 09/04/2013 - 13:58:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Session Storage\CURRENT [16]
    O61 - LFC: 09/04/2013 - 13:58:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Session Storage\MANIFEST-000010 [324]
    O61 - LFC: 09/04/2013 - 13:58:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Managed Mode Settings [8]
    O61 - LFC: 09/04/2013 - 13:58:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_nmameahlembdcigphohgiodcgjomcgeo_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 13:58:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_nmameahlembdcigphohgiodcgjomcgeo_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:58:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_iajehcjgcdeggeeapbegjmcoegiagmep_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 13:58:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_iajehcjgcdeggeeapbegjmcoegiagmep_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:58:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_nfdniiplbakagpebmlmllelimdkamami_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 13:58:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_nfdniiplbakagpebmlmllelimdkamami_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:58:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_cdfnmkpcclnhemmfoabfnlaoiknikdci_0.localstorage [3072]
    O61 - LFC: 09/04/2013 - 13:58:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_hikijlgbicakpjmfhpcabpchcmlakiog_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 13:58:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_hikijlgbicakpjmfhpcabpchcmlakiog_0.localstorage-journal [5672]
    O61 - LFC: 09/04/2013 - 13:58:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\http_success.softango.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 13:58:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\http_success.softango.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:58:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Favicons [26624]
    O61 - LFC: 09/04/2013 - 13:58:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Favicons-journal [16384]
    O61 - LFC: 09/04/2013 - 13:58:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\History Index 2013-04 [86016]
    O61 - LFC: 09/04/2013 - 13:58:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\History Index 2013-04-journal [16384]
    O61 - LFC: 09/04/2013 - 13:58:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Local Storage\chrome-extension_cdfnmkpcclnhemmfoabfnlaoiknikdci_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Current Session [39485]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Current Tabs [36930]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\History [90112]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\History Provider Cache [9325]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\History-journal [16384]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Visited Links [131072]
    O61 - LFC: 09/04/2013 - 13:58:48 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Local State [22923]
    O61 - LFC: 09/04/2013 - 13:58:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Cookies [24576]
    O61 - LFC: 09/04/2013 - 13:58:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Cookies-journal [14960]
    O61 - LFC: 09/04/2013 - 13:58:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\Preferences [31504]
    O61 - LFC: 09/04/2013 - 13:58:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\QuotaManager [13312]
    O61 - LFC: 09/04/2013 - 13:58:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\QuotaManager-journal [8768]
    O61 - LFC: 09/04/2013 - 13:58:49 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Default\TransportSecurity [549]
    O61 - LFC: 09/04/2013 - 13:58:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\chrome_shutdown_ms.txt [5]
    O61 - LFC: 09/04/2013 - 14:01:00 ---A- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [1813]
    O61 - LFC: 09/04/2013 - 14:05:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.rmcsport.fr_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:05:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.rmcsport.fr_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 14:06:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:06:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage-journal [5672]
    O61 - LFC: 09/04/2013 - 14:19:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000019.sst [227]
    O61 - LFC: 09/04/2013 - 14:19:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.01-telecharger.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:19:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.01-telecharger.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 14:22:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.logiciel-free.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:22:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.logiciel-free.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 14:24:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:24:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 14:25:21 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.systweak.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:25:21 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.systweak.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 14:35:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.journaldunet.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 14:35:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.journaldunet.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 14:37:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [20480]
    O61 - LFC: 09/04/2013 - 14:37:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts-journal [12824]
    O61 - LFC: 09/04/2013 - 14:56:47 ---A- C:\Documents and Settings\utilisateur\Recent\RP12042013 V3.lnk [684]
    O61 - LFC: 09/04/2013 - 14:56:47 ---A- C:\Documents and Settings\utilisateur\Recent\reunion publique 12042013.lnk [478]
    O61 - LFC: 09/04/2013 - 16:01:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [15360]
    O61 - LFC: 09/04/2013 - 16:01:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [5672]
    O61 - LFC: 09/04/2013 - 18:15:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_fr\ToolbarTranslation\data.bck.txt [115373]
    O61 - LFC: 09/04/2013 - 18:15:46 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_fr\ToolbarTranslation\data.txt [115373]
    O61 - LFC: 09/04/2013 - 21:02:24 ---A- C:\Documents and Settings\utilisateur\Recent\RKreport[2]_D_09042013_152926.lnk [601]
    O61 - LFC: 09/04/2013 - 21:02:41 ---A- C:\Documents and Settings\utilisateur\Recent\RKreport[1]_S_09042013_152844.lnk [601]
    O61 - LFC: 09/04/2013 - 21:03:26 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.softango.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 21:03:26 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.softango.com_0.localstorage-journal [3608]
    O61 - LFC: 09/04/2013 - 21:16:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.sur-la-toile.com_0.localstorage [5120]
    O61 - LFC: 09/04/2013 - 21:16:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.sur-la-toile.com_0.localstorage-journal [4640]
    O61 - LFC: 10/04/2013 - 07:31:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_safecart.com_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 07:31:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_safecart.com_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 08:49:02 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_driver-genius.fr_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 08:49:02 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_driver-genius.fr_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 08:50:37 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 08:50:37 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_telechargement.zebulon.fr_0.localstorage-journal [5672]
    O61 - LFC: 10/04/2013 - 09:28:25 ---A- C:\Documents and Settings\utilisateur\Recent\MBRCheck_04.10.13_10.26.40.lnk [586]
    O61 - LFC: 10/04/2013 - 09:31:11 ---A- C:\Documents and Settings\utilisateur\Recent\RKreport[1]_S_09042013_220518.lnk [601]
    O61 - LFC: 10/04/2013 - 09:38:20 ---A- C:\Documents and Settings\utilisateur\Recent\ZHPDiag.lnk [404]
    O61 - LFC: 10/04/2013 - 09:40:25 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pjjoint.malekal.com_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 09:40:25 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pjjoint.malekal.com_0.localstorage-journal [5672]
    O61 - LFC: 10/04/2013 - 11:32:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_programme.tvmag.lefigaro.fr_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 11:32:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_programme.tvmag.lefigaro.fr_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 11:36:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 11:36:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage-journal [5672]
    O61 - LFC: 10/04/2013 - 12:37:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\ToolbarHiddenSettings\data.bck.txt [46467]
    O61 - LFC: 10/04/2013 - 12:37:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\AppsMetaData\data.bck.txt [1205]
    O61 - LFC: 10/04/2013 - 12:37:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\ToolbarHiddenSettings\data.txt [46468]
    O61 - LFC: 10/04/2013 - 12:37:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\AppsMetaData\data.txt [1205]
    O61 - LFC: 10/04/2013 - 12:37:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\ToolbarHiddenLogin\data.bck.txt [5429]
    O61 - LFC: 10/04/2013 - 12:37:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5\Repository\conduit_CT3242339_CT3242339\ToolbarHiddenLogin\data.txt [5429]
    O61 - LFC: 10/04/2013 - 12:54:09 ---A- C:\Documents and Settings\utilisateur\Application Data\speedanalysis.ico [30894]
    O61 - LFC: 10/04/2013 - 12:54:34 ---A- C:\Documents and Settings\utilisateur\Application Data\File Scout\uninst.exe [62902]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\background.html [118]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\button.xml [1582]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\config.js [223]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\content.js [9721]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\framework.js [19068]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\framework.xul [1856]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\icon128.png [12003]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\icon16.png [640]
    O61 - LFC: 10/04/2013 - 12:54:48 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\icon48.png [2912]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome.manifest [308]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\jquery-1.6.2.min.js [91731]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\mz\background.js [2162]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\mz\content.js [1837]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\options.xul [1568]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\settings.json [183]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\chrome\skin\framework.css [1321]
    O61 - LFC: 10/04/2013 - 12:54:49 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks\install.rdf [957]
    O61 - LFC: 10/04/2013 - 12:55:23 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage [3072]
    O61 - LFC: 10/04/2013 - 12:55:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtectorPreferences [110236]
    O61 - LFC: 10/04/2013 - 12:55:51 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_success.softango.com_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 12:55:51 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_success.softango.com_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome.manifest [324]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\background.html [118]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\bg.js [456]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\button.xml [1582]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\config.js [237]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\content.js [66]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\framework.js [19068]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\framework.xul [1982]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon128.png [20390]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon16.png [1747]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon24.ico [2862]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon24.png [2543]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon32.ico [10134]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon32.png [3407]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\icon48.png [5592]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\jquery-1.6.2.min.js [91731]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\mz\background.js [2162]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\mz\content.js [1837]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\options.xul [1580]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\settings.json [195]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\skin\framework.css [1325]
    O61 - LFC: 10/04/2013 - 13:04:36 ---A- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com\install.rdf [989]
    O61 - LFC: 10/04/2013 - 13:30:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.memoclic.com_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 13:30:58 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.memoclic.com_0.localstorage-journal [5672]
    O61 - LFC: 10/04/2013 - 13:33:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_general-changelog-team.fr_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 13:33:52 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_general-changelog-team.fr_0.localstorage-journal [5672]
    O61 - LFC: 10/04/2013 - 13:34:03 ---A- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\chu.js [440] =>Hijacker.BabSolution
    O61 - LFC: 10/04/2013 - 13:34:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage [5120] =>Toolbar.DeltaSearch
    O61 - LFC: 10/04/2013 - 13:34:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal [5672] =>Toolbar.DeltaSearch
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfcpnihmbfoaeoakalclfalkdepgiaje_0.localstorage [3072]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfcpnihmbfoaeoakalclfalkdepgiaje_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfcbmgbfdbijmjgjihagbomfbjfjmgon_0.localstorage [3072]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfcbmgbfdbijmjgjihagbomfbjfjmgon_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mocblcnaofikinigmceddfghppkkjbog_0.localstorage [3072]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mocblcnaofikinigmceddfghppkkjbog_0.localstorage-journal [3608]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.download366.net_0.localstorage [5120]
    O61 - LFC: 10/04/2013 - 13:34:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.download366.net_0.localstorage-journal [5672]
    O61 - LFC: 10/04/2013 - 13:36:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences.bad [95966]
    O61 - LFC: 10/04/2013 - 16:00:57 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000085.sst [231]
    O61 - LFC: 10/04/2013 - 16:01:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\background.html [320]
    O61 - LFC: 10/04/2013 - 16:01:04 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\background.html [374]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\ci.bg.pack.js [8346]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\ci.browser.helper.js [340]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\ci.content.pack.js [2428]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\bg.js [456]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\ci.bg.pack.js [8346]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\ci.browser.helper.js [340]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\BabMaint.x [4096]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\bg.html [202]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\bg.js [397]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\background.html [4819]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\call_icon.png [1271]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\change_sink.js [7416]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\contentscript.js [12410]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\background.html [100]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\background.js [1236]
    O61 - LFC: 10/04/2013 - 16:01:05 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\background.html [320]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\content.js [66]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\jquery-1.6.2.min.js [91731]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\jquery.uuid.js [454]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\ci.content.pack.js [2428]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\content.js [66]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon24.ico [2862]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon32.ico [10134]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\BUSolution.dll [686080]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\document_iterator.js [14080]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\dropdown_menu_icon_set.png [5122]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\find_proxy.js [11304]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\flags.gif [33313]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\get_html_text.js [5123]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\global_constants.js [3130]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\contentscript.js [1121]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\ci.bg.pack.js [8346]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\ci.browser.helper.js [340]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\ci.content.pack.js [2428]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\content.js [9721]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\background.html [495]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\flavour.js [590]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\logger.js [935]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\background.html [95]
    O61 - LFC: 10/04/2013 - 16:01:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\background.js [1827]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\popup.js [66]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\settings.json [230]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\jquery-1.6.2.min.js [91731]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\jquery.uuid.js [454]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\menu_injection_builder.js [8890]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\menu_injection_handler.js [16856]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\name_injection_builder.js [2033]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\icon128.png [10981]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\icon16.png [708]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\icon48.png [3374]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\manifest.json [799]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\jquery-1.6.2.min.js [91731]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\jquery.uuid.js [454]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\main.js [344]
    O61 - LFC: 10/04/2013 - 16:01:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll [72704]
    O61 - LFC: 10/04/2013 - 16:01:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\mz\background.js [2162]
    O61 - LFC: 10/04/2013 - 16:01:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\popup.js [66]
    O61 - LFC: 10/04/2013 - 16:01:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\NPObject.dll [126976]
    O61 - LFC: 10/04/2013 - 16:01:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\popup.js [66]
    O61 - LFC: 10/04/2013 - 16:01:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\mgHelperGC.dll [101136]
    O61 - LFC: 10/04/2013 - 16:01:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\settings.json [195]
    O61 - LFC: 10/04/2013 - 16:01:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\redirect.html [189]
    O61 - LFC: 10/04/2013 - 16:01:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\settings.json [183]
    O61 - LFC: 10/04/2013 - 16:01:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\newtab.html [53]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\mz\content.js [1926]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\mz\background.js [2162]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\mz\content.js [1837]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\delta128.png [12964]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\manifest.json [747]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\redirect.js [355]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\numbers_common_active_icon_set.gif [1024]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\numbers_common_inactive_icon_set.gif [977]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\numbers_free_icon_set.gif [1134]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\mz\background.js [2162]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\mz\content.js [1837]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\newtab.js [4501]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\popup.html [112]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\popup.js [338]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\simapp.js [3945]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\toolbar.js [1837]
    O61 - LFC: 10/04/2013 - 16:01:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\manifest.json [558]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\icon128.png [21794]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\icon16.png [902]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\icon48.png [5087]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\manifest.json [1156]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon128.png [19407]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon16.png [826]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon24.png [1590]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon32.png [2350]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\icon48.png [4463]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\manifest.json [1291]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\delta48.png [3435]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\number_injection_builder.js [11341]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\space.gif [134]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\string_finder.js [10070]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\icon128.png [12061]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\icon16.png [637]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\icon48.png [2923]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\manifest.json [1112]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\128.png [7156]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\19.png [917]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\48.png [827]
    O61 - LFC: 10/04/2013 - 16:01:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\manifest.json [1230]
    O61 - LFC: 10/04/2013 - 16:01:12 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\manifest.json [835]
    O61 - LFC: 10/04/2013 - 16:47:50 ---A- C:\Documents and Settings\utilisateur\Application Data\vlc\ml.xspf [304]
    O61 - LFC: 10/04/2013 - 16:47:51 ---A- C:\Documents and Settings\utilisateur\Application Data\vlc\vlcrc [87473]
    O61 - LFC: 10/04/2013 - 17:23:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks [4570]
    O61 - LFC: 10/04/2013 - 17:23:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks.bak [4570]
    O61 - LFC: 11/04/2013 - 11:22:40 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [269393]
    O61 - LFC: 11/04/2013 - 12:38:50 ---A- C:\Documents and Settings\utilisateur\Recent\mbam-log-2013-04-11 (12-28-49).lnk [475]
    O61 - LFC: 11/04/2013 - 12:52:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [1374]
    O61 - LFC: 11/04/2013 - 16:01:41 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\002352.sst [194]
    O61 - LFC: 11/04/2013 - 16:32:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\002354.sst [159]
    O61 - LFC: 11/04/2013 - 16:32:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072]
    O61 - LFC: 11/04/2013 - 16:41:13 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [145]
    O61 - LFC: 11/04/2013 - 16:41:15 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\002357.sst [159]
    O61 - LFC: 11/04/2013 - 16:41:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [148]
    O61 - LFC: 11/04/2013 - 16:41:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [274]
    O61 - LFC: 11/04/2013 - 16:41:24 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\https_www.google.com_0\2 [26624]
    O61 - LFC: 11/04/2013 - 17:15:26 ---A- C:\Documents and Settings\utilisateur\Favoris\Google.url [208]
    O61 - LFC: 11/04/2013 - 17:18:27 -SHA- C:\Documents and Settings\utilisateur\PrivacIE\index.dat [16187392]
    O61 - LFC: 11/04/2013 - 17:19:49 -SHA- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768]
    O61 - LFC: 11/04/2013 - 17:19:49 -SHA- C:\Documents and Settings\utilisateur\IECompatCache\index.dat [65536]
    O61 - LFC: 11/04/2013 - 17:19:49 -SHA- C:\Documents and Settings\utilisateur\IETldCache\index.dat [262144]
    O61 - LFC: 11/04/2013 - 17:38:57 ---A- C:\Documents and Settings\utilisateur\Recent\aaCNAV2 janvier 2011.lnk [508]
    O61 - LFC: 11/04/2013 - 17:38:57 ---A- C:\Documents and Settings\utilisateur\Recent\ama.lnk [338]
    O61 - LFC: 11/04/2013 - 17:40:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Tabs [12072]
    O61 - LFC: 11/04/2013 - 17:40:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [21862]
    O61 - LFC: 11/04/2013 - 17:40:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312]
    O61 - LFC: 11/04/2013 - 17:40:32 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal [6704]
    O61 - LFC: 11/04/2013 - 17:40:37 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
    O61 - LFC: 11/04/2013 - 17:40:37 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000118 [895]
    O61 - LFC: 11/04/2013 - 17:40:38 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [148]
    O61 - LFC: 11/04/2013 - 17:40:39 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [83818]
    O61 - LFC: 11/04/2013 - 17:40:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\002360.sst [186926]
    O61 - LFC: 11/04/2013 - 17:40:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
    O61 - LFC: 11/04/2013 - 17:40:42 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-002359 [400]
    O61 - LFC: 11/04/2013 - 17:40:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
    O61 - LFC: 11/04/2013 - 17:40:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-002222 [521]
    O61 - LFC: 11/04/2013 - 17:40:44 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [277]
    O61 - LFC: 11/04/2013 - 17:40:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8]
    O61 - LFC: 11/04/2013 - 17:40:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [151]
    O61 - LFC: 11/04/2013 - 17:40:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [645120]
    O61 - LFC: 11/04/2013 - 17:40:50 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [16384]
    O61 - LFC: 11/04/2013 - 17:42:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144]
    O61 - LFC: 11/04/2013 - 17:42:30 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
    O61 - LFC: 11/04/2013 - 17:42:31 ---A- C:\Documents and Settings\utilisateur\Bureau\RK_Quarantine\Eula.txt [3769]
    O61 - LFC: 11/04/2013 - 17:42:56 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [944964]
    O61 - LFC: 11/04/2013 - 17:42:59 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [6804520]
    O61 - LFC: 11/04/2013 - 17:43:00 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1528174]
    O61 - LFC: 11/04/2013 - 17:43:00 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134668]
    O61 - LFC: 11/04/2013 - 17:43:00 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19192]
    O61 - LFC: 11/04/2013 - 17:43:00 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [4644]
    O61 - LFC: 11/04/2013 - 17:43:26 ---A- C:\Documents and Settings\utilisateur\Bureau\RKreport[1]_S_11042013_184326.txt [1260]
    O61 - LFC: 11/04/2013 - 17:43:53 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480]
    O61 - LFC: 11/04/2013 - 17:43:53 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824]
    O61 - LFC: 11/04/2013 - 17:44:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History [929792]
    O61 - LFC: 11/04/2013 - 17:44:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-04 [2166784]
    O61 - LFC: 11/04/2013 - 17:44:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-04-journal [16384]
    O61 - LFC: 11/04/2013 - 17:44:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384]
    O61 - LFC: 11/04/2013 - 17:44:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [110592]
    O61 - LFC: 11/04/2013 - 17:44:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [14904]
    O61 - LFC: 11/04/2013 - 17:44:20 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3 [200704]
    O61 - LFC: 11/04/2013 - 17:44:20 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal [16384]
    O61 - LFC: 11/04/2013 - 17:44:58 ---A- C:\Documents and Settings\utilisateur\Bureau\RK_Quarantine\PhysicalDrive0_User.dat [512]
    O61 - LFC: 11/04/2013 - 17:44:58 ---A- C:\Documents and Settings\utilisateur\Bureau\RKreport[2]_D_11042013_184458.txt [1298]
    O61 - LFC: 11/04/2013 - 17:45:07 ---A- C:\Documents and Settings\utilisateur\Bureau\RK_Quarantine\QuarantineReport.txt [186]
    O61 - LFC: 11/04/2013 - 17:45:07 ---A- C:\Documents and Settings\utilisateur\Bureau\RKreport[3]_PR_11042013_184507.txt [765]
    O61 - LFC: 11/04/2013 - 17:45:49 ---A- C:\Documents and Settings\utilisateur\Recent\RKreport[3]_PR_11042013_184507.lnk [606]
    O61 - LFC: 11/04/2013 - 17:46:09 ---A- C:\Documents and Settings\utilisateur\Recent\QuarantineReport.lnk [680]
    O61 - LFC: 11/04/2013 - 17:46:09 ---A- C:\Documents and Settings\utilisateur\Recent\RK_Quarantine.lnk [407]
    O61 - LFC: 11/04/2013 - 17:48:34 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [97207]
    O61 - LFC: 11/04/2013 - 17:48:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [757760]
    O61 - LFC: 11/04/2013 - 17:48:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [16384]
    O61 - LFC: 11/04/2013 - 17:48:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Local State [35507]
    ~ 69 Fichiers temporaires (Temporary files)
    ~ 11 Fichiers cookies (Cookies files)
    ~ Files: 1357 Legitimates Scanned in 01mn 55s



    ---\\ Liste des outils de nettoyage (O63)
    O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
    ~ ADS: Scanned in 00mn 00s



    ---\\ Liste des services Legacy (O64)
    O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\dllhost.exe (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP
    O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
    ~ Legacy: 123 Legitimates Scanned in 00mn 02s



    ---\\ File Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
    ~ FASS Keys: 17 Legitimates Scanned in 00mn 00s



    ---\\ Start Menu Internet (O68)
    O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O68 - StartMenuInternet: <Jet.AS7WPWJ7234IAGBFW72AKQCLAU> <Jet>[HKLM\..\Shell\open\Command] (.Performersoft LLC - Jet.) -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\jet.exe
    O68 - StartMenuInternet: <jet.exe> <>[HKLM\..\Shell\open\Command] (.Performersoft LLC - Jet.) -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\Application\jet.exe
    ~ Keys: Scanned in 00mn 00s



    ---\\ Search Browser Infection (O69)
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
    O69 - SBI: SearchScopes [HKCU] {3341E4A7-EFA7-45EA-8287-C25B48962F28} - (WiseConvert 1.5 Customized Web Search) - http://search.conduit.com
    O69 - SBI: SearchScopes [HKCU] {871A9293-6158-47F1-8191-85C687915FDF} - (Google) - http://www.google.com
    ~ Keys: Scanned in 00mn 00s



    ---\\ Recherche des services démarrés par Svchost (O83)
    ~ Services: 39 Legitimates Scanned in 00mn 02s



    ---\\ Recherche particuliere à la racine de certains dossiers (O84)
    [MD5.CC1A55091FD96BCB624AD791CD15D179] [SPRF][09/02/2013] (...) -- C:\Documents and Settings\utilisateur\Application Data\BabMaint.exe [114176]
    [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
    [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
    [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [172032]
    ~ Files: Scanned in 00mn 00s



    ---\\ Scan Additionnel (O88)
    Database Version : v2.11497 - (09/04/2013)
    Clés trouvées (Keys found) : 144
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 6
    Fichiers trouvés (Files found) : 0

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19803860-B306-423C-BBB5-F60A7D82CDE5}] =>Toolbar.Agent
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19803860-B306-423C-BBB5-F60A7D82CDE5}] =>Toolbar.Agent
    [HKLM\Software\Classes\CLSID\{19803860-B306-423C-BBB5-F60A7D82CDE5}] =>Toolbar.Agent
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19803860-B306-423C-BBB5-F60A7D82CDE5}] =>Toolbar.Agent
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent
    [HKLM\Software\Classes\CLSID\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent
    [HKLM\Software\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>Toolbar.Babylon
    [HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Toolbar.PricePeep
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKLM\Software\Classes\AppID\PricePeep.DLL] =>Toolbar.PricePeep
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep] =>Toolbar.PricePeep
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WiseConvert_1.5 Toolbar] =>Toolbar.Conduit
    [HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
    [HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
    [HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
    [HKCU\Software\WiseConvert_1.5] =>Toolbar.Conduit
    [HKLM\Software\WiseConvert_1.5] =>Toolbar.Conduit
    [HKCU\Software\WNLT] =>Adware.IncrediBar
    [HKLM\Software\WNLT] =>Adware.IncrediBar
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert_1.5 Toolbar] =>Toolbar.Conduit
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.IncrediBar
    [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
    [HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
    [HKLM\Software\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>Toolbar.Babylon
    [HKLM\Software\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] =>Toolbar.Babylon
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
    [HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook] =>Adware.SmileyBar
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
    [HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
    [HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta] =>Toolbar.DeltaSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
    [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19803860-b306-423c-bbb5-f60a7d82cde5}] =>Toolbar.Conduit
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19803860-b306-423c-bbb5-f60a7d82cde5}] =>Toolbar.Conduit
    [HKLM\Software\Classes\CLSID\{19803860-b306-423c-bbb5-f60a7d82cde5}] =>Toolbar.Conduit
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19803860-b306-423c-bbb5-f60a7d82cde5}] =>Toolbar.Conduit
    [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}] =>Toolbar.DeltaSearch
    [HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater] =>Adware.Yontoo
    [HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
    [HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
    [HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
    [HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\ScriptHost.Tool.1] =>Toolbar.Agent
    [HKLM\Software\Classes\ScriptHost.Tool] =>Toolbar.Agent
    [HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\PropertySync.EXE] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch
    [HKLM\Software\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch
    [HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch
    [HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Wajam] =>Toolbar.Wajam
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
    [HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} =>Toolbar.Babylon
    C:\Program Files\yontoo =>Adware.Yontoo
    C:\Program Files\Smiley Bar for Facebook =>Adware.SmileyBar
    C:\Documents and Settings\utilisateur\Application Data\yontoo =>Adware.Yontoo
    C:\Documents and Settings\utilisateur\Application Data\SpecialSavings =>PUP.SpecialSavings
    C:\Documents and Settings\utilisateur\Application Data\BabSolution =>Hijacker.BabSolution
    C:\Documents and Settings\utilisateur\Local Settings\Application Data\Bundled software uninstaller =>Adware.MegaSearch
    ~ Additionnel: Scanned in 00mn 17s



    ---\\ Product Upgrade Codes (O90)
    O90 - PUC: "D204673BAE85AE54DB05DD29E46BA707" . (.Disque de souvenirs HP.) -- C:\WINDOWS\Installer\{B376402D-58EA-45EA-BD50-DD924EB67A70}\hpmd.exe
    ~ Update Products: 39 Legitimates Scanned in 00mn 00s



    ---\\ Random Export Key (O91)
    [HKCU\Software\855888bb36dbe44] =>Toolbar.Babylon^
    [HKCU\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    [HKCU\Software\855888bb36dbe44]:version="2.6.1125.80"
    [HKLM\Software\855888bb36dbe44] =>Toolbar.Babylon^
    [HKLM\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    [HKLM\Software\855888bb36dbe44]:version="2.6.1125.80"
    ~ Export Key Software: Scanned in 00mn 00s



    ---\\ MyComputer Name Space (O92)
    ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
    SS - | Auto 24/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 24/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SR - | Auto 24/06/2012 153352 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
    SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    SR - | Auto 03/08/2011 146024 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
    SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    SS - | Auto 09/11/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
    SS - | Auto 23/03/2013 23552 | (Yontoo Desktop Updater) . (.Microsoft.) - C:\Program Files\Yontoo\Y2Desktop.Updater.exe =>PUP.Yontoo
    ~ Services: Scanned in 00mn 01s



    ---\\ Recherche Master Boot Record Infection (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Run by utilisateur at 11/04/2013 18:52:27

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    ~ MBR: 8 Legitimates Scanned in 00mn 02s



    ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog
    Run by utilisateur at 11/04/2013 18:52:29

    ********* Dump file Name *********
    C:\PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s



    ~ 2227 Legitimates filtered by white list
    End of the scan (1609 lines in 05mn 48s)(0)




    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 11/04/2013 à 21:36


    Il reste pas mal de chose à corriger, nous allons le faire en plusieurs fois.

    Ce script va cibler certains éléments à supprimer :

    • Ouvre ce lien, sélectionne le script en entier et copie le (Édition --> Copier)
    • Lance ZHPFix à partir du raccourci sur ton Bureau
    • Clique sur l'icône représentant le presse-papier (« coller le presse-papier »)
    • Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
    >>les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix. Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes<<
    • Clique sur le bouton « GO » pour lancer le nettoyage,
    • Copie/colle la totalité du rapport dans ta prochaine réponse
    Pour t'aider

    *Une fois terminé, fais redémarrer le PC.


    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 12/04/2013 à 11:39


    Bonjour,
    impossible de télécharger zhpfix, je tombe sur zebulon et de la pub...


    J_D J_D
    10 736 contributions
    Membre depuis le 12/11/2001
    Envoyé le 12/04/2013 à 12:05


    Bonjour,


    impossible de télécharger zhpfix


    En principe il doit se trouver sur ton bureau, inutile de le télécharger (!)
    Je ne réponds pas aux messages privés non sollicités ! C'est pas toujours facile...
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 12/04/2013 à 12:25


    Bonjour,
    sur le bureau je n'ai que zhpdiag...


    J_D J_D
    10 736 contributions
    Membre depuis le 12/11/2001
    Envoyé le 12/04/2013 à 13:52


    Bonjour,
    Voici le lien pour le télécharger > telechargement.zebulon.fr/telecharger-zhpfix.html
    Je ne réponds pas aux messages privés non sollicités ! C'est pas toujours facile...
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 13/04/2013 à 10:21


    Bonjour,
    voici le rapport de zhpfix :
    Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-13-04-2013-10-12-39.txt
    Run by utilisateur at 13/04/2013 10:12:38
    High Elevated Privileges : OK
    Windows XP Home Edition Service Pack 3 (Build 2600)

    Corbeille vidée

    ========== Logiciel(s) ==========
    ABSENT Uninstall Process: c:\documents and settings\all users\application data\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
    SUPPRIME SweetIM Bundle by SweetPacks
    SUPPRIME SweetIM for Messenger 3.7
    ABSENT Uninstall Process: c:\windows\system32\wnlt\installation\uninstaller.exe
    ABSENT Uninstall Process: c:\documents and settings\utilisateur\application data\babsolution\shared\guninstaller.exe
    ABSENT Software Key: delta
    ABSENT Uninstall Process: c:\program files\wiseconvert_1.5\uninstall.exe

    ========== Clé(s) du Registre ==========
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks]
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}]
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT]
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert_1.5 Toolbar]
    SUPPRIME Key: Winlogon Notify: crypt32chain
    SUPPRIME Key: Winlogon Notify: cryptnet
    SUPPRIME Key: Winlogon Notify: sclgntfy
    SUPPRIME Key: Service Legacy: LEGACY_ESGIGUARD
    SUPPRIME Key: Service: Yontoo Desktop Updater
    SUPPRIME Key: CLSID BHO: {19803860-b306-423c-bbb5-f60a7d82cde5}
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{19803860-b306-423c-bbb5-f60a7d82cde5}]
    ABSENT Key: CLSID BHO: {C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    SUPPRIME Key: CLSID Extra Buttons: {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
    SUPPRIME Key: SearchScopes :{3341E4A7-EFA7-45EA-8287-C25B48962F28}

    ========== Valeur(s) du Registre ==========
    ABSENT Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3}
    ABSENT [HKCUSoftwareMozillaFirefoxExtensions]:{0F827075-B026-42F3-885D-98981EE7B1AE}
    ABSENT [HKCUSoftware855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT [HKLMSoftware855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    SUPPRIME Toolbar: {19803860-b306-423c-bbb5-f60a7d82cde5}
    SUPPRIME FirewallRaz (SP) : %windir%\system32\sessmgr.exe
    SUPPRIME FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe
    SUPPRIME FirewallRaz (SP) : C:\WINDOWS\system32\dmwu.exe
    SUPPRIME FirewallRaz (SP) : C:\WINDOWS\system32\ARFC\wrtc.exe
    SUPPRIME FirewallRaz (DP) : %windir%\system32\sessmgr.exe
    SUPPRIME FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe
    Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

    ========== Dossier(s) ==========
    SUPPRIME Flash Cookies
    SUPPRIME Temporaires Windows

    ========== Fichier(s) ==========
    ABSENT File: c:program filesdeltadelta1.8.16.16deltatlbr.dll
    ABSENT File: c:windowssystem32crypt32.dll
    ABSENT File: c:windowssystem32cryptnet.dll
    ABSENT File: c:windowssystem32sclgntfy.dll
    ABSENT File: c:program fileswiseconvert_1.5prxtbwise.dll
    ABSENT File: c:program filesdeltadelta1.8.16.16bhdelta.dll
    SUPPRIME Flash Cookies
    SUPPRIME Temporaires Windows

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès

    ========== Autre ==========
    NON TRAITE [HKCUSoftwareAppDataLowSoftwareSmartbar]
    NON TRAITE [HKCUSoftwareBabylonToolbar]
    NON TRAITE [HKCUSoftwareDataMngr_Toolbar]
    NON TRAITE [HKLMSoftwareClassesInterface{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{A0C9DF2B-89B5-4483-8983-18A68200F1B4}]
    NON TRAITE [HKLMSoftwareClassesAppID{B16632F1-24E0-4D99-A68D-70BFB6447C48}]
    NON TRAITE [HKLMSoftwareClassesTypeLib{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    NON TRAITE [HKLMSoftwareClassesCLSID{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    NON TRAITE [HKLMSoftwareClassesCLSID{261DD098-8A3E-43D4-87AA-63324FA897D8}]
    NON TRAITE [HKLMSYSTEMCurrentControlSetServicesYontoo Desktop Updater]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementArpcacheSweetIM Bundle by SweetPacks]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallSweetIM Bundle by SweetPacks]
    NON TRAITE C:Program Filesyontoo
    NON TRAITE C:Documents and SettingsutilisateurApplication Datayontoo
    NON TRAITE C:Documents and SettingsutilisateurApplication DataSpecialSavings
    NON TRAITE R0 - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page
    NON TRAITE R1 - HKLMSOFTWAREMicrosoftInternet ExplorerAboutURLs,Tabs
    NON TRAITE [HKCUSoftwareWiseConvert_1.5]
    NON TRAITE [HKLMSoftwareWiseConvert_1.5]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{19803860-B306-423C-BBB5-F60A7D82CDE5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{19803860-B306-423C-BBB5-F60A7D82CDE5}]
    NON TRAITE [HKLMSoftwareClassesCLSID{19803860-B306-423C-BBB5-F60A7D82CDE5}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{19803860-B306-423C-BBB5-F60A7D82CDE5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{493CCB71-DCAD-4257-9F08-8750F63BD792}]
    NON TRAITE [HKLMSoftwareClassesCLSID{493CCB71-DCAD-4257-9F08-8750F63BD792}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExtPreApproved{493CCB71-DCAD-4257-9F08-8750F63BD792}]
    NON TRAITE [HKLMSoftwareClassesInterface{75BF416E-4326-45B5-8A2D-AE32D05B930B}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
    NON TRAITE [HKLMSoftwareClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
    NON TRAITE [HKLMSoftwareMicrosoftInternet Explorerextensions{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKLMSoftwareClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKLMSoftwareClassesAppIDPricePeep.DLL]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCachePricePeep]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheWiseConvert_1.5 Toolbar]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
    NON TRAITE [HKLMSoftwareClassesCLSID{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallWiseConvert_1.5 Toolbar]
    NON TRAITE [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
    NON TRAITE [HKLMSoftwareMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{19803860-b306-423c-bbb5-f60a7d82cde5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{19803860-b306-423c-bbb5-f60a7d82cde5}]
    NON TRAITE [HKLMSoftwareClassesCLSID{19803860-b306-423c-bbb5-f60a7d82cde5}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{19803860-b306-423c-bbb5-f60a7d82cde5}]
    NON TRAITE [HKLMSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}]
    NON TRAITE [HKLMSoftwareClassesCLSID{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}]
    NON TRAITE [HKLMSoftwareClassesCLSID{86838207-681D-469D-9511-D0DCC6F19F9B}]
    NON TRAITE [HKLMSoftwareClassesCLSID{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}]
    NON TRAITE [HKLMSoftwareClassesAppID{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]
    NON TRAITE [HKLMSoftwareClassesAppID{39CB8175-E224-4446-8746-00566302DF8D}]
    NON TRAITE [HKLMSoftwareClassesTypeLib{39CB8175-E224-4446-8746-00566302DF8D}]
    NON TRAITE [HKLMSoftwareClassesTypeLib{4599D05A-D545-4069-BB42-5895B4EAE05B}]
    NON TRAITE [HKLMSoftwareClassesAppID{18B9B16E-716F-43DF-A6AD-512C7D2EB983}]
    NON TRAITE [HKLMSoftwareClassesAppID{19975B78-1907-4DD6-A437-4C48120F46A4}]
    NON TRAITE [HKLMSoftwareClassesAppID{562B9317-C08A-444A-9482-62080DD851AE}]
    NON TRAITE [HKLMSoftwareClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020}]
    NON TRAITE [HKLMSoftwareClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}]
    NON TRAITE [HKLMSoftwareClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}]
    NON TRAITE [HKLMSoftwareClassesCLSID{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]
    NON TRAITE [HKLMSoftwareClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]
    NON TRAITE [HKLMSoftwareClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}]
    NON TRAITE [HKLMSoftwareClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}]
    NON TRAITE [HKLMSoftwareClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}]
    NON TRAITE [HKLMSoftwareClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}]
    NON TRAITE [HKLMSoftwareClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29}]
    NON TRAITE [HKLMSoftwareClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}]
    NON TRAITE [HKLMSoftwareClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317}]
    NON TRAITE [HKLMSoftwareClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementArpcacheWajam]


    ========== Récapitulatif ==========
    17 : Clé(s) du Registre
    12 : Valeur(s) du Registre
    2 : Dossier(s)
    8 : Fichier(s)
    7 : Logiciel(s)
    1 : Restauration Système
    77 : Autre


    End of clean in 00mn 57s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 13/04/2013 10:12:39 [10447]



    2011N2 2011N2
    313 contributions
    Membre depuis le 10/10/2012
    Envoyé le 15/04/2013 à 19:29


    Bonjour,

    Je pense que loumax est absent, je vais faire avancer un peu le sujet.
    Peux-tu me faire un nouveau rapport ZHPdiag pour vérification ?

    Et peux-tu me donner des nouvelles du PC ? Reste-t-il des problèmes ?

    Bonne soirée,

    Gabriel.

    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 15/04/2013 à 20:44


    Bonjour,
    voici le rapport de diag que je viens d'effectuer. Le PC a l'air de bien fonctionner
    et même on dirait qu'il est plus rapide. Merci par avance. Cordialement.

    Rapport de ZHPDiag v2013.4.9.53 par Nicolas Coolman, Update du 09/04/2013
    Run by utilisateur at 15/04/2013 20:29:42
    State : Nouvelle version disponible
    High Elevated Privileges : OK
    UAC : Not Found


    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.18702
    GCIE: Google Chrome v26.0.1410.64 (Defaut)

    ---\\ Windows Product Information
    ~ Langage: Français
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Windows Automatic Updates : OK
    Windows Genuine Advantage : KO

    ---\\ System Protection

    ---\\ System Information
    ~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1023 MB (27% free)
    System Restore: Activé (Enable)
    System drive C: has 116 GB (79%) free of 146 GB

    ---\\ Logged in mode
    ~ Computer Name: MARINO-3C5608AD
    ~ User Name: utilisateur
    ~ All Users Names: utilisateur, SUPPORT_388945a0, HelpAssistant, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Documents and Settings\utilisateur\Application Data\
    ~ %Desktop% : C:\Documents and Settings\utilisateur\Bureau\
    ~ %Favorites% : C:\Documents and Settings\utilisateur\Favoris\
    ~ %LocalAppData% : C:\Documents and Settings\utilisateur\Local Settings\Application Data\
    ~ %StartMenu% : C:\Documents and Settings\utilisateur\Menu Démarrer\
    ~ %Windir% : C:\WINDOWS\
    ~ %System% : C:\WINDOWS\system32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 116 Go of 146 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 119 Go of 152 Go)
    E:\ CD-ROM drive (Not Inserted)
    F:\ CD-ROM drive (Not Inserted)
    G:\ Hard drive, Flash drive, Thumb drive (Free 278 Go of 298 Go)
    H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
    K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
    [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
    ~ Security Center: Scanned in 00mn 00s



    ---\\ Recherche particulière de fichiers génériques
    [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
    [MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
    [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
    [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
    [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
    [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
    [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
    [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
    [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
    [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
    [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
    [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
    [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
    [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
    [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
    [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
    [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
    [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
    [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
    ~ Generic Processes: Scanned in 00mn 00s



    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 5/7805
    ~ Mes musiques (My Musics) : 1/11
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 3/69
    ~ Mes Documents (My Documents) : 5/8965
    ~ Mon Bureau (My Desktop) : 0/55
    ~ Menu demarrer (Programs) : 1/31
    ~ Hidden Files: Scanned in 00mn 02s



    ---\\ Processus lancés
    [MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1312]
    [MD5.DE5D05FD449798EF88CC34AD4B1E7F85] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153352] [PID.1056]
    [MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2020]
    [MD5.F0EEED52FC29BEC6E917CAB2788148B2] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe [68096] [PID.3684]
    [MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.3692]
    [MD5.84EEB34CEF30CBB4992D8332F818A4B3] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe [98304] [PID.3876]
    [MD5.D5BC63D2822B8E244E53D2FF8078CC6B] - (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [69632] [PID.3912]
    [MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.4024]
    [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.4052]
    [MD5.59380D1808A83AA4150F550F45BEE3A9] - (.Pas de propriétaire - hpgs2wnf Module.) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe [77824] [PID.1592]
    [MD5.5E118E606E2AF56419A699210DFCF450] - (.Dropbox, Inc. - Dropbox.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe [29106336] [PID.484]
    [MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11322880] [PID.1992]
    [MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11314688] [PID.2028]
    [MD5.7E52CC3AE4C554DABDAB096157F367FF] - (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe [60416] [PID.2304]
    [MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.3824]
    [MD5.B588979D6910F9BE2D244FCBE2111DBF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6620160] [PID.2676]
    [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2104]
    ~ Processes Running: Scanned in 00mn 03s



    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
    G1 - GCS: Preference [User Data\Default] None
    ~ Google Browser: Scanned in 00mn 00s



    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    ~ Firefox Browser: 9 Legitimates Scanned in 00mn 00s



    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com =>Toolbar.DeltaSearch
    R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wuuta.com
    ~ IE Browser: 12 Legitimates Scanned in 00mn 00s



    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s



    ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
    F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
    ~ Keys: Scanned in 00mn 00s



    ---\\ Redirection du fichier Hosts (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20



    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: SpeedAnalysis.com - {45564571-A21B-48ED-B584-69752EEE9C3D} . (.SpeedAnalysis.com - ScriptHost.) -- C:\Program Files\SpeedAnalysis.com\ScriptHost.dll
    O2 - BHO: Smiley Bar for Facebook - {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} . (.Plus Winks - ScriptHost.) -- C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll
    O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} . (.XingHao Software - LyricsPal.) -- C:\Program Files\XingHaoLyrics\lrcspal.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    ~ BHO: 10 Legitimates Scanned in 00mn 00s



    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: EPSON Web-To-Page - [HKLM]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    ~ Toolbar: Scanned in 00mn 00s



    ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
    O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe
    O4 - HKLM\..\Run: [zzzHPSETUP] F:\Setup.exe (.not file.)
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] . (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-21-1078081533-1788223648-839522115-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-1078081533-1788223648-839522115-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    ~ Application: Scanned in 00mn 00s



    ---\\ Autres liens utilisateurs (O4)
    O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
    O4 - GS\Programs: Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA - Registration Wizard for Readiris 5.0.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\DocProc\regipe.exe
    O4 - GS\Programs: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
    O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
    O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
    O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
    O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    ~ Global Startup: Scanned in 00mn 00s



    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
    O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
    ~ IE Extra Buttons: Scanned in 00mn 00s



    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    ~ Winsock: 3 Legitimates Scanned in 00mn 00s



    ---\\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} ((no name)) - http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    ~ Objets ActiveX: Scanned in 00mn 00s



    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s



    ---\\ Protocole additionnel (O18)
    O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll
    ~ Protocole Additionnel: Scanned in 00mn 00s



    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    ~ Winlogon: Scanned in 00mn 00s



    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    ~ SSODL: 5 Legitimates Scanned in 00mn 00s



    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
    ~ Services: 6 Legitimates Scanned in 00mn 03s



    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



    ---\\ BootExecute (O34)
    ~ BEX: 1 Legitimates Scanned in 00mn 00s



    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsPal Update.job [394]
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SyncBack mesdocuments.job [446]
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SyncBack outlook express.job [452]
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SyncBack Sauvegarde sur disque externe.job [480]
    ~ Scheduled Task: 9 Legitimates Scanned in 00mn 00s



    ---\\ Composants installés (ActiveSetup Installed Components) (O40)
    ~ Active Setup: 21 Legitimates Scanned in 00mn 00s



    ---\\ Pilotes lancés au démarrage (O41)
    ~ Drivers: 63 Legitimates Scanned in 00mn 00s



    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Reader X (10.1.6) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
    O42 - Logiciel: Guide d'utilisation ESPR240 - (...) [HKLM] -- Guide d'utilisation ESPR240
    O42 - Logiciel: LyricsPal - (.XingHao Software.) [HKLM] -- lrcspal@xinghao.net
    O42 - Logiciel: ULi AGP Driver - (...) [HKLM] -- {0DD0650C-5113-4FEE-BDDA-AC0B76FD0BD1}
    O42 - Logiciel: ULi LAN Driver - (...) [HKLM] -- {143BE018-D8F8-4014-8CB6-AF63F5799D21}
    O42 - Logiciel: ULi SATA Driver - (.ULi.) [HKLM] -- {FDC53DC6-137A-4541-BFA2-A9BAE4A7FE99}
    O42 - Logiciel: VisDGI - (...) [HKLM] -- VisDGIUninstall
    O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
    ~ Logic: 91 Legitimates Scanned in 00mn 00s



    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\855888bb36dbe44]
    [HKCU\Software\Amazon]
    [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
    [HKCU\Software\BI]
    [HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
    [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
    [HKCU\Software\IM]
    [HKCU\Software\ImInstaller]
    [HKCU\Software\IncrediMail]
    [HKCU\Software\LOGIDOC]
    [HKCU\Software\PerformerSoft LLC]
    [HKCU\Software\WiseConvert_1.5]
    [HKLM\Software\855888bb36dbe44]
    [HKLM\Software\ALi]
    [HKLM\Software\Amazon]
    [HKLM\Software\Appia]
    [HKLM\Software\ULi]
    [HKLM\Software\WiseConvert_1.5]
    ~ Key Software: 172 Legitimates Scanned in 00mn 00s



    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 09/07/2012 - 16:40:41 - [70,451] ----D C:\Program Files\Amazon
    O43 - CFD: 02/08/2012 - 10:28:16 - [0] ----D C:\Program Files\Lidl-Photos
    O43 - CFD: 08/04/2013 - 10:36:45 - [7,839] ----D C:\Program Files\WiseConvert_1.5
    O43 - CFD: 09/04/2013 - 11:51:50 - [0,801] ----D C:\Program Files\Yontoo =>PUP.Yontoo
    O43 - CFD: 19/04/2012 - 14:19:14 - [1,215] ----D C:\Program Files\Fichiers communs\VisDGIsharedDLLs
    O43 - CFD: 09/04/2013 - 14:33:59 - [1,942] ----D C:\Documents and Settings\utilisateur\Application Data\BabSolution =>Hijacker.BabSolution
    O43 - CFD: 09/04/2013 - 11:51:25 - [0,308] ----D C:\Documents and Settings\utilisateur\Application Data\File Scout
    O43 - CFD: 10/04/2013 - 14:43:29 - [0] ----D C:\Documents and Settings\utilisateur\Application Data\PerformerSoft
    O43 - CFD: 09/04/2013 - 14:57:34 - [0,066] ----D C:\Documents and Settings\utilisateur\Application Data\SpecialSavings
    O43 - CFD: 10/04/2013 - 14:04:35 - [0,076] ----D C:\Documents and Settings\utilisateur\Application Data\SpeedanAlysis
    O43 - CFD: 09/04/2013 - 11:51:45 - [0,041] ----D C:\Documents and Settings\utilisateur\Application Data\Yontoo =>PUP.Yontoo
    O43 - CFD: 09/07/2012 - 16:40:52 - [0,244] ----D C:\Documents and Settings\utilisateur\Local Settings\Application Data\Amazon
    O43 - CFD: 09/04/2013 - 14:22:49 - [17,122] ----D C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft
    O43 - CFD: 08/04/2013 - 17:51:10 - [8,764] ----D C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5
    O43 - CFD: 09/07/2012 - 16:40:54 - [0,003] ----D C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Amazon
    O43 - CFD: 09/04/2013 - 14:34:49 - [0,001] ----D C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\BrowserProtect =>Toolbar.Babylon
    ~ Program Folder: 123 Legitimates Scanned in 00mn 01s



    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.1BE1D9D98BCAEC2FFEE8E6A8F1B7E6BB] - 14/04/2013 - 18:34:55 ---A- . (...) -- C:\WINDOWS\wiadebug.log [228]
    O44 - LFC:[MD5.D63A97C20933E6B237F9F40BF7457070] - 14/04/2013 - 08:15:36 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
    O44 - LFC:[MD5.8EA21F8B649D6282286BB0D20290A9F5] - 13/04/2013 - 22:33:32 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb0.bin [1072544]
    O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 13/04/2013 - 22:33:32 ---A- . (...) -- C:\WINDOWS\system32\nvdrssel.bin [1]
    O44 - LFC:[MD5.530633EDE4845B230A2F74FAAD6F246A] - 13/04/2013 - 22:33:25 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb1.bin [1072544]
    O44 - LFC:[MD5.35859245C90EF8019D746B13FB851B51] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30914]
    O44 - LFC:[MD5.8F6184B057F68FF7825D0F9BA5DA5F42] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\comsetup.log [10118]
    O44 - LFC:[MD5.367DAF179A0FCA166ABC344AFBA2B75D] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\iis6.log [4835]
    O44 - LFC:[MD5.40D2498D9A7B4EFFE5C032385F97FA61] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
    O44 - LFC:[MD5.42CAD4901C6789FC3EC60BD8DCF3649F] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1545]
    O44 - LFC:[MD5.9A51348D7F0326EFAE33CD1B09063979] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6127]
    O44 - LFC:[MD5.C1B5A2C53280221ACDF3C00F7DDCB755] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\ocgen.log [14780]
    O44 - LFC:[MD5.CF44A8EE3FF3055F23387CA8EAB9A80C] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710]
    O44 - LFC:[MD5.BF603628B8C8BDE6C2DF46968A69CD48] - 10/04/2013 - 02:06:44 ---A- . (...) -- C:\WINDOWS\tsoc.log [11795]
    O44 - LFC:[MD5.2E9F043B9BEE995AE22E22DCD19496BD] - 10/04/2013 - 02:06:35 ---A- . (...) -- C:\WINDOWS\updspapi.log [3669]
    O44 - LFC:[MD5.602C79790D4EAA22FB90F8C337E8F1BE] - 10/04/2013 - 02:05:26 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2013 - 09:38:29 ---A- . (...) -- C:\END [0]
    O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 13/05/2011 - 15:59:22 ---A- . (...) -- C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest [1870]
    ~ Files: 51 Legitimates Scanned in 00mn 05s



    ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 - LFCP:[MD5.A7428B17A06F1A3E33C7DE64D01CF971] - 14/04/2013 - 08:22:34 ---A- - C:\WINDOWS\Prefetch\SOUNDMAN.EXE-19745A34.pf
    O45 - LFCP:[MD5.2A57FFE68A9B56C8A5A47DAD64B7669E] - 14/04/2013 - 08:22:35 ---A- - C:\WINDOWS\Prefetch\HPGS2WND.EXE-06AC8C27.pf
    O45 - LFCP:[MD5.C78596047015FA9A3F1DB2C5246E41B4] - 14/04/2013 - 08:22:36 ---A- - C:\WINDOWS\Prefetch\HPGS2WNF.EXE-0E86C34B.pf
    O45 - LFCP:[MD5.87B37004F85ED36A43B367D664D16DC5] - 15/04/2013 - 08:06:38 ---A- - C:\WINDOWS\Prefetch\INSTALL_FLASH_PLAYER_11_PLUGI-3A378B15.pf
    O45 - LFCP:[MD5.DDDE8F0C6115D0D71322A33E1EE1BA76] - 15/04/2013 - 09:30:39 ---A- - C:\WINDOWS\Prefetch\PROPERTYSYNC.EXE-01B5D25E.pf
    O45 - LFCP:[MD5.9F2BABD4BD4C6714E0EC85F25960154F] - 15/04/2013 - 09:30:41 ---A- - C:\WINDOWS\Prefetch\PROPERTYSYNC.EXE-0F3994CB.pf
    O45 - LFCP:[MD5.4A17E455DE550EAF5FCF04C30C9A6E9B] - 15/04/2013 - 16:00:12 ---A- - C:\WINDOWS\Prefetch\SYNCBACK.EXE-08A8AC42.pf
    ~ Prefetcher: 70 Legitimates Scanned in 00mn 00s



    ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
    ~ ShellExecuteHooks: Scanned in 00mn 00s



    ---\\ Export de clé d'application autorisée (O47)
    ~ Keys Export: 3 Legitimates Scanned in 00mn 00s



    ---\\ Déni du service (Local Security Authority) (O48)
    ~ LSA: 6 Legitimates Scanned in 00mn 00s



    ---\\ Contrôle du Safe Boot (CSB) (O49)
    ~ CBS: 21 Legitimates Scanned in 00mn 00s



    ---\\ Image File Execution Options (IFEO) (O50)
    O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
    ~ IFEO: Scanned in 00mn 00s



    ---\\ Trojan Driver Search Data (HKLM) (O52)
    ~ TDSD: 12 Legitimates Scanned in 00mn 00s



    ---\\ Microsoft Control Security Providers (O54)
    ~ MSCP: 6 Legitimates Scanned in 00mn 00s



    ---\\ Microsoft Windows Policies System (O55)
    ~ MWPS: 5 Legitimates Scanned in 00mn 00s



    ---\\ Microsoft Windows Policies Explorer (O56)
    ~ MWPE Keys: 1 Legitimates Scanned in 00mn 00s



    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.B34B1AB0A7690A0E2301FEC6D17B2FC1] - 25/10/2011 - 17:35:06 ---A- . (.Oak Technology Inc. - Audio File System.) -- C:\WINDOWS\system32\Drivers\AFS2K.SYS [82380]
    O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
    ~ Drivers: Scanned in 00mn 00s



    ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 - LFC: 12/04/2013 - 10:37:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft\User Data\Local State [22923]
    O61 - LFC: 12/04/2013 - 15:33:06 ---A- C:\Documents and Settings\utilisateur\Recent\Compte administratif simplifié.lnk [531]
    O61 - LFC: 12/04/2013 - 15:34:54 ---A- C:\Documents and Settings\utilisateur\Recent\BP 2013 PDF.lnk [418]
    O61 - LFC: 13/04/2013 - 09:12:39 ---A- C:\Documents and Settings\utilisateur\Bureau\ZHPFixReport.txt [10500]
    O61 - LFC: 13/04/2013 - 09:23:29 -SHA- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\Desktop.htt [2708]
    O61 - LFC: 13/04/2013 - 09:50:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000163.sst [231]
    O61 - LFC: 13/04/2013 - 11:26:13 ---A- C:\Documents and Settings\utilisateur\Recent\IMG_0064.lnk [439]
    O61 - LFC: 13/04/2013 - 11:27:24 ---A- C:\Documents and Settings\utilisateur\Recent\IMG_0065.lnk [439]
    O61 - LFC: 14/04/2013 - 09:17:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage [3072]
    O61 - LFC: 14/04/2013 - 09:17:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage-journal [3608]
    O61 - LFC: 14/04/2013 - 09:19:52 ---A- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Proof\CUSTOM.DIC [24]
    O61 - LFC: 14/04/2013 - 09:28:38 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_fr.mappy.com_0.localstorage [8192]
    O61 - LFC: 14/04/2013 - 09:28:38 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_fr.mappy.com_0.localstorage-journal [5672]
    O61 - LFC: 14/04/2013 - 09:34:01 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.laredoute.fr_0.localstorage [3072]
    O61 - LFC: 14/04/2013 - 09:34:01 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.laredoute.fr_0.localstorage-journal [3608]
    O61 - LFC: 14/04/2013 - 09:34:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.laredoute.fr_0.localstorage [3072]
    O61 - LFC: 14/04/2013 - 09:34:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.laredoute.fr_0.localstorage-journal [3608]
    O61 - LFC: 14/04/2013 - 09:38:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_lr.iadvize.com_0.localstorage [3072]
    O61 - LFC: 14/04/2013 - 09:38:28 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_lr.iadvize.com_0.localstorage-journal [3608]
    O61 - LFC: 14/04/2013 - 09:38:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_lr.iadvize.com_0.localstorage [3072]
    O61 - LFC: 14/04/2013 - 09:38:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_lr.iadvize.com_0.localstorage-journal [3608]
    O61 - LFC: 14/04/2013 - 10:37:14 ---A- C:\Documents and Settings\utilisateur\Recent\aaCNAV2 janvier 2011.lnk [508]
    O61 - LFC: 14/04/2013 - 11:19:08 ---A- C:\Documents and Settings\utilisateur\Recent\EDF-EAU.lnk [469]
    O61 - LFC: 14/04/2013 - 11:19:08 ---A- C:\Documents and Settings\utilisateur\Recent\ama.lnk [338]
    O61 - LFC: 14/04/2013 - 18:27:49 ---A- C:\Documents and Settings\utilisateur\Recent\IMG_0067.lnk [439]
    O61 - LFC: 14/04/2013 - 18:50:47 ---A- C:\Documents and Settings\utilisateur\Recent\IMG_0069.lnk [439]
    O61 - LFC: 15/04/2013 - 09:39:02 ---A- C:\Documents and Settings\utilisateur\Favoris\Observatoire EDF EJP.url [1552]
    O61 - LFC: 15/04/2013 - 09:39:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [20480]
    O61 - LFC: 15/04/2013 - 09:39:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts-journal [12824]
    O61 - LFC: 15/04/2013 - 09:39:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage [3072]
    O61 - LFC: 15/04/2013 - 09:39:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_disqus.com_0.localstorage-journal [3608]
    O61 - LFC: 15/04/2013 - 10:48:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [15360]
    O61 - LFC: 15/04/2013 - 10:48:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [5672]
    O61 - LFC: 15/04/2013 - 10:56:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks [7022]
    O61 - LFC: 15/04/2013 - 10:56:45 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks.bak [7022]
    O61 - LFC: 15/04/2013 - 11:01:20 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480]
    O61 - LFC: 15/04/2013 - 11:01:20 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824]
    O61 - LFC: 15/04/2013 - 11:35:53 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Tabs [12426]
    O61 - LFC: 15/04/2013 - 11:35:55 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072]
    O61 - LFC: 15/04/2013 - 13:06:24 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148]
    O61 - LFC: 15/04/2013 - 13:06:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\002521.sst [243]
    O61 - LFC: 15/04/2013 - 13:06:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [788]
    O61 - LFC: 15/04/2013 - 13:06:31 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [151]
    O61 - LFC: 15/04/2013 - 13:06:33 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [1372]
    O61 - LFC: 15/04/2013 - 13:12:29 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [271281]
    O61 - LFC: 15/04/2013 - 15:54:22 ---A- C:\Documents and Settings\utilisateur\Recent\IMG_0092.lnk [439]
    O61 - LFC: 15/04/2013 - 15:57:44 ---A- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Address Book\utilisateur.wab [320520]
    O61 - LFC: 15/04/2013 - 16:00:35 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [8950]
    O61 - LFC: 15/04/2013 - 16:00:36 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [17397]
    O61 - LFC: 15/04/2013 - 16:03:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
    O61 - LFC: 15/04/2013 - 16:03:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000219 [710]
    O61 - LFC: 15/04/2013 - 16:03:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [60540]
    O61 - LFC: 15/04/2013 - 16:03:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [12288]
    O61 - LFC: 15/04/2013 - 16:03:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data-journal [8736]
    O61 - LFC: 15/04/2013 - 16:03:09 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [148]
    O61 - LFC: 15/04/2013 - 16:03:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\002523.sst [185879]
    O61 - LFC: 15/04/2013 - 16:03:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
    O61 - LFC: 15/04/2013 - 16:03:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-002522 [164]
    O61 - LFC: 15/04/2013 - 16:03:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
    O61 - LFC: 15/04/2013 - 16:03:11 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-002323 [521]
    O61 - LFC: 15/04/2013 - 16:03:13 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [277]
    O61 - LFC: 15/04/2013 - 16:03:13 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\https_www.google.com_0\2 [26624]
    O61 - LFC: 15/04/2013 - 16:03:14 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [151]
    O61 - LFC: 15/04/2013 - 16:03:17 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8]
    O61 - LFC: 15/04/2013 - 16:03:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312]
    O61 - LFC: 15/04/2013 - 16:03:43 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal [6704]
    O61 - LFC: 15/04/2013 - 16:04:41 -SHA- C:\Documents and Settings\utilisateur\PrivacIE\index.dat [16187392]
    O61 - LFC: 15/04/2013 - 16:06:16 -SHA- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768]
    O61 - LFC: 15/04/2013 - 16:06:16 -SHA- C:\Documents and Settings\utilisateur\IECompatCache\index.dat [65536]
    O61 - LFC: 15/04/2013 - 16:06:16 -SHA- C:\Documents and Settings\utilisateur\IETldCache\index.dat [262144]
    O61 - LFC: 15/04/2013 - 19:02:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [698368]
    O61 - LFC: 15/04/2013 - 19:02:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [16384]
    O61 - LFC: 15/04/2013 - 19:02:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History [929792]
    O61 - LFC: 15/04/2013 - 19:02:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-04 [2781184]
    O61 - LFC: 15/04/2013 - 19:02:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-04-journal [16384]
    O61 - LFC: 15/04/2013 - 19:02:07 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384]
    O61 - LFC: 15/04/2013 - 19:02:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [110592]
    O61 - LFC: 15/04/2013 - 19:02:08 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [14904]
    O61 - LFC: 15/04/2013 - 19:02:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3 [253952]
    O61 - LFC: 15/04/2013 - 19:02:10 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal [16384]
    O61 - LFC: 15/04/2013 - 19:03:45 ---A- C:\Documents and Settings\utilisateur\Application Data\vlc\ml.xspf [304]
    O61 - LFC: 15/04/2013 - 19:03:45 ---A- C:\Documents and Settings\utilisateur\Application Data\vlc\vlcrc [87473]
    O61 - LFC: 15/04/2013 - 19:04:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [97014]
    O61 - LFC: 15/04/2013 - 19:04:18 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [963432]
    O61 - LFC: 15/04/2013 - 19:04:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [6744612]
    O61 - LFC: 15/04/2013 - 19:04:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1504142]
    O61 - LFC: 15/04/2013 - 19:04:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134668]
    O61 - LFC: 15/04/2013 - 19:04:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19192]
    O61 - LFC: 15/04/2013 - 19:04:19 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [4644]
    O61 - LFC: 15/04/2013 - 19:04:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144]
    O61 - LFC: 15/04/2013 - 19:04:47 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
    O61 - LFC: 15/04/2013 - 19:25:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [757760]
    O61 - LFC: 15/04/2013 - 19:25:06 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [16384]
    O61 - LFC: 15/04/2013 - 19:28:17 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Local State [35517]
    O61 - LFC: 15/04/2013 - 19:29:06 ---A- C:\Documents and Settings\utilisateur\Recent\ZHPDiag.lnk [404]
    ~ 6 Fichiers temporaires (Temporary files)
    ~ 15 Fichiers cookies (Cookies files)
    ~ Files: 238 Legitimates Scanned in 00mn 43s



    ---\\ Liste des outils de nettoyage (O63)
    O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
    O63 - Logiciel: ZHPFix 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1
    ~ ADS: Scanned in 00mn 00s



    ---\\ Liste des services Legacy (O64)
    O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\dllhost.exe (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP
    O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (mbr) .(...) - LEGACY_MBR
    ~ Legacy: 119 Legitimates Scanned in 00mn 00s



    ---\\ File Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
    ~ FASS Keys: 17 Legitimates Scanned in 00mn 00s



    ---\\ Start Menu Internet (O68)
    O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    ~ Keys: Scanned in 00mn 00s



    ---\\ Search Browser Infection (O69)
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
    O69 - SBI: SearchScopes [HKCU] {871A9293-6158-47F1-8191-85C687915FDF} - (Google) - http://www.google.com
    ~ Keys: Scanned in 00mn 00s



    ---\\ Recherche des services démarrés par Svchost (O83)
    ~ Services: 39 Legitimates Scanned in 00mn 00s



    ---\\ Recherche particuliere à la racine de certains dossiers (O84)
    [MD5.CC1A55091FD96BCB624AD791CD15D179] [SPRF][09/02/2013] (...) -- C:\Documents and Settings\utilisateur\Application Data\BabMaint.exe [114176]
    [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
    [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
    [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [172032]
    ~ Files: Scanned in 00mn 00s



    ---\\ Scan Additionnel (O88)
    Database Version : v2.11497 - (09/04/2013)
    Clés trouvées (Keys found) : 109
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 6
    Fichiers trouvés (Files found) : 0

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19803860-B306-423C-BBB5-F60A7D82CDE5}] =>Toolbar.Agent
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19803860-B306-423C-BBB5-F60A7D82CDE5}] =>Toolbar.Agent
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent
    [HKLM\Software\Classes\CLSID\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent
    [HKLM\Software\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>Toolbar.Babylon
    [HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Toolbar.PricePeep
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
    [HKLM\Software\Classes\AppID\PricePeep.DLL] =>Toolbar.PricePeep
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep] =>Toolbar.PricePeep
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WiseConvert_1.5 Toolbar] =>Toolbar.Conduit
    [HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
    [HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
    [HKCU\Software\WiseConvert_1.5] =>Toolbar.Conduit
    [HKLM\Software\WiseConvert_1.5] =>Toolbar.Conduit
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
    [HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
    [HKLM\Software\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>Toolbar.Babylon
    [HKLM\Software\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] =>Toolbar.Babylon
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook] =>Adware.SmileyBar
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
    [HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
    [HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta] =>Toolbar.DeltaSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
    [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19803860-b306-423c-bbb5-f60a7d82cde5}] =>Toolbar.Conduit
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19803860-b306-423c-bbb5-f60a7d82cde5}] =>Toolbar.Conduit
    [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar] =>Toolbar.DeltaSearch
    [HKLM\Software\Classes\ScriptHost.Tool.1] =>Toolbar.Agent
    [HKLM\Software\Classes\ScriptHost.Tool] =>Toolbar.Agent
    [HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\PropertySync.EXE] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
    [HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Wajam] =>Toolbar.Wajam
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
    [HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} =>Toolbar.Babylon
    C:\Program Files\yontoo =>Adware.Yontoo
    C:\Program Files\Smiley Bar for Facebook =>Adware.SmileyBar
    C:\Documents and Settings\utilisateur\Application Data\yontoo =>Adware.Yontoo
    C:\Documents and Settings\utilisateur\Application Data\SpecialSavings =>PUP.SpecialSavings
    C:\Documents and Settings\utilisateur\Application Data\BabSolution =>Hijacker.BabSolution
    C:\Documents and Settings\utilisateur\Local Settings\Application Data\Bundled software uninstaller =>Adware.MegaSearch
    ~ Additionnel: Scanned in 00mn 11s



    ---\\ Product Upgrade Codes (O90)
    O90 - PUC: "D204673BAE85AE54DB05DD29E46BA707" . (.Disque de souvenirs HP.) -- C:\WINDOWS\Installer\{B376402D-58EA-45EA-BD50-DD924EB67A70}\hpmd.exe
    ~ Update Products: 39 Legitimates Scanned in 00mn 00s



    ---\\ Random Export Key (O91)
    [HKCU\Software\855888bb36dbe44] =>Toolbar.Babylon^
    [HKCU\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    [HKCU\Software\855888bb36dbe44]:version="2.6.1125.80"
    [HKLM\Software\855888bb36dbe44] =>Toolbar.Babylon^
    [HKLM\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    [HKLM\Software\855888bb36dbe44]:version="2.6.1125.80"
    ~ Export Key Software: Scanned in 00mn 00s



    ---\\ MyComputer Name Space (O92)
    ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS - | Demand 15/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
    SS - | Auto 24/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 24/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SR - | Auto 24/06/2012 153352 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
    SS - | Auto 03/08/2011 146024 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
    SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    SS - | Auto 09/11/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
    ~ Services: Scanned in 00mn 00s



    ---\\ Recherche Master Boot Record Infection (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Run by utilisateur at 15/04/2013 20:31:52

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    1 ntkrnlpa!IofCallDriver[0x804EE1A0] >> \Device\Harddisk0\DR0[0x86561AB8]
    kernel: MBR read successfully
    user & kernel MBR OK
    ~ MBR: 13 Legitimates Scanned in 00mn 02s



    ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog
    Run by utilisateur at 15/04/2013 20:31:55

    ********* Dump file Name *********
    C:\PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s



    ~ 1064 Legitimates filtered by white list
    End of the scan (802 lines in 02mn 12s)(0)



    2011N2 2011N2
    313 contributions
    Membre depuis le 10/10/2012
    Envoyé le 15/04/2013 à 22:15


    Bonjour,

    Ah pardon je n'avais pas vu, tu n'as pas la dernière version d'AdwCleaner.
    Peux-tu télécharger la dernière ici ? http://general-changelog-team.fr/en/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
    Ainsi que refaire un scan (recherche) et me poster le rapport ?

    N'oublie pas de supprimer l'ancienne version.

    Merci et bonne soirée,

    Gabriel.

    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 15/04/2013 à 22:27


    Bonjour,

    Ce script va cibler certains éléments à supprimer :

    • Ouvre ce lien, sélectionne le script en entier et copie le (Édition --> Copier)
    • Lance ZHPFix à partir du raccourci sur ton Bureau
    • Clique sur l'icône représentant le presse-papier (« coller le presse-papier »)
    • Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
    >>les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix. Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes<<
    • Clique sur le bouton « GO » pour lancer le nettoyage,
    • Copie/colle la totalité du rapport dans ta prochaine réponse
    Pour t'aider

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 15/04/2013 à 22:36


    Bonjour,
    voici le rapport de fix :
    Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-15-04-2013-22-30-18.txt
    Run by utilisateur at 15/04/2013 22:30:18
    High Elevated Privileges : OK
    Windows XP Home Edition Service Pack 3 (Build 2600)

    Corbeille vidée

    ========== Clé(s) du Registre ==========
    SUPPRIME Key: CLSID BHO: {A3DAEB01-4C15-4AC6-A689-6406FD954EE0}
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}]
    SUPPRIME Key: CLSID BHO: {45564571-A21B-48ED-B584-69752EEE9C3D}
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{45564571-A21B-48ED-B584-69752EEE9C3D}]
    SUPPRIME Key: CLSID BHO: {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
    ABSENT Key: Task: C:WINDOWSTasksLyricsPal Update.job [394]-

    ========== Valeur(s) du Registre ==========
    ABSENT [HKCUSoftwareMozillaFirefoxExtensions]:{0F827075-B026-42F3-885D-98981EE7B1AE}
    ABSENT [HKCUSoftware855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT [HKLMSoftware855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT Valeur Domain Profile: FirewallRaz :
    Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

    ========== Dossier(s) ==========
    SUPPRIME Temporaires Windows

    ========== Fichier(s) ==========
    ABSENT File: c:program filesxinghaolyricslrcspal.dll
    ABSENT File: c:program filesspeedanalysis.com
    ABSENT File: c:program filessmiley bar for facebookscripthost.dll
    SUPPRIME Temporaires Windows

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès

    ========== Autre ==========
    NON TRAITE [HKCUSoftwareAppDataLowSoftwareSmartbar]
    NON TRAITE [HKCUSoftwareBabylonToolbar]
    NON TRAITE [HKCUSoftwareDataMngr_Toolbar]
    NON TRAITE [HKLMSoftwareClassesInterface{5F339F0B-716F-408F-A627-DEEB5DEB4020}]
    NON TRAITE [HKLMSoftwareClassesAppID{B16632F1-24E0-4D99-A68D-70BFB6447C48}]
    NON TRAITE [HKLMSoftwareClassesTypeLib{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementArpcacheSweetIM Bundle by SweetPacks]
    NON TRAITE C:Program Filesyontoo
    NON TRAITE C:Documents and SettingsutilisateurApplication Datayontoo
    NON TRAITE C:Documents and SettingsutilisateurApplication DataSpecialSavings
    NON TRAITE R0 - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page
    NON TRAITE [HKCUSoftwareWiseConvert_1.5]
    NON TRAITE [HKLMSoftwareWiseConvert_1.5]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{19803860-B306-423C-BBB5-F60A7D82CDE5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{19803860-B306-423C-BBB5-F60A7D82CDE5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{493CCB71-DCAD-4257-9F08-8750F63BD792}]
    NON TRAITE [HKLMSoftwareClassesCLSID{493CCB71-DCAD-4257-9F08-8750F63BD792}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExtPreApproved{493CCB71-DCAD-4257-9F08-8750F63BD792}]
    NON TRAITE [HKLMSoftwareClassesInterface{75BF416E-4326-45B5-8A2D-AE32D05B930B}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKLMSoftwareClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    NON TRAITE [HKLMSoftwareClassesAppIDPricePeep.DLL]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCachePricePeep]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheWiseConvert_1.5 Toolbar]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
    NON TRAITE [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
    NON TRAITE [HKLMSoftwareMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{19803860-b306-423c-bbb5-f60a7d82cde5}]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{19803860-b306-423c-bbb5-f60a7d82cde5}]
    NON TRAITE [HKLMSoftwareClassesAppID{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]
    NON TRAITE [HKLMSoftwareClassesAppID{18B9B16E-716F-43DF-A6AD-512C7D2EB983}]
    NON TRAITE [HKLMSoftwareClassesAppID{19975B78-1907-4DD6-A437-4C48120F46A4}]
    NON TRAITE [HKLMSoftwareClassesAppID{562B9317-C08A-444A-9482-62080DD851AE}]
    NON TRAITE [HKLMSoftwareClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020}]
    NON TRAITE [HKLMSoftwareClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}]
    NON TRAITE [HKLMSoftwareClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}]
    NON TRAITE [HKLMSoftwareClassesCLSID{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]
    NON TRAITE [HKLMSoftwareClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]
    NON TRAITE [HKLMSoftwareClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}]
    NON TRAITE [HKLMSoftwareClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}]
    NON TRAITE [HKLMSoftwareClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}]
    NON TRAITE [HKLMSoftwareClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}]
    NON TRAITE [HKLMSoftwareClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29}]
    NON TRAITE [HKLMSoftwareClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}]
    NON TRAITE [HKLMSoftwareClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317}]
    NON TRAITE [HKLMSoftwareClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementArpcacheWajam]
    NON TRAITE [HKLMSoftwareClassesProd.cap]
    NON TRAITE [HKCUSoftwareMicrosoftWindowsCurrentVersionExtbProtectSettings]
    NON TRAITE [HKLMSoftwareClassesInstallerFeaturesB2FD9C0A5B9838449838816A28001F4B]
    NON TRAITE [HKLMSoftwareClassesInstallerProductsB2FD9C0A5B9838449838816A28001F4B]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsB2FD9C0A5B9838449838816A28001F4B]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallSmiley Bar for Facebook]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7D5290CDBDAE4242926B8E6CA650501]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE3D8A5B48622A445A7DF73FEFF32C3F]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes789034A89BAC50E4782F0A7BDBF75632]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4318DF19719275242801CBE292063A4C]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components45FC115D1FEAEF849A4E1610D6EC8BF0]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components46A5861A389ADB844AF89E31BC9DF0A1]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components49B0E1A6FF50BBE4289E4E23DE6EA0C7]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4CCCAC049F34D0540AAC13011398BEDB]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5C4389D0BFB302C479DE4178BD5D9EBA]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5D2B09BDEF4FE54418E6F3373CDBC7AC]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components61B65D3397A1FBF4CB1571B5E4F6B5B0]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components68E8A05C60DD9254591DBD16C94EDDBF]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components697E782CF574CC34CBB9566440BA12BC]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components6AE27A8613CF7EA4782F2886F67295E5]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components75D5168E5E176C24981B4E5DBD991078]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7CE172051F585E04187BCB97570BFA74]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components86A901BA5265452499DCBF719C378EE3]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8724E58E6C7D00C48A0D4F3345EB2C26]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ABD1CD5C40EC84789A7F6EF86DAC5E]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components980289C22F80A7C4BB9323DC61255E4E]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9A4B7EF3789F871419D9302583B20C15]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA6C53B0F76C44004A8F36716213017DB]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAB676B0E1B9EFA049B9F7DDDA9645734]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB31BBB0B825EDEF45AB0FE7099C68C81]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB471D8D7319336B4CA89374ED0D7B806]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB59F2D8189784CC46A4597F2842480B0]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBC30043663AA2CA4DA1DAA9CA5FDCC75]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBD746FB95FB8E5B45BF66BE54D5FD91F]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCCF399FCD6D2D3F46BF02A1378654FC9]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD149C1355C98DE24E82CEFBD996FE06A]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDB59FDB786388EA4D897F3EE715683AC]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDB8DAD19CFBCC2049A4477183787E8C5]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE1C820A74ED67374BA048B52CB3C3804]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsEC65F200D112357449C8B1BC3CFA03D0]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF327D0C73C0973644A21E8CC852267A0]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFA96423FE2B98E248A3B23548D1E22D9]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFDC83385E6C239F4C876A77A37DF581D]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components34EDDB1BFB3A2D448845F3EFD0F15A43]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components427EA997C413D1D47907CBFC7B2DB432]
    NON TRAITE [HKLMSoftwareClassesMediaPlayer.GraphicsUtils.1]
    NON TRAITE [HKLMSoftwareClassesMgMediaPlayer.GifAnimator.1]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF754C503375A13344B22388E18DFE87E]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheDelta]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallbi_uninstaller]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheDelta Chrome Toolbar]
    NON TRAITE [HKLMSoftwareClassesScriptHost.Tool.1]
    NON TRAITE [HKLMSoftwareClassesScriptHost.Tool]
    NON TRAITE [HKLMSoftwareClassesAppIDAddonsFramework.DLL]
    NON TRAITE [HKLMSoftwareClassesAppIDButtonSite.DLL]
    NON TRAITE [HKLMSoftwareClassesAppIDPropertySync.EXE]
    NON TRAITE [HKLMSoftwareClassesAppIDScriptHost.DLL]
    NON TRAITE [HKLMSoftwareClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8E33F7B61DEFF24BB9673ED7D467636]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094]
    NON TRAITE [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536]
    NON TRAITE C:Program FilesSmiley Bar for Facebook
    NON TRAITE C:Documents and SettingsutilisateurApplication DataBabSolution
    NON TRAITE C:Documents and SettingsutilisateurLocal SettingsApplication DataBundled software uninstaller


    ========== Récapitulatif ==========
    7 : Clé(s) du Registre
    5 : Valeur(s) du Registre
    1 : Dossier(s)
    4 : Fichier(s)
    1 : Restauration Système
    117 : Autre


    End of clean in 00mn 05s



    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 15/04/2013 à 22:59


    Le fix n'a pas fonctionné correctement, nous allons utiliser un autre outil de diagnostic :

    • Télécharge OTL sur ton Bureau.
    • Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur).
    • Sous Personnalisation, copie-colle ce script :

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE\%Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32drivers\*.sys /lockedfiles
    %systemroot%\System32config\*.sav
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    /md5stop




    • Coche la case "tous les utilisateurs" puis clique sur le bouton "Analyse"
    • Patiente pendant l'analyse jusqu'à l'apparition des deux rapports OTL.txt et Extras.txt
    • Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de OTL et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 16/04/2013 à 11:03


    Bonjour, voici les 2 rapports, à bientôt !
    OTL logfile created on: 16/04/2013 10:36:50 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = D:\Mes documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1023,23 Mb Total Physical Memory | 421,29 Mb Available Physical Memory | 41,17% Memory free
    2,40 Gb Paging File | 1,90 Gb Available in Paging File | 79,08% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 146,48 Gb Total Space | 115,66 Gb Free Space | 78,96% Space Free | Partition Type: NTFS
    Drive D: | 151,61 Gb Total Space | 119,20 Gb Free Space | 78,62% Space Free | Partition Type: NTFS
    Drive G: | 298,09 Gb Total Space | 277,96 Gb Free Space | 93,25% Space Free | Partition Type: NTFS

    Computer Name: MARINO-3C5608AD | User Name: utilisateur | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - [2013/04/16 10:31:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Mes documents\Downloads\OTL (15).exe
    PRC - [2013/04/09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/03/12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe
    PRC - [2013/03/07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    PRC - [2012/01/18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2011/01/17 19:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
    PRC - [2011/01/17 19:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
    PRC - [2008/04/13 19:34:14 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
    PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2005/04/25 06:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAHE.EXE
    PRC - [2004/07/27 17:01:36 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
    PRC - [2002/04/17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    PRC - [2002/04/17 10:42:56 | 000,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe


    [color=#E56717]========== Modules (No Company Name) ==========[/color]

    MOD - [2013/04/15 21:21:39 | 002,081,792 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13041501\algo.dll
    MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
    MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
    MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
    MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
    MOD - [2012/12/18 16:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
    MOD - [2011/10/24 14:25:39 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
    MOD - [2008/04/13 19:33:32 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2007/06/02 21:41:36 | 000,617,472 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
    MOD - [2002/04/17 11:49:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
    MOD - [2002/04/17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


    [color=#E56717]========== Services (SafeList) ==========[/color]

    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2013/04/15 09:06:48 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2012/11/09 12:21:24 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2011/07/20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
    SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - [2013/03/07 01:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2013/03/07 01:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2013/03/07 01:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2013/03/07 01:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2013/03/07 01:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2013/03/07 01:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2013/03/07 01:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2013/03/07 01:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011/10/25 18:35:06 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
    DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
    DRV - [2006/05/10 11:27:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
    DRV - [2005/05/03 17:31:56 | 000,045,056 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AGPKX.SYS -- (uliagpkx)
    DRV - [2005/03/22 20:36:40 | 000,028,672 | ---- | M] (ULi Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULILAN51.SYS -- (ULI5261XP)
    DRV - [2004/08/02 21:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
    DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)


    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wuuta.com/
    IE - HKLM\..\SearchScopes,DefaultScope = {3341E4A7-EFA7-45EA-8287-C25B48962F28}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119665&babsrc=HP_ss&mntrId=CCFB00138F73E5CD
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=119665&babsrc=HP_ss&mntrId=CCFB00138F73E5CD
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - No CLSID value found
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes\{871A9293-6158-47F1-8191-85C687915FDF}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    [color=#E56717]========== FireFox ==========[/color]

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\pluswinks@PlusWinks: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks [2013/04/09 12:03:12 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\speedanalysis@SpeedAnalysis.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/04/09 12:03:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com [2013/04/09 14:57:35 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lrcspal@xinghao.net: C:\Program Files\XingHaoLyrics\FF\ [2013/04/09 11:44:02 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\pluswinks@PlusWinks: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks [2013/04/09 12:03:12 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis@SpeedAnalysis.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/04/09 12:03:33 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com [2013/04/09 14:57:35 | 000,000,000 | ---D | M]

    [2013/04/09 14:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions
    [2013/04/09 12:03:12 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks
    [2013/04/09 14:57:35 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
    [2013/04/09 12:03:33 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
    [2013/04/09 11:52:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

    [color=#E56717]========== Chrome ==========[/color]

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.google.com
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
    CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
    CHR - Extension: SpecialSavings = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\
    CHR - Extension: SpeedAnalysis.com = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\
    CHR - Extension: Delta Toolbar = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\
    CHR - Extension: avast! WebRep = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
    CHR - Extension: Skype Click to Call = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
    CHR - Extension: LyricsPal = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\
    CHR - Extension: Smiley Bar for Facebook = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\
    CHR - Extension: BrowserProtect = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

    O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\Toolbar\WebBrowser: (no name) - {19803860-B306-423C-BBB5-F60A7D82CDE5} - No CLSID value found.
    O3 - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
    O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [zzzHPSETUP] F:\Setup.exe File not found
    O4 - Startup: C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab (Image Uploader Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011/10/20 19:32:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2013/04/13 10:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHPFix 2013
    [2013/04/13 10:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPFix
    [2013/04/10 14:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedAnalysis.com
    [2013/04/10 09:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
    [2013/04/10 09:52:05 | 000,000,000 | ---D | C] -- C:\ZHP
    [2013/04/09 14:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\SpecialSavings
    [2013/04/09 14:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\BrowserProtect
    [2013/04/09 14:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\BabSolution
    [2013/04/09 14:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Smiley Bar for Facebook
    [2013/04/09 14:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft
    [2013/04/09 12:06:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\VideoPerformer
    [2013/04/09 12:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Mozilla
    [2013/04/09 12:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\SpeedanAlysis
    [2013/04/09 12:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\PlusWinks
    [2013/04/09 12:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\VideoPerformer
    [2013/04/09 11:52:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
    [2013/04/09 11:52:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
    [2013/04/09 11:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect
    [2013/04/09 11:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2013/04/09 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Yontoo
    [2013/04/09 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\PerformerSoft
    [2013/04/09 11:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
    [2013/04/09 11:51:34 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
    [2013/04/09 11:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\File Scout
    [2013/04/09 11:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2013/04/09 11:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Bundled software uninstaller
    [2013/04/09 11:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
    [2013/04/09 11:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
    [2013/04/09 11:44:01 | 000,000,000 | ---D | C] -- C:\Program Files\XingHaoLyrics
    [2013/04/09 11:43:43 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
    [2013/04/09 11:43:42 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
    [2013/04/09 11:43:42 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
    [2013/04/09 11:43:42 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm80.dll
    [2013/04/09 11:43:42 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
    [2013/04/08 10:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5
    [2013/04/08 10:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\WiseConvert_1.5
    [2013/04/08 10:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    [2013/04/08 10:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2013/04/07 20:32:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\utilisateur\Recent
    [2013/04/07 20:02:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
    [2013/04/07 20:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2013/04/07 19:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2013/04/07 19:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
    [2013/03/25 10:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
    [2013/03/24 09:52:18 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    [2013/03/21 20:46:56 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
    [2013/03/21 20:46:56 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
    [2013/03/20 07:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Dossier de téléchargement Share-to-Web
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2013/04/16 09:57:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/04/16 09:48:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2013/04/16 09:00:00 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Sauvegarde sur disque externe.job
    [2013/04/16 08:55:58 | 000,370,414 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2013/04/16 08:55:58 | 000,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/04/16 08:55:58 | 000,049,494 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2013/04/16 08:55:58 | 000,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/04/16 08:54:56 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\LyricsPal Update.job
    [2013/04/16 08:54:55 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/04/16 08:54:54 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2013/04/16 08:47:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013/04/16 08:47:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/04/15 22:06:40 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{88CF58B8-0D17-4A94-A13B-553961A95108}.job
    [2013/04/15 20:31:53 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
    [2013/04/15 17:00:31 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack mesdocuments.job
    [2013/04/15 12:36:47 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack outlook express.job
    [2013/04/15 09:06:48 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2013/04/15 09:06:48 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2013/04/13 23:33:32 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
    [2013/04/13 23:33:32 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
    [2013/04/13 23:33:25 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
    [2013/04/13 10:01:53 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
    [2013/04/12 16:34:11 | 000,171,170 | ---- | M] () -- D:\Mes documents\CA 2012 PDF.pdf
    [2013/04/12 16:34:11 | 000,149,511 | ---- | M] () -- D:\Mes documents\BP 2013 PDF.pdf
    [2013/04/11 14:07:08 | 000,227,630 | ---- | M] () -- D:\Mes documents\rapport après antimalware
    [2013/04/10 09:52:13 | 000,001,523 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
    [2013/04/10 03:22:20 | 000,291,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013/04/10 03:05:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2013/04/09 15:01:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/04/09 11:56:04 | 020,480,000 | ---- | M] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\store-pp.jbs
    [2013/04/09 10:38:29 | 000,000,000 | ---- | M] () -- C:\END
    [2013/04/07 20:02:37 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
    [2013/04/06 22:37:30 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/04/01 20:03:43 | 000,001,046 | ---- | M] () -- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
    [2013/04/01 17:20:56 | 000,592,878 | -H-- | M] () -- D:\Mes documents\hpothb07.tif
    [2013/04/01 17:20:56 | 000,007,280 | -H-- | M] () -- D:\Mes documents\hpothb07.dat
    [2013/04/01 17:20:53 | 012,003,708 | ---- | M] () -- D:\Mes documents\attestation tva cheminées campo.tif
    [2013/04/01 17:20:37 | 011,942,031 | ---- | M] () -- D:\Mes documents\attestation tva cheminées campo.pdf
    [2013/04/01 17:18:13 | 012,003,708 | ---- | M] () -- D:\Mes documents\Scan0003.tif
    [2013/03/25 10:58:59 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
    [2013/03/24 09:52:18 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2013/04/13 10:01:19 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
    [2013/04/12 16:34:11 | 000,171,170 | ---- | C] () -- D:\Mes documents\CA 2012 PDF.pdf
    [2013/04/12 16:34:11 | 000,149,511 | ---- | C] () -- D:\Mes documents\BP 2013 PDF.pdf
    [2013/04/11 14:07:08 | 000,227,630 | ---- | C] () -- D:\Mes documents\rapport après antimalware
    [2013/04/11 14:01:46 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
    [2013/04/10 12:32:37 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\utilisateur\Application Data\BabMaint.exe
    [2013/04/10 09:52:13 | 000,001,523 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
    [2013/04/10 03:01:08 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2013/04/09 15:01:00 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/04/09 11:56:04 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\store-pp.jbs
    [2013/04/09 11:44:02 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\LyricsPal Update.job
    [2013/04/09 10:38:28 | 000,000,000 | ---- | C] () -- C:\END
    [2013/04/07 20:02:37 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
    [2013/04/01 17:20:37 | 011,942,031 | ---- | C] () -- D:\Mes documents\attestation tva cheminées campo.pdf
    [2013/04/01 17:19:05 | 012,003,708 | ---- | C] () -- D:\Mes documents\attestation tva cheminées campo.tif
    [2013/04/01 17:18:13 | 012,003,708 | ---- | C] () -- D:\Mes documents\Scan0003.tif
    [2013/03/25 10:58:59 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
    [2013/03/24 09:52:19 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
    [2013/03/24 09:52:19 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
    [2012/09/04 10:50:40 | 000,000,303 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
    [2012/06/17 21:04:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\utilisateur\CUSTOM.DICCUSTOM.DIC
    [2012/02/15 08:18:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/10/26 11:02:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2011/10/25 18:36:31 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK_setup.ini
    [2011/10/25 18:17:55 | 000,101,159 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
    [2011/10/25 18:17:55 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
    [2011/10/25 18:17:55 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
    [2011/10/25 18:17:55 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
    [2011/10/25 18:17:55 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
    [2011/10/25 18:17:55 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
    [2011/10/25 18:17:55 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
    [2011/10/25 18:17:55 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
    [2011/10/25 18:17:55 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
    [2011/10/25 18:17:55 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
    [2011/10/25 18:17:55 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
    [2011/10/25 18:17:55 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
    [2011/10/25 18:17:55 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
    [2011/10/25 18:17:55 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
    [2011/10/25 18:17:55 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
    [2011/10/25 18:17:55 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
    [2011/10/25 18:17:55 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2011/10/25 18:15:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE R240R245EU.ini
    [2011/10/24 14:28:04 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
    [2011/10/24 13:47:03 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
    [2011/10/24 13:47:03 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
    [2011/10/24 13:47:03 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
    [2011/10/24 13:46:52 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
    [2011/10/24 13:41:31 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
    [2011/10/24 13:41:31 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2011/10/24 13:40:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnLAN.exe
    [2011/10/24 13:40:27 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\unagp.exe
    [2011/10/20 21:33:27 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
    [2011/10/20 21:32:58 | 000,002,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2011/10/20 21:32:57 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2011/10/20 21:24:35 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2011/10/20 21:23:38 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/10/20 19:36:11 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/10/20 19:34:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2011/10/20 19:30:26 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

    [color=#E56717]========== ZeroAccess Check ==========[/color]


    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:33:42 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:33:50 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [color=#E56717]========== Custom Scans ==========[/color]

    [color=#A23BEC]< %ALLUSERSPROFILE%Application Data*. >[/color]
    [2013/04/11 12:04:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data

    [color=#A23BEC]< %ALLUSERSPROFILE%Application Data*.exe /s >[/color]

    [color=#A23BEC]< %APPDATA%*. >[/color]
    [2011/10/24 16:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Adobe
    [2013/04/09 14:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\BabSolution
    [2013/03/20 07:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Dossier de téléchargement Share-to-Web
    [2013/03/20 07:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Dossier de téléchargement Share-to-Web
    [2013/04/16 08:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Dropbox
    [2013/03/19 22:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\dvdcss
    [2013/04/09 11:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\File Scout
    [2011/10/26 13:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Google
    [2011/12/01 11:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Hewlett-Packard
    [2011/10/20 19:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Identities
    [2011/10/24 16:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Macromedia
    [2013/04/08 10:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    [2013/04/08 11:20:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\utilisateur\Application Data\Microsoft
    [2013/04/09 12:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Mozilla
    [2011/10/26 13:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\NVIDIA
    [2011/10/25 18:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\OpenOffice.org
    [2013/04/10 14:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\PerformerSoft
    [2013/04/10 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\PlusWinks
    [2012/02/02 16:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\RegistryKeys
    [2012/11/29 21:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Skype
    [2013/04/09 14:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\SpecialSavings
    [2013/04/10 14:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\SpeedanAlysis
    [2011/10/24 14:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Sun
    [2012/01/31 18:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Uniblue
    [2013/04/15 20:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\vlc
    [2013/04/09 11:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Yontoo

    [color=#A23BEC]< %APPDATA%*.exe /s >[/color]
    [2013/02/09 23:55:19 | 000,114,176 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\BabMaint.exe
    [2013/04/07 11:48:55 | 000,009,800 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\BabMaint.exe
    [2013/04/07 11:48:57 | 000,012,872 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\BUSUninstall.exe
    [2013/04/07 11:48:56 | 000,394,312 | ---- | M] (Babylon Ltd.) -- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\GUninstaller.exe
    [2013/03/12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe
    [2013/03/12 09:06:32 | 000,206,904 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\DropboxUninstaller.exe
    [2012/05/24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\DropboxUpdateHelper.exe
    [2012/05/24 20:39:30 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Uninstall.exe
    [2013/02/27 16:32:38 | 000,259,584 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\File Scout\filescout.exe
    [2013/04/10 13:54:34 | 000,062,902 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\File Scout\uninst.exe
    [2013/03/23 03:56:36 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Documents and Settings\utilisateur\Application Data\Yontoo\YontooDesktop.exe

    [color=#A23BEC]< %SYSTEMDRIVE%*.exe >[/color]

    [color=#A23BEC]< %systemroot%*. /mp /s >[/color]

    [color=#A23BEC]< %systemroot%system32*.dll /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%Tasks*.job /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%system32drivers*.sys /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%System32config*.sav >[/color]

    [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
    [2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
    [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
    [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

    [color=#A23BEC]< >[/color]

    [color=#E56717]========== Alternate Data Streams ==========[/color]

    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720

    < End of report >

    OTL logfile created on: 16/04/2013 10:36:50 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = D:\Mes documents\Downloads
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1023,23 Mb Total Physical Memory | 421,29 Mb Available Physical Memory | 41,17% Memory free
    2,40 Gb Paging File | 1,90 Gb Available in Paging File | 79,08% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 146,48 Gb Total Space | 115,66 Gb Free Space | 78,96% Space Free | Partition Type: NTFS
    Drive D: | 151,61 Gb Total Space | 119,20 Gb Free Space | 78,62% Space Free | Partition Type: NTFS
    Drive G: | 298,09 Gb Total Space | 277,96 Gb Free Space | 93,25% Space Free | Partition Type: NTFS

    Computer Name: MARINO-3C5608AD | User Name: utilisateur | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - [2013/04/16 10:31:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Mes documents\Downloads\OTL (15).exe
    PRC - [2013/04/09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/03/12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe
    PRC - [2013/03/07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    PRC - [2012/01/18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2011/01/17 19:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
    PRC - [2011/01/17 19:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
    PRC - [2008/04/13 19:34:14 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
    PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2005/04/25 06:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAHE.EXE
    PRC - [2004/07/27 17:01:36 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
    PRC - [2002/04/17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    PRC - [2002/04/17 10:42:56 | 000,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe


    [color=#E56717]========== Modules (No Company Name) ==========[/color]

    MOD - [2013/04/15 21:21:39 | 002,081,792 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13041501\algo.dll
    MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
    MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
    MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
    MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
    MOD - [2012/12/18 16:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
    MOD - [2011/10/24 14:25:39 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
    MOD - [2008/04/13 19:33:32 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2007/06/02 21:41:36 | 000,617,472 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
    MOD - [2002/04/17 11:49:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
    MOD - [2002/04/17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


    [color=#E56717]========== Services (SafeList) ==========[/color]

    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2013/04/15 09:06:48 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/03/07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2012/11/09 12:21:24 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2011/07/20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
    SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - [2013/03/07 01:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2013/03/07 01:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2013/03/07 01:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2013/03/07 01:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2013/03/07 01:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2013/03/07 01:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2013/03/07 01:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2013/03/07 01:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011/10/25 18:35:06 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
    DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
    DRV - [2006/05/10 11:27:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
    DRV - [2005/05/03 17:31:56 | 000,045,056 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AGPKX.SYS -- (uliagpkx)
    DRV - [2005/03/22 20:36:40 | 000,028,672 | ---- | M] (ULi Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULILAN51.SYS -- (ULI5261XP)
    DRV - [2004/08/02 21:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
    DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)


    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wuuta.com/
    IE - HKLM\..\SearchScopes,DefaultScope = {3341E4A7-EFA7-45EA-8287-C25B48962F28}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119665&babsrc=HP_ss&mntrId=CCFB00138F73E5CD
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=119665&babsrc=HP_ss&mntrId=CCFB00138F73E5CD
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - No CLSID value found
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\SearchScopes\{871A9293-6158-47F1-8191-85C687915FDF}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
    IE - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    [color=#E56717]========== FireFox ==========[/color]

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\pluswinks@PlusWinks: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks [2013/04/09 12:03:12 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\speedanalysis@SpeedAnalysis.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/04/09 12:03:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com [2013/04/09 14:57:35 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lrcspal@xinghao.net: C:\Program Files\XingHaoLyrics\FF\ [2013/04/09 11:44:02 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\pluswinks@PlusWinks: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks [2013/04/09 12:03:12 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis@SpeedAnalysis.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/04/09 12:03:33 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com [2013/04/09 14:57:35 | 000,000,000 | ---D | M]

    [2013/04/09 14:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions
    [2013/04/09 12:03:12 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\pluswinks@PlusWinks
    [2013/04/09 14:57:35 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
    [2013/04/09 12:03:33 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
    [2013/04/09 11:52:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

    [color=#E56717]========== Chrome ==========[/color]

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://www.google.com
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
    CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
    CHR - Extension: SpecialSavings = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1_0\
    CHR - Extension: SpeedAnalysis.com = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1_0\
    CHR - Extension: Delta Toolbar = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\
    CHR - Extension: avast! WebRep = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
    CHR - Extension: Skype Click to Call = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
    CHR - Extension: LyricsPal = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf\1.110_0\
    CHR - Extension: Smiley Bar for Facebook = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\
    CHR - Extension: BrowserProtect = C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

    O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\Toolbar\WebBrowser: (no name) - {19803860-B306-423C-BBB5-F60A7D82CDE5} - No CLSID value found.
    O3 - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
    O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [zzzHPSETUP] F:\Setup.exe File not found
    O4 - Startup: C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1078081533-1788223648-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab (Image Uploader Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1CDADC5-6148-4263-AA2B-EFC5B51401F0}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011/10/20 19:32:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2013/04/13 10:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHPFix 2013
    [2013/04/13 10:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPFix
    [2013/04/10 14:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedAnalysis.com
    [2013/04/10 09:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
    [2013/04/10 09:52:05 | 000,000,000 | ---D | C] -- C:\ZHP
    [2013/04/09 14:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\SpecialSavings
    [2013/04/09 14:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\BrowserProtect
    [2013/04/09 14:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\BabSolution
    [2013/04/09 14:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Smiley Bar for Facebook
    [2013/04/09 14:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Performersoft
    [2013/04/09 12:06:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\VideoPerformer
    [2013/04/09 12:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Mozilla
    [2013/04/09 12:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\SpeedanAlysis
    [2013/04/09 12:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\PlusWinks
    [2013/04/09 12:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\VideoPerformer
    [2013/04/09 11:52:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
    [2013/04/09 11:52:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
    [2013/04/09 11:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect
    [2013/04/09 11:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2013/04/09 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Yontoo
    [2013/04/09 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\PerformerSoft
    [2013/04/09 11:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
    [2013/04/09 11:51:34 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
    [2013/04/09 11:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\File Scout
    [2013/04/09 11:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2013/04/09 11:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Bundled software uninstaller
    [2013/04/09 11:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
    [2013/04/09 11:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
    [2013/04/09 11:44:01 | 000,000,000 | ---D | C] -- C:\Program Files\XingHaoLyrics
    [2013/04/09 11:43:43 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
    [2013/04/09 11:43:42 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
    [2013/04/09 11:43:42 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
    [2013/04/09 11:43:42 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm80.dll
    [2013/04/09 11:43:42 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
    [2013/04/08 10:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\WiseConvert_1.5
    [2013/04/08 10:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\WiseConvert_1.5
    [2013/04/08 10:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    [2013/04/08 10:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2013/04/07 20:32:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\utilisateur\Recent
    [2013/04/07 20:02:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
    [2013/04/07 20:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2013/04/07 19:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2013/04/07 19:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
    [2013/03/25 10:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
    [2013/03/24 09:52:18 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    [2013/03/21 20:46:56 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
    [2013/03/21 20:46:56 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
    [2013/03/20 07:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur\Application Data\Dossier de téléchargement Share-to-Web
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2013/04/16 09:57:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/04/16 09:48:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2013/04/16 09:00:00 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack Sauvegarde sur disque externe.job
    [2013/04/16 08:55:58 | 000,370,414 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2013/04/16 08:55:58 | 000,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/04/16 08:55:58 | 000,049,494 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2013/04/16 08:55:58 | 000,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/04/16 08:54:56 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\LyricsPal Update.job
    [2013/04/16 08:54:55 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/04/16 08:54:54 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2013/04/16 08:47:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013/04/16 08:47:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/04/15 22:06:40 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{88CF58B8-0D17-4A94-A13B-553961A95108}.job
    [2013/04/15 20:31:53 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
    [2013/04/15 17:00:31 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack mesdocuments.job
    [2013/04/15 12:36:47 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\SyncBack outlook express.job
    [2013/04/15 09:06:48 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2013/04/15 09:06:48 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2013/04/13 23:33:32 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
    [2013/04/13 23:33:32 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
    [2013/04/13 23:33:25 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
    [2013/04/13 10:01:53 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
    [2013/04/12 16:34:11 | 000,171,170 | ---- | M] () -- D:\Mes documents\CA 2012 PDF.pdf
    [2013/04/12 16:34:11 | 000,149,511 | ---- | M] () -- D:\Mes documents\BP 2013 PDF.pdf
    [2013/04/11 14:07:08 | 000,227,630 | ---- | M] () -- D:\Mes documents\rapport après antimalware
    [2013/04/10 09:52:13 | 000,001,523 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
    [2013/04/10 03:22:20 | 000,291,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013/04/10 03:05:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2013/04/09 15:01:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/04/09 11:56:04 | 020,480,000 | ---- | M] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\store-pp.jbs
    [2013/04/09 10:38:29 | 000,000,000 | ---- | M] () -- C:\END
    [2013/04/07 20:02:37 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
    [2013/04/06 22:37:30 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/04/01 20:03:43 | 000,001,046 | ---- | M] () -- C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
    [2013/04/01 17:20:56 | 000,592,878 | -H-- | M] () -- D:\Mes documents\hpothb07.tif
    [2013/04/01 17:20:56 | 000,007,280 | -H-- | M] () -- D:\Mes documents\hpothb07.dat
    [2013/04/01 17:20:53 | 012,003,708 | ---- | M] () -- D:\Mes documents\attestation tva cheminées campo.tif
    [2013/04/01 17:20:37 | 011,942,031 | ---- | M] () -- D:\Mes documents\attestation tva cheminées campo.pdf
    [2013/04/01 17:18:13 | 012,003,708 | ---- | M] () -- D:\Mes documents\Scan0003.tif
    [2013/03/25 10:58:59 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
    [2013/03/24 09:52:18 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2013/04/13 10:01:19 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
    [2013/04/12 16:34:11 | 000,171,170 | ---- | C] () -- D:\Mes documents\CA 2012 PDF.pdf
    [2013/04/12 16:34:11 | 000,149,511 | ---- | C] () -- D:\Mes documents\BP 2013 PDF.pdf
    [2013/04/11 14:07:08 | 000,227,630 | ---- | C] () -- D:\Mes documents\rapport après antimalware
    [2013/04/11 14:01:46 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
    [2013/04/10 12:32:37 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\utilisateur\Application Data\BabMaint.exe
    [2013/04/10 09:52:13 | 000,001,523 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
    [2013/04/10 03:01:08 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2013/04/09 15:01:00 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/04/09 11:56:04 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\store-pp.jbs
    [2013/04/09 11:44:02 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\LyricsPal Update.job
    [2013/04/09 10:38:28 | 000,000,000 | ---- | C] () -- C:\END
    [2013/04/07 20:02:37 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
    [2013/04/01 17:20:37 | 011,942,031 | ---- | C] () -- D:\Mes documents\attestation tva cheminées campo.pdf
    [2013/04/01 17:19:05 | 012,003,708 | ---- | C] () -- D:\Mes documents\attestation tva cheminées campo.tif
    [2013/04/01 17:18:13 | 012,003,708 | ---- | C] () -- D:\Mes documents\Scan0003.tif
    [2013/03/25 10:58:59 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
    [2013/03/24 09:52:19 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
    [2013/03/24 09:52:19 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
    [2012/09/04 10:50:40 | 000,000,303 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
    [2012/06/17 21:04:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\utilisateur\CUSTOM.DICCUSTOM.DIC
    [2012/02/15 08:18:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/10/26 11:02:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
    [2011/10/25 18:36:31 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK_setup.ini
    [2011/10/25 18:17:55 | 000,101,159 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
    [2011/10/25 18:17:55 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
    [2011/10/25 18:17:55 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
    [2011/10/25 18:17:55 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
    [2011/10/25 18:17:55 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
    [2011/10/25 18:17:55 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
    [2011/10/25 18:17:55 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
    [2011/10/25 18:17:55 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
    [2011/10/25 18:17:55 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
    [2011/10/25 18:17:55 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
    [2011/10/25 18:17:55 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
    [2011/10/25 18:17:55 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
    [2011/10/25 18:17:55 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
    [2011/10/25 18:17:55 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
    [2011/10/25 18:17:55 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
    [2011/10/25 18:17:55 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
    [2011/10/25 18:17:55 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2011/10/25 18:15:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE R240R245EU.ini
    [2011/10/24 14:28:04 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
    [2011/10/24 13:47:03 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
    [2011/10/24 13:47:03 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
    [2011/10/24 13:47:03 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
    [2011/10/24 13:46:52 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
    [2011/10/24 13:41:31 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
    [2011/10/24 13:41:31 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2011/10/24 13:40:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnLAN.exe
    [2011/10/24 13:40:27 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\unagp.exe
    [2011/10/20 21:33:27 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
    [2011/10/20 21:32:58 | 000,002,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2011/10/20 21:32:57 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
    [2011/10/20 21:24:35 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2011/10/20 21:23:38 | 000,291,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/10/20 19:36:11 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/10/20 19:34:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2011/10/20 19:30:26 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

    [color=#E56717]========== ZeroAccess Check ==========[/color]


    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:33:42 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:33:50 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [color=#E56717]========== Custom Scans ==========[/color]

    [color=#A23BEC]< %ALLUSERSPROFILE%Application Data*. >[/color]
    [2013/04/11 12:04:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data

    [color=#A23BEC]< %ALLUSERSPROFILE%Application Data*.exe /s >[/color]

    [color=#A23BEC]< %APPDATA%*. >[/color]
    [2011/10/24 16:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Adobe
    [2013/04/09 14:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\BabSolution
    [2013/03/20 07:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Dossier de téléchargement Share-to-Web
    [2013/03/20 07:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Dossier de téléchargement Share-to-Web
    [2013/04/16 08:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Dropbox
    [2013/03/19 22:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\dvdcss
    [2013/04/09 11:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\File Scout
    [2011/10/26 13:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Google
    [2011/12/01 11:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Hewlett-Packard
    [2011/10/20 19:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Identities
    [2011/10/24 16:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Macromedia
    [2013/04/08 10:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes
    [2013/04/08 11:20:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\utilisateur\Application Data\Microsoft
    [2013/04/09 12:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Mozilla
    [2011/10/26 13:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\NVIDIA
    [2011/10/25 18:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\OpenOffice.org
    [2013/04/10 14:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\PerformerSoft
    [2013/04/10 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\PlusWinks
    [2012/02/02 16:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\RegistryKeys
    [2012/11/29 21:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Skype
    [2013/04/09 14:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\SpecialSavings
    [2013/04/10 14:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\SpeedanAlysis
    [2011/10/24 14:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Sun
    [2012/01/31 18:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Uniblue
    [2013/04/15 20:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\vlc
    [2013/04/09 11:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur\Application Data\Yontoo

    [color=#A23BEC]< %APPDATA%*.exe /s >[/color]
    [2013/02/09 23:55:19 | 000,114,176 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\BabMaint.exe
    [2013/04/07 11:48:55 | 000,009,800 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\BabMaint.exe
    [2013/04/07 11:48:57 | 000,012,872 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\BUSUninstall.exe
    [2013/04/07 11:48:56 | 000,394,312 | ---- | M] (Babylon Ltd.) -- C:\Documents and Settings\utilisateur\Application Data\BabSolution\Shared\GUninstaller.exe
    [2013/03/12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Dropbox.exe
    [2013/03/12 09:06:32 | 000,206,904 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\DropboxUninstaller.exe
    [2012/05/24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\DropboxUpdateHelper.exe
    [2012/05/24 20:39:30 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\utilisateur\Application Data\Dropbox\bin\Uninstall.exe
    [2013/02/27 16:32:38 | 000,259,584 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\File Scout\filescout.exe
    [2013/04/10 13:54:34 | 000,062,902 | ---- | M] () -- C:\Documents and Settings\utilisateur\Application Data\File Scout\uninst.exe
    [2013/03/23 03:56:36 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Documents and Settings\utilisateur\Application Data\Yontoo\YontooDesktop.exe

    [color=#A23BEC]< %SYSTEMDRIVE%*.exe >[/color]

    [color=#A23BEC]< %systemroot%*. /mp /s >[/color]

    [color=#A23BEC]< %systemroot%system32*.dll /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%Tasks*.job /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%system32drivers*.sys /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%System32config*.sav >[/color]

    [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
    [2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
    [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

    [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
    [2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

    [color=#A23BEC]< >[/color]

    [color=#E56717]========== Alternate Data Streams ==========[/color]

    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720

    < End of report >



    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 16/04/2013 à 14:37


    Bonjour,

    Pour la clarté du sujet essaies d'héberger les "gros" rapports sur Cjoint ou pjjoint, merci [;)]
    _______________________________________________________________

    Ce script va cibler certains éléments à supprimer :

    • Lance OTL (si tu es sous Windows vista ou 7, fais un clic-droit dessus et choisis "exécuter en temps qu'administrateur")
    • Ouvre le lien ci-dessous et copie/colle toutes les lignes du script, place les dans la zone "personnalisation" :

    --------------------------------------------------
    Script
    --------------------------------------------------



    • Clique sur « Correction » et laisse l'outil travailler. Il est possible que l'ordinateur redémarre.
    • Copie/colle la totalité du rapport dans ta prochaine réponse.
    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 16/04/2013 à 16:50


    Bonjour,
    désolée mais lorsque je fais "correction" le sablier s'installe et rien ne se passe... même au bout de 15 ou 20 minutes...


    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 16/04/2013 à 21:15


    Essaies de reprendre la procédure en mode sans échec avec prise en charge réseau.

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 29/04/2013 à 18:53


    Bonjour, voici un rapport et je te remercie par avance de me dire ce que je dois faire pour nettoyer ? cordialement.
    http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130429_v13v11y13g6m6

    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 29/04/2013 à 19:02


    Bonjour,

    Le PC est toujours aussi infecté [:oZ]

    Utilise la nouvelle version d'AdwCleaner :

    • Télécharge AdwCleaner (de Xplode) sur ton Bureau.
    • Lance le, clique sur Suppression puis patiente le temps du scan.
    • Une fois le scan terminé, un rapport s'ouvrira : poste le dans ta prochaine réponse.
    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 29/04/2013 à 20:22


    Bonjour, cordialement.
    # AdwCleaner v1.606 - Rapport créé le 29/04/2013 à 20:08:46
    # Mis à jour le 10/05/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : utilisateur - MARINO-3C5608AD
    # Exécuté depuis : C:\Documents and Settings\utilisateur\Bureau\AdwCleaner_1.606_En.exe
    # Option [Suppression]


    ***** [Services] *****

    Arrêté & Supprimé : WajamUpdater

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Dossier Supprimé : C:\Documents and Settings\utilisateur\Local Settings\Application Data\Wajam
    Dossier Supprimé : C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Iminent
    Dossier Supprimé : C:\Documents and Settings\utilisateur\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Wajam
    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Iminent
    Dossier Supprimé : C:\Program Files\Boxore
    Dossier Supprimé : C:\Program Files\Iminent
    Dossier Supprimé : C:\Program Files\Wajam

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\BabylonToolbar
    Clé Supprimée : HKCU\Software\Iminent
    Clé Supprimée : HKCU\Software\SweetIm
    Clé Supprimée : HKCU\Software\Wajam
    Clé Supprimée : HKLM\SOFTWARE\Babylon
    Clé Supprimée : HKLM\SOFTWARE\Boxore
    Clé Supprimée : HKLM\SOFTWARE\Iminent
    Clé Supprimée : HKLM\SOFTWARE\Software
    Clé Supprimée : HKLM\SOFTWARE\SweetIM
    Clé Supprimée : HKLM\SOFTWARE\Wajam
    Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
    Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
    Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
    Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Boxore Client]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]

    ***** [Registre - GUID] *****

    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v [Impossible d'obtenir la version]

    -\\ Google Chrome v26.0.1410.64

    Fichier : C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Supprimée : "explicit_host": [ "hxxp://*.wajam.com/*", "hxxp://*/*", "hxxps://*/*" ],
    Supprimée : "name": "Wajam",
    Supprimée : "permissions": [ "hxxp://*.wajam.com/*", "bookmarks", "tabs", "hxxp://*/*", "hxxps://[...]
    Supprimée : "update_url": "hxxp://www.wajam.com/update/Chrome/chrome_addon_updates.xml",
    Supprimée : "explicit_host": [ "chrome://favicon/*", "hxxp://*.sweetim.com/*" ]
    Supprimée : "permissions": [ "tabs", "hxxp://*.sweetim.com/*", "bookmarks", "chrome://favicon/", [...]
    Supprimée : "update_url": "hxxp://www.sweetim.com/simgcbar/GCToolbarUpdate.xml",

    *************************

    AdwCleaner[S2].txt - [27242 octets] - [29/04/2013 20:01:26]
    AdwCleaner[S3].txt - [7183 octets] - [29/04/2013 20:08:46]

    ########## EOF - C:\AdwCleaner[S3].txt - [7311 octets] ##########



    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 29/04/2013 à 22:00


    Maintenant utilise ce logiciel de désinfection généraliste :

    • Télécharge et installe Malwarebytes' Anti-Malware
    • A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
    • Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
    • Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide puis "Rechercher"
    • A la fin de l'analyse, clique sur Afficher les résultats
    • Coche tous les éléments détectés puis clique sur Supprimer la sélection
    • Enregistre le rapport
    • S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
    • Poste dans ta prochaine réponse le rapport apparaissant après la suppression

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    jllg jllg
    2 741 contributions
    Membre depuis le 24/04/2004
    Envoyé le 29/04/2013 à 22:35 Modifié par jllg



    Bonjour Loumax

    (!) les rapports directement collés sur memoclic ne font pas apparaitre les antislash aussi tous les chemins de fichiers sont faussés et donc les scripts réalisés à partir de ces rapports ne fonctionnent pas

    [;)]
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 29/04/2013 à 22:36


    Bonjour, voici le rapport, cordialement.
    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Version de la base de données: v2013.04.29.09

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    utilisateur :: MARINO-3C5608AD [administrateur]

    29/04/2013 22:19:02
    mbam-log-2013-04-29 (22-19-02).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 198737
    Temps écoulé: 9 minute(s),

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)




    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 30/04/2013 à 07:36 Modifié par loumax91


    Bonjour,

    @jllg
    Lu, effectivement autant pour moi, merci [;)]

    @aureliejuliette
    *Lance ZHPDiag et clique sur la flèche verte (en haut à droite) pour effectuer la mise à jour.

    *Ensuite clique sur la loupe + pour une nouvelle analyse, pense à héberger le rapport.
    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 30/04/2013 à 08:56


    Bonjour, voici le lien du nouveau rapport, merci, cordialement.

    http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130430_p14l13n10q7l6

    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 30/04/2013 à 11:09


    Restant pas mal à supprimer nous allons nettoyer en plusieurs fois, suis bien les procédures.

    Ce script va cibler certains éléments à supprimer :

    • Ouvre ce lien, sélectionne le script en entier et copie le (Édition --> Copier)
    • Lance ZHPFix à partir du raccourci sur ton Bureau
    • Clique sur l'icône représentant le presse-papier (« coller le presse-papier »)
    • Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
    >>les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix. Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes<<
    • Clique sur le bouton « GO » pour lancer le nettoyage,
    • Copie/colle la totalité du rapport dans ta prochaine réponse
    Pour t'aider



    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 30/04/2013 à 11:37


    Bonjour,
    Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-30-04-2013-11-29-29.txt
    Run by utilisateur at 30/04/2013 11:29:27
    High Elevated Privileges : OK
    Windows XP Home Edition Service Pack 3 (Build 2600)

    Corbeille vidée

    ========== Logiciel(s) ==========
    SUPPRIME Boxore Client
    SUPPRIME Iminent
    ABSENT Uninstall Process: c:\program files\lyricsmonkey\uninstall.exe
    SUPPRIME QuickShare

    ========== Clé(s) du Registre ==========
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyricsmonkey@mendoni.net]
    SUPPRIME Key: CLSID BHO: {18CAEA74-C7E8-4D37-967F-1D01351BA398}
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{18CAEA74-C7E8-4D37-967F-1D01351BA398}]
    SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}]
    ABSENT Key: Service: Software_update (Software_update
    ABSENT Key: Service: SProtection
    SUPPRIME Key: HKCU\Software\Iminent
    SUPPRIME Key: HKCU\Software\LyricsMonkey
    ABSENT Key: HKLM\Software\Umbrella
    ABSENT Key: Service Legacy: LEGACY_SPROTECTION
    SUPPRIME Key: HKLM\Software\Classes\Prod.cap
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    ABSENT Key: HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    SUPPRIME Key: HKLM\Software\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45564571-A21B-48ED-B584-69752EEE9C3D}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{45564571-A21B-48ED-B584-69752EEE9C3D}
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
    SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
    ABSENT Key: \Software\Classes\Installer\Products\\1EAD96AE2CB1DE84BAA9425A8CCA0817
    ABSENT Key: \Software\Classes\Installer\Products\\F496E1F70881F5D4DB720A0D5A738946
    SUPPRIME Key: Service: Software_update
    SUPPRIME Key: Service: Software_update_m

    ========== Valeur(s) du Registre ==========
    SUPPRIME Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3}
    ABSENT RunValue: Iminent
    ABSENT RunValue: IminentMessenger
    ABSENT AAKE KeyValue: C:\Program Files\Iminent\Iminent.exe
    ABSENT AAKE KeyValue: C:\Program Files\Iminent\Iminent.Messengers.exe
    ABSENT [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:Iminent
    ABSENT [HKCU\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT [HKLM\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT Valeur Domain Profile: FirewallRaz :
    Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

    ========== Dossier(s) ==========
    SUPPRIME Folder: C:\Program Files\LyricsMonkey
    ABSENT C:\Program Files\Fichiers communs\Umbrella
    SUPPRIME Folder: C:\Documents and Settings\utilisateur\Application Data\BabSolution
    SUPPRIME Folder: c:\program files\software
    SUPPRIME Folder: c:\program files\videoperformer
    SUPPRIME Folder: c:\documents and settings\utilisateur\local settings\application data\software
    SUPPRIME Flash Cookies
    SUPPRIME Temporaires Windows

    ========== Fichier(s) ==========
    ABSENT Folder/File: c:\program files\fichiers communs\umbrella\umbrella.exe
    SUPPRIME File: c:\program files\lyricsmonkey\lyricsmonkey.dll
    SUPPRIME File: c:\program files\delta\delta\1.8.16.16\deltatlbr.dll
    ABSENT File: c:\program files\iminent\iminent.exe
    ABSENT File: c:\program files\iminent\iminent.messengers.exe
    SUPPRIME File: c:\program files\software\update\softwareupdate.exe
    ABSENT File: c:\program files\fichiers communs\umbrella\umbrella.exe
    SUPPRIME File: c:\windows\prefetch\iminentsetup_2203-bd84cda8.ex-1344b819.pf
    SUPPRIME File: c:\windows\prefetch\mybabylontb.exe-0f4b6405.pf
    SUPPRIME File: c:\windows\prefetch\obboxore_2304-5982487b.exe-2c78a118.pf
    SUPPRIME File: c:\windows\prefetch\boxoreinstaller.exe-1645270c.pf
    SUPPRIME File: c:\windows\prefetch\bprotect.exe-2dab5e66.pf
    SUPPRIME File: c:\windows\prefetch\iminentminibarie.exe-21e98dc5.pf
    SUPPRIME File: c:\windows\prefetch\boxore.exe-0f8cba6a.pf
    ABSENT File: c:\documents and settings\utilisateur\application data\babsolution\cr\delta2.crx
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\bprotector web data
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\bprotectorpreferences
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\local storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\background.html
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\ci.bg.pack.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\ci.browser.helper.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\ci.content.pack.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\content.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\jquery-1.6.2.min.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\jquery.uuid.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\mz\background.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\popup.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\settings.json
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\mz\content.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.4_0\background.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.4_0\smartdisplay.js
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.4_0\utils.html
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.4_0\manifest.json
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_1\manifest.json
    ABSENT Folder/File: c:\program files\fichiers communs\umbrella
    ABSENT Folder/File: c:\documents and settings\utilisateur\application data\babsolution
    SUPPRIME File: C:\WINDOWS\Tasks\EPUpdater.job
    SUPPRIME File: C:\WINDOWS\Tasks\Lyrics Monkey Update.job
    ABSENT File: c:\program files\software\update\softwareupdate.exe
    SUPPRIME Flash Cookies
    SUPPRIME Temporaires Windows

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès


    ========== Récapitulatif ==========
    24 : Clé(s) du Registre
    10 : Valeur(s) du Registre
    8 : Dossier(s)
    41 : Fichier(s)
    4 : Logiciel(s)
    1 : Restauration Système


    End of clean in 02mn 45s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 13/04/2013 09:12:39 [10500]
    C:\ZHP\ZHPFix[R2].txt - 15/04/2013 21:30:18 [13275]
    C:\ZHP\ZHPFix[R3].txt - 30/04/2013 11:29:29 [8815]



    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 30/04/2013 à 12:14


    (+)

    *Fais redémarrer le PC.

    *Refais une analyse ZHPDiag, héberge le rapport.
    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 30/04/2013 à 13:43


    Bonjour, voici le lien rapport, cordialement.
    http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130430_h13k10m6x12o13


    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 30/04/2013 à 22:12



    Ce script va cibler certains éléments à supprimer :

    • Ouvre ce lien, sélectionne le script en entier et copie le (Édition --> Copier)
    • Lance ZHPFix à partir du raccourci sur ton Bureau
    • Clique sur l'icône représentant le presse-papier (« coller le presse-papier »)
    • Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
    >>les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix. Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes<<
    • Clique sur le bouton « GO » pour lancer le nettoyage,
    • Copie/colle la totalité du rapport dans ta prochaine réponse
    Pour t'aider

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 30/04/2013 à 22:26


    Bonjour, voilà, cordialement.
    Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-30-04-2013-22-19-33.txt
    Run by utilisateur at 30/04/2013 22:19:33
    High Elevated Privileges : OK
    Windows XP Home Edition Service Pack 3 (Build 2600)

    Corbeille vidée

    ========== Logiciel(s) ==========
    ABSENT Uninstall Process: c:\program files\delta\delta\1.8.16.16\guninstaller.exe
    ABSENT Uninstall Process: c:\program files\wajam\uninstall.exe

    ========== Clé(s) du Registre ==========
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta]
    SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam]
    SUPPRIME Key: Mozilla Plugin: @tools.Software.com/Software Update;version=3
    SUPPRIME Key: Mozilla Plugin: @tools.Software.com/Software Update;version=9
    ABSENT Key: CLSID BHO: {C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    SUPPRIME Key: HKCU\Software\855888bb36dbe44
    SUPPRIME Key: HKCU\Software\Amazon
    ABSENT Key: HKCU\Software\Delta
    SUPPRIME Key: HKCU\Software\IncrediMail
    SUPPRIME Key: HKCU\Software\PerformerSoft LLC
    SUPPRIME Key: HKCU\Software\Smartbar
    SUPPRIME Key: HKLM\Software\855888bb36dbe44
    SUPPRIME Key: HKLM\Software\Amazon
    ABSENT Key: HKLM\Software\Delta
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19803860-B306-423C-BBB5-F60A7D82CDE5}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    SUPPRIME Key: HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    SUPPRIME Key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    ABSENT Key: HKLM\Software\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19803860-b306-423c-bbb5-f60a7d82cde5}
    ABSENT Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
    ABSENT Key: HKLM\Software\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
    ABSENT Key: HKLM\Software\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
    ABSENT Key: HKLM\Software\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
    SUPPRIME Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    ABSENT Key: HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
    ABSENT Key: HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
    ABSENT Key: HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
    ABSENT Key: HKLM\Software\Classes\delta.deltaappCore
    ABSENT Key: HKLM\Software\Classes\delta.deltaappCore.1
    SUPPRIME Key: HKLM\Software\Classes\delta.deltadskBnd
    SUPPRIME Key: HKLM\Software\Classes\delta.deltadskBnd.1
    ABSENT Key: HKLM\Software\Classes\delta.deltaHlpr
    ABSENT Key: HKLM\Software\Classes\delta.deltaHlpr.1
    ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc
    ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc.1
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    CTFDisabledCTFMon désactivé par défaut

    ========== Valeur(s) du Registre ==========
    ABSENT [HKCU\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT [HKCU\Software\855888bb36dbe44]:version="2.6.1249.132"
    ABSENT [HKLM\Software\855888bb36dbe44]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
    ABSENT [HKLM\Software\855888bb36dbe44]:version="2.6.1249.132"
    SUPPRIME RunValue: CTFMON.EXE
    ABSENT RunValue: CTFMON.EXE
    ABSENT Valeur Domain Profile: FirewallRaz :
    Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

    ========== Elément(s) de donnée du Registre ==========
    SUPPRIME R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
    SUPPRIME R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
    SUPPRIME R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs
    SUPPRIME AppInit: \docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll

    ========== Dossier(s) ==========
    SUPPRIME Folder: C:\Program Files\Amazon
    ABSENT C:\Program Files\Delta
    ABSENT C:\Documents and Settings\utilisateur\Application Data\Delta
    SUPPRIME Folder: C:\Documents and Settings\utilisateur\Local Settings\Application Data\Amazon
    SUPPRIME Folder: C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Amazon
    SUPPRIME Temporaires Windows

    ========== Fichier(s) ==========
    ABSENT File: c:\program files\software\update\1.3.25.0\npsoftwareupdate3.dll
    ABSENT File: c:\program files\delta\delta\1.8.16.16\bh\delta.dll
    ABSENT File: \docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll
    SUPPRIME File: c:\windows\tasks\softwareupdatetaskmachinecore.job
    SUPPRIME File: c:\windows\tasks\softwareupdatetaskmachineua.job
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\local storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
    SUPPRIME File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\local storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal
    ABSENT File: c:\documents and settings\utilisateur\local settings\application data\google\chrome\user data\default\local storage\http_www2.delta-search.com
    SUPPRIME Temporaires Windows

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès


    ========== Récapitulatif ==========
    45 : Clé(s) du Registre
    8 : Valeur(s) du Registre
    4 : Elément(s) de donnée du Registre
    6 : Dossier(s)
    9 : Fichier(s)
    2 : Logiciel(s)
    1 : Restauration Système


    End of clean in 00mn 29s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 13/04/2013 09:12:39 [10500]
    C:\ZHP\ZHPFix[R2].txt - 15/04/2013 21:30:18 [13275]
    C:\ZHP\ZHPFix[R3].txt - 30/04/2013 10:29:29 [8867]
    C:\ZHP\ZHPFix[R4].txt - 30/04/2013 22:19:33 [6703]



    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 01/05/2013 à 18:03


    Bonjour,

    Comment fonctionne le PC ?


    *Redémarrer le PC et refais une analyse de contrôle ZHPDiag, héberge le rapport.

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    aureliejuliette aureliejuliette
    61 contributions
    Membre depuis le 10/03/2010
    Envoyé le 01/05/2013 à 22:29


    Bonjour, voici le rapport, bien cordialement.
    http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130501_y10k7i9v13k11

    loumax91 loumax91
    99 contributions
    Membre depuis le 16/03/2013
    Envoyé le 02/05/2013 à 22:21


    Bonjour,

    Ce script va cibler certains éléments à supprimer :

    G2 - GCE: Preference [User Data\Default] [mocblcnaofikinigmceddfghppkkjbog] Smiley Bar for Facebook v.1.0.0.0 (Désactivé)
    O61 - LFC: 29/04/2013 - 17:55:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage [5120]
    O61 - LFC: 29/04/2013 - 17:55:27 ---A- C:\Documents and Settings\utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journal [5672]
    EmptyTemp


    Sélectionne le script ci-dessus en entier et copie le (Édition --> Copier)
    • Lance ZHPFix à partir du raccourci sur ton Bureau
    • Clique sur l'icône représentant le presse-papier (« coller le presse-papier »)
    • Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
    >>les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix. Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes<<
    • Clique sur le bouton « GO » pour lancer le nettoyage,
    • Copie/colle la totalité du rapport dans ta prochaine réponse
    Pour t'aider

    A suivre :

    Télécharge >> TFC.exe<< impérativement sur ton bureau

    Ferme tous les programmes en cour de fonctionnement...

    Valide START pour lancer TFC

    Une demande va apparaitre pour te demander de redémarrer ton pc, cliques sur "YES" et laisse faire TFC.



    "Celui qui aime à apprendre est bien près du savoir" (Confucius)

    Discussion trop ancienne

    Cette discussion a été automatiquement fermée car elle n'a plus reçue de nouveau message depuis trop longtemps.

    Nous vous suggérons de créer un nouveau message

    « Retour sur la liste des messages de ce forum