PS02

@ +

Ok super, effectivement ça a supprimé pas mal de trucs (excusez mon manque de voc spécial ). Pour Sophos je demanderai à la fac alors car il faut un mot de passe. Merci pour tout, c'est super ce que vous faites!

Je vous embête encore un petit peu :$ Je supprime les rapports et les mises en quarantaine de RogueK ? Je garde tous les logiciels? Et mon antivirus actuel est Sophos (obtenu gratuitement par l'université), mais je n'arrive pas à faire les mises à jours, alors je le garde ou je prends un autre antivirus que vous me conseillerez?

# DelFix v10.2 - Rapport créé le 09/05/2013 à 20:52:25 # Mis à jour le 02/04/2013 par Xplode # Nom d'utilisateur : Pauline-Sophie - HP ~ Suppression des outils de désinfection ... Supprimé : C:\Qoobox Supprimé : C:\JRT Supprimé : C:\ZHP Supprimé : C:\Users\Pauline-Sophie\Desktop\RK_Quarantine Supprimé : C:\Program Files (x86)\ZHPDiag Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\ComboFix.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\AdwCleaner.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\ComboFix.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\esetsmartinstaller_enu.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\JRT.exe Supprimé : C:\Users\Pauline-Sophie\Desktop\JRT.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\RKreport[1]_S_09052013_132509.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\RKreport[2]_D_09052013_133014.txt Supprimé : C:\Users\Pauline-Sophie\Desktop\RogueKillerX64.exe Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk Supprimé : C:\Windows\grep.exe Supprimé : C:\Windows\PEV.exe Supprimé : C:\Windows\NIRCMD.exe Supprimé : C:\Windows\MBR.exe Supprimé : C:\Windows\SED.exe Supprimé : C:\Windows\SWREG.exe Supprimé : C:\Windows\SWSC.exe Supprimé : C:\Windows\SWXCACLS.exe Supprimé : C:\Windows\Zip.exe Supprimée : HKLM\SOFTWARE\AdwCleaner Supprimée : HKLM\SOFTWARE\Swearware Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Purge de la restauration système ... Supprimé : RP #421 [Removed Java 6 Update 39 | 04/15/2013 07:18:01] Supprimé : RP #422 [Windows Update | 04/16/2013 10:01:50] Supprimé : RP #423 [Windows Update | 04/23/2013 07:47:14] Supprimé : RP #424 [Windows Update | 04/24/2013 21:39:11] Supprimé : RP #425 [Windows Update | 04/30/2013 07:47:06] Supprimé : RP #426 [Windows Update | 05/07/2013 15:48:55] Supprimé : RP #428 [Windows Defender Checkpoint | 05/08/2013 20:39:49] Nouveau point de restauration créé ! ########## - EOF - ##########

Ok merci beaucoup! Je fais ça de suite.

C:\Qoobox\Quarantine\C\ProgramData\22537C5BEA27E0C2000022535A0EE719\22537C5BEA27E0C2000022535A0EE719.exe.vir a variant of Win32/Injector.AGHO trojan cleaned by deleting - quarantined C:\Users\Pauline-Sophie\Desktop\ZHPDiag2.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined

Rien du tout... La fenêtre se ferme environ 5 secondes après avoir cliqué sur Ok.

Oui oui

Ok -> la fenêtre se ferme

Pas de tournevis à l'ouverture de ZHPDiag mais une fenêtre avec "copyright Nicolas Coolman" :/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Pauline-Sophie on 09/05/2013 at 14:33:10,26 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 ~~~ Files Successfully deleted: [File] C:\eula.1028.txt Successfully deleted: [File] C:\eula.1031.txt Successfully deleted: [File] C:\eula.1033.txt Successfully deleted: [File] C:\eula.1036.txt Successfully deleted: [File] C:\eula.1040.txt Successfully deleted: [File] C:\eula.1041.txt Successfully deleted: [File] C:\eula.1042.txt Successfully deleted: [File] C:\eula.2052.txt Successfully deleted: [File] C:\install.res.1028.dll Successfully deleted: [File] C:\install.res.1031.dll Successfully deleted: [File] C:\install.res.1033.dll Successfully deleted: [File] C:\install.res.1036.dll Successfully deleted: [File] C:\install.res.1040.dll Successfully deleted: [File] C:\install.res.1041.dll Successfully deleted: [File] C:\install.res.1042.dll Successfully deleted: [File] C:\install.res.2052.dll Successfully deleted: [File] C:\install.res.3082.dll ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{01DCEF2A-416C-43C7-91B3-8AB34546E777} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{07F8A221-FAC5-4E24-BE5F-4B25F7D9D7D1} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{0C62F79D-CDF6-4C1F-9403-4233F20B25AC} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{0CCE0726-9516-4C51-B927-849C84115276} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{0E527802-431B-4E10-A58F-324F9C7320AA} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{1449E219-C21E-4892-8676-E2E47264FBAE} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{160BA3CB-98F5-4DE9-8C42-448584FABC91} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{19C49EC3-60D1-45A9-83BA-7BDA1E817660} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{2D5586CA-F429-4F4D-AF64-38A028F3D0AC} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{3437AFD0-BC1D-4838-B1D3-0681CE32B807} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{3513D3F3-C4F9-43DF-A903-F88E98017AFD} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{39E9CABA-120B-4E6E-8F8C-75DF0FE8C212} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{452C25CF-B295-4D1D-AE72-A6962C37CED9} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{48F1CEB1-CA50-41CD-A263-A104536FB631} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{5033849B-6CCF-4539-BEF6-1C73EDA06C07} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{51D73E6E-5423-4A96-A513-588E0C63787B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{5A4EDFE3-67DC-4F6A-8AE6-DACFA13374F4} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{5B62D5FE-8F7C-4E7F-9399-AFAB2EF59A4B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{61729E75-29BC-44C7-9358-3A8E4309752B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{66EBCD0A-0FCE-417C-8874-FA66DA45DF1E} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{724D9F36-08A1-4352-B91A-D8026395692E} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{75FB0F54-B49F-4C6D-AB4E-CEE8A505528A} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{76AF21DC-704F-4D01-BCF6-78E0DCEDE025} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{83864A90-F71E-4E3E-9FBA-BEE8B770EE3C} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{83ABF4D8-BF73-4DF1-9506-444537564606} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{899092AE-D9EC-4638-B3C0-83200E9E51D1} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{8F0F8C2B-81D5-4EC6-822E-0B81770D8034} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{94842AA4-D1FA-4ED3-B9E9-5DE878744E27} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{99D6C02B-5CF0-482D-B147-80A58C7A6AE0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9AF8171E-0140-4444-B552-96CF1B312CA9} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9B1B2036-ADD2-4C10-89AC-8C6886B083FF} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9C36B7F1-3011-4CFF-A3C0-A0A99BF5F543} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9DE6F8B3-2286-4E7F-9230-B7192DC94A7C} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{9E58F955-75BC-4B9A-8270-17ECC4375F61} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{A64857D9-ABDF-4D17-9AC5-50F90979A7EB} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{A75CB4D0-F13C-4BAB-98DA-41A3216331DD} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{B07E3F50-29AD-4474-A127-BC1B12A039FF} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{B33B5855-9853-428E-8D58-6FB50F6C2D3D} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{B7000236-7ECC-43C2-86F5-2111D480B518} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{C83604AD-FE4C-41D9-89ED-559D4360F152} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{CA12E232-270B-4151-9550-F6C03F94499D} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D114DFC0-1578-4357-ABAF-2E30AFDB4840} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D42A7330-B006-4B5A-B1F9-C44EC14D6ED4} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D5809EB5-3677-422C-A389-961BCB440779} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{D778713E-72C7-4BD7-9FB0-B352121941D1} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{DB7D789F-AFE2-4BF9-B30F-F27A249619C0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{DFF045C2-836A-4B19-B15C-9069013EA351} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E18D598F-9E12-4714-A544-AF0A6D8BD033} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E8900E0B-E600-4388-9D10-1C7EDFF1A86B} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E89903AA-6EE0-440B-BAC0-D30D80CE9FD5} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{E96F418D-CDD8-45C3-8AF8-079FEE1390F8} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{EB4F59A5-5022-4601-B932-0E6B897F2BB0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{ED955E16-8A2C-4EF1-BC01-FB39FDAEAC75} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{EE42972D-5320-47B9-BAC3-730B83FB4C1C} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F005D451-F42C-4ABA-AF05-23AD51BCB0E2} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F0BFC114-592D-4784-AA8B-3670C648F0E0} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F23B1676-4F29-40DC-B08A-F5CCC5024FA3} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{F2986359-304F-42B7-ABCF-50809CCD6717} Successfully deleted: [Empty Folder] C:\Users\Pauline-Sophie\appdata\local\{FAB51E9C-2A07-4197-BE95-B2F9377CFE07} ~~~ FireFox Emptied folder: C:\Users\Pauline-Sophie\AppData\Roaming\mozilla\firefox\profiles\8ilzesm6.default\minidumps [676 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09/05/2013 at 14:39:45,15 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.300 - Rapport créé le 09/05/2013 à 14:23:56 # Mis à jour le 28/04/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Pauline-Sophie - HP # Mode de démarrage : Normal # Exécuté depuis : C:\Users\Pauline-Sophie\Desktop\AdwCleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\Users\Pauline-Sophie\AppData\LocalLow\boost_interprocess Dossier Supprimé : C:\Users\Pauline-Sophie\AppData\Roaming\Babylon Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk Fichier Supprimé : C:\user.js ***** [Registre] ***** Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKLM\Software\Babylon Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\EoEngineBHO.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKLM\Software\Offerbox Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1 Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v12.0 (fr) Fichier : C:\Users\Pauline-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\8ilzesm6.default\prefs.js C:\Users\Pauline-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\8ilzesm6.default\user.js ... Supprimé ! Supprimée : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Supprimée : user_pref("browser.search.order.1", "Search the web (Babylon)"); Supprimée : user_pref("extensions.BabylonToolbar.admin", false); Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false); Supprimée : user_pref("extensions.BabylonToolbar.id", "224ce0c2000000000000f67bcb5c60a4"); Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15558"); Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6"); Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6"); Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", ""); Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111808&tt=3212_6"); Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true); Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:blank"); Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.623:30:05"); Supprimée : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=111808&tt=3212_6&babsrc=KW_ss&mntrId=224c[...] ************************* AdwCleaner[s1].txt - [5692 octets] - [09/05/2013 14:23:56] ########## EOF - C:\AdwCleaner[s1].txt - [5752 octets] ##########

Bon visiblement ça fonctionne!!! Alors je vous remercie beaucoup!!!! Z'êtes géniaux Euh par contre que dois-je faire des rapports et des logiciels installés? Je garde MBAM, mais Roguekiller et SFTGC ?

Merci beaucoup! A la fin de l'analyse par Malware bytes il est acrit qu'il n'y a aucun élément détecté. C'est ok alors?

RogueKiller V8.5.4 _x64_ [Mar 18 2013] par Tigzy mail : tigzyRK<at>gmail<dot>com Remontees : [RogueKiller] Remontées Site Web : Télécharger RogueKiller (Site Officiel) Blog : tigzy-RK Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode sans echec avec prise en charge reseau Utilisateur : Pauline-Sophie [Droits d'admin] Mode : Suppression -- Date : 09/05/2013 13:30:14 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 3 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0) ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400BEVT-60A0RT0 ATA Device +++++ --- User --- [MBR] abacb5afb30a85dc6c4f45c93d76d2d6 [bSP] fc45442aec06745f596dd8dcbc665ec5 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 596151 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1221326848 | Size: 14025 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2]_D_09052013_133014.txt >> RKreport[1]_S_09052013_132509.txt ; RKreport[2]_D_09052013_133014.txt J'espère avoir tout bien fait Oui effectivement pour combofix, une fois lancé j'ai regardé un peu sur internet et j'ai eu la trouille :$ . C'était un prof d'informatique qui me l'avait installé, il ne m'avait pas informée des risques et je ne l'avais jamais utilisé. En tout cas maintenant, pour sûr que je ne l'utiliserai plus

RogueKiller V8.5.4 _x64_ [Mar 18 2013] par Tigzy mail : tigzyRK<at>gmail<dot>com Remontees : [RogueKiller] Remontées Site Web : Télécharger RogueKiller (Site Officiel) Blog : tigzy-RK Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode sans echec avec prise en charge reseau Utilisateur : Pauline-Sophie [Droits d'admin] Mode : Recherche -- Date : 09/05/2013 13:25:09 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 4 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> TROUVÉ [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> TROUVÉ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400BEVT-60A0RT0 ATA Device +++++ --- User --- [MBR] abacb5afb30a85dc6c4f45c93d76d2d6 [bSP] fc45442aec06745f596dd8dcbc665ec5 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 596151 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1221326848 | Size: 14025 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1]_S_09052013_132509.txt >> RKreport[1]_S_09052013_132509.txt

Merci d'avance...

ComboFix 13-05-08.02 - Pauline-Sophie 08/05/2013 23:10:41.1.2 - x64 NETWORK Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4092.2981 [GMT 2:00] Lancé depuis: c:\users\Pauline-Sophie\Desktop\ComboFix.exe AV: Sophos Anti-Virus *Disabled/Outdated* {65FBD860-96D8-75EF-C7ED-7BE27E6C498A} SP: Sophos Anti-Virus *Disabled/Outdated* {DE9A3984-B0E2-7A61-FD5D-409005EB0337} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\programdata\22537C5BEA27E0C2000022535A0EE719 c:\programdata\22537C5BEA27E0C2000022535A0EE719\22537C5BEA27E0C2000022535A0EE719 c:\programdata\22537C5BEA27E0C2000022535A0EE719\22537C5BEA27E0C2000022535A0EE719.exe c:\programdata\22537C5BEA27E0C2000022535A0EE719\22537C5BEA27E0C2000022535A0EE719.ico c:\programdata\HP c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1025\1025.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1025\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1025\synonyms-1025.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1026\1026.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1026\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1026\synonyms-1026.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1028\1028.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1028\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1028\synonyms-1028.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1029\1029.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1029\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1029\synonyms-1029.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1030\1030.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1030\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1030\synonyms-1030.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1031\1031.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1031\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1031\synonyms-1031.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1032\1032.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1032\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1032\synonyms-1032.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1033\1033.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1033\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1033\synonyms-1033.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1034\1034.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1034\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1034\synonyms-1034.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1035\1035.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1035\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1035\synonyms-1035.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1036\1036.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1036\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1036\synonyms-1036.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1037\1037.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1037\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1037\synonyms-1037.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1038\1038.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1038\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1038\synonyms-1038.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1040\1040.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1040\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1040\synonyms-1040.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1042\1042.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1042\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1042\synonyms-1042.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1043\1043.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1043\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1043\synonyms-1043.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1044\1044.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1044\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1044\synonyms-1044.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1045\1045.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1045\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1045\synonyms-1045.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1046\1046.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1046\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1046\synonyms-1046.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1048\1048.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1048\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1048\synonyms-1048.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1049\1049.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1049\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1049\synonyms-1049.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1050\1050.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1050\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1050\synonyms-1050.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1051\1051.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1051\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1051\synonyms-1051.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1053\1053.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1053\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1053\synonyms-1053.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1054\1054.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1054\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1054\synonyms-1054.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1055\1055.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1055\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1055\synonyms-1055.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1057\1057.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1057\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1057\synonyms-1057.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1060\1060.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1060\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1060\synonyms-1060.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1061\1061.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1061\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1061\synonyms-1061.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1062\1062.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1062\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1062\synonyms-1062.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1063\1063.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1063\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\1063\synonyms-1063.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\2052\2052.cab c:\programdata\HP\HP Deskjet 3050A J611 series\Help\2052\dj3055_Animations.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\2052\synonyms-2052.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\AC_RunActiveContent.js c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\cueFunctions.js c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\hubURL.js c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\bullet.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\checkbox.PNG c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\cmyk-color-bar.svg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\collapsed.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\expanded.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\hyphen.PNG c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\icon_caution_color.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\icon_warning_color.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\projector_icon.jpg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\registration-circle.svg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\RightArrow.jpg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\spacer.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\images\well.jpg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\Accessory\masterStyle.css c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_black_copy.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_CGD.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_color_copy.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_Com.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_com_load_Envelope.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_com_load_LargePaper.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_com_load_media.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_com_load_SmallPhoto.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_copy_text_or_mixed_docs.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_gtk_control_panel.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_gtk_printer_parts.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_ink_replace_cartridges.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_paper_jam_back.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_paper_jam_bottom.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_paper_jam_front.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_paper_jam_inside.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\dj3055_Zoom.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\flash\globalAnivewerParts_V2.swf c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\c_panel.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\cart_contacts.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\cartridge_number.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\cleanout_door.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\cleanout_door_close.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\clear_jam_back.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\clear_jam_bottom.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\clear_jam_front.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\clear_jam_inside.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\colorlok.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\diagnostics_page.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\eprint_light.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\fcvr_ajr.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\fcvr_close.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\globe.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\icon_document.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\icon_envelope.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\icon_photo_horizontal.gif c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\icon_quickforms.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ink_blk1.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ink_cart_date.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\inkcart4.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\input_tray_1.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_env3.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_papr2.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_papr3.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_papr4.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_photo_in_tray.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_scan.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_scan_close.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ld_scan_open.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\Model_number.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\output_tray_1.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\ph_contacts.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\printer_parts.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\projector_icon.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_ce.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_ce_nh.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ar_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_bg_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_cs_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_da_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_de_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_el_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_en_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_es_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_et_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fi_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fr_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_he_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hr_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hu_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_id_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_it_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_jp_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ko_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lt_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lv_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ms_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_nl_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_no_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pl_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pt_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ro_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ru_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sk_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sl_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sv_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_th_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_tr_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_uk_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_cn.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_tw.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_energystar_logo_ww.jpg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_fcc_statement_class_b_us.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_notice_to_users_ko_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_power_cord_notice_jp_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_rohs_table_generic_zh_cn.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_vcci_class_b_notice_jp_ww.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_weee_eu.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_wireless_notice_to_users_br.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_wireless_notice_to_users_ca.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_wireless_notice_zh_tw.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\reg_wireless_radio_frequency_radiation_us.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\release_pcart_no_co.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\top_up3.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\unpack_cart.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\graphics\online\wireless_light.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\images\global_product_bg_blue.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\images\global_product_bg_blue_gtk.jpg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\images\global_product_bg_blue_hd.jpg c:\programdata\HP\HP Deskjet 3050A J611 series\Help\images\global_product_bg_blue_wide.png c:\programdata\HP\HP Deskjet 3050A J611 series\Help\sysparm.xml c:\programdata\HP\HP Deskjet 3050A J611 series\Help\topicmap.xml c:\programdata\HP\HP Deskjet 3050A J611 series\HPCustPartic\schedule.ini c:\programdata\HP\HP Deskjet 3050A J611 series\HPCustPartic\schedulekeeper.ini c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1025\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1028\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1029\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1030\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1031\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1032\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1033\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1034\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1035\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1036\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1037\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1038\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1040\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1041\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1042\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1043\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1044\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1045\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1046\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1049\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1053\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\1055\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\Installer\Help\2052\HP_Setup_Help.chm c:\programdata\HP\HP Deskjet 3050A J611 series\NetworkDevices\CN2751FH4605WK.ini c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\Calibration\CalibrationManifest.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\DevMgmt\ConsumableConfigCap.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\DevMgmt\DiscoveryTree.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\DevMgmt\InternalPrintCap.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\DevMgmt\ProductConfigCap.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\ePrint\ePrintConfigCap.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\ePrint\ePrintManifest.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\IoMgmt\IoMgmtManifest.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\Scan\ScanCaps.xml c:\programdata\HP\HP Deskjet 3050A J611 series\XmlFileCache\CN2751FH4605WK\WebFirmwareUpdate\WebFirmwareUpdateManifest.xml c:\users\Pauline-Sophie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe c:\users\Pauline-Sophie\AppData\Roaming\eoRezo c:\users\Pauline-Sophie\AppData\Roaming\eoRezo\install.exe c:\users\Pauline-Sophie\AppData\Roaming\eoRezo\SoftwareUpdate\help_config.cyp c:\users\Pauline-Sophie\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.dat c:\users\Pauline-Sophie\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe c:\users\Pauline-Sophie\AppData\Roaming\eoRezo\SoftwareUpdate\user_config.cyp c:\users\Pauline-Sophie\AppData\Roaming\eoRezo\SoftwareUpdate\user_profil.cyp c:\users\Pauline-Sophie\AppData\Roaming\Local c:\users\Pauline-Sophie\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi c:\users\Pauline-Sophie\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\mbsvzohgxmfr.avi.ddp c:\users\Pauline-Sophie\AppData\Roaming\OfferBox c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\config.xml c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\http_app.offerbox.com\country.sxe c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\http_app.offerbox.com\extracountry.sxe c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\http_app.offerbox.com\history.db c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\http_app.offerbox.com\profile.sxe c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\http_app.offerbox.com\update.sxe c:\users\Pauline-Sophie\AppData\Roaming\OfferBox\http_app.offerbox.com\update.xml c:\windows\SysWow64\DEBUG.log c:\windows\SysWow64\ijl11.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2013-04-08 au 2013-05-08 )))))))))))))))))))))))))))))))))))) . . 2013-05-08 21:22 . 2013-05-08 21:22 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-08 21:13 . 2013-05-08 21:13 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC94377B-596C-4F6E-BB66-A299166F69B9}\offreg.dll 2013-05-08 21:02 . 2013-05-08 21:02 -------- d-----w- c:\program files (x86)\Enigma Software Group 2013-05-07 15:50 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC94377B-596C-4F6E-BB66-A299166F69B9}\mpengine.dll 2013-05-06 20:36 . 2013-05-06 20:36 -------- d-----w- c:\users\Pauline-Sophie\AppData\Roaming\Amazon 2013-05-06 20:35 . 2013-05-06 20:35 -------- d-----w- c:\users\Pauline-Sophie\AppData\Local\Program Files 2013-04-30 17:01 . 2013-04-30 17:01 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin 2013-04-24 10:20 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-13 10:01 . 2013-04-13 10:00 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-10 13:24 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-04-10 13:24 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-04-10 13:24 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-04-10 13:24 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-04-10 13:24 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-04-10 13:24 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe 2013-04-10 13:24 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-04-10 13:24 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-02 00:06 . 2010-08-27 08:32 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-20 08:27 . 2012-07-26 16:18 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-04-20 08:27 . 2011-05-22 19:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-13 10:00 . 2012-05-11 19:27 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2013-04-13 10:00 . 2010-10-17 10:31 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-04-10 15:24 . 2010-09-20 15:09 72702784 ----a-w- c:\windows\system32\MRT.exe 2013-03-13 22:21 . 2013-03-13 22:21 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-03-13 22:21 . 2013-03-13 22:21 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-03-13 22:21 . 2013-03-13 22:21 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-03-13 22:21 . 2013-03-13 22:21 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-03-13 22:21 . 2013-03-13 22:21 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-03-13 22:21 . 2013-03-13 22:21 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-03-13 22:21 . 2013-03-13 22:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-03-13 22:21 . 2013-03-13 22:21 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-03-13 22:21 . 2013-03-13 22:21 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-03-13 22:21 . 2013-03-13 22:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-03-13 22:21 . 2013-03-13 22:21 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-03-13 22:21 . 2013-03-13 22:21 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-03-13 22:21 . 2013-03-13 22:21 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-03-13 22:21 . 2013-03-13 22:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-03-13 22:21 . 2013-03-13 22:21 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-03-13 22:21 . 2013-03-13 22:21 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-03-13 22:21 . 2013-03-13 22:21 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-03-13 22:21 . 2013-03-13 22:21 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-03-13 22:21 . 2013-03-13 22:21 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-03-13 22:21 . 2013-03-13 22:21 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-03-13 22:21 . 2013-03-13 22:21 441856 ----a-w- c:\windows\system32\html.iec 2013-03-13 22:21 . 2013-03-13 22:21 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-03-13 22:21 . 2013-03-13 22:21 216064 ----a-w- c:\windows\system32\msls31.dll 2013-03-13 22:21 . 2013-03-13 22:21 197120 ----a-w- c:\windows\system32\msrating.dll 2013-03-13 22:21 . 2013-03-13 22:21 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-03-13 22:21 . 2013-03-13 22:21 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-03-13 22:21 . 2013-03-13 22:21 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-03-13 22:21 . 2013-03-13 22:21 81408 ----a-w- c:\windows\system32\icardie.dll 2013-03-13 22:21 . 2013-03-13 22:21 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-03-13 22:21 . 2013-03-13 22:21 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-03-13 22:21 . 2013-03-13 22:21 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-13 22:21 . 2013-03-13 22:21 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-03-13 22:21 . 2013-03-13 22:21 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-03-13 22:21 . 2013-03-13 22:21 235008 ----a-w- c:\windows\system32\url.dll 2013-03-13 22:21 . 2013-03-13 22:21 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-03-13 22:21 . 2013-03-13 22:21 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-03-13 22:21 . 2013-03-13 22:21 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-03-13 22:21 . 2013-03-13 22:21 149504 ----a-w- c:\windows\system32\occache.dll 2013-03-13 22:21 . 2013-03-13 22:21 144896 ----a-w- c:\windows\system32\wextract.exe 2013-03-13 22:21 . 2013-03-13 22:21 102912 ----a-w- c:\windows\system32\inseng.dll 2013-03-13 22:21 . 2013-03-13 22:21 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-03-13 22:21 . 2013-03-13 22:21 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-03-13 22:21 . 2013-03-13 22:21 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-03-13 22:21 . 2013-03-13 22:21 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-03-13 22:21 . 2013-03-13 22:21 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-03-13 22:21 . 2013-03-13 22:21 13824 ----a-w- c:\windows\system32\mshta.exe 2013-03-13 22:21 . 2013-03-13 22:21 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-03-13 22:21 . 2013-03-13 22:21 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-03-13 22:21 . 2013-03-13 22:21 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-02-12 05:45 . 2013-03-13 14:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 14:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 14:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 14:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 14:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 14:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 04:12 . 2013-03-13 22:07 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048] "Facebook Update"="c:\users\Pauline-Sophie\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-01-27 138096] "HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 2676584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304] "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2012-08-08 900160] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "SpyHunter"="c:\program files (x86)\Enigma Software Group\SpyHunter\SpyHunter.exe" [2007-04-26 2693248] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] . c:\users\Pauline-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService] @="service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus] "DisableMonitoring"=dword:00000001 . R1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [2012-07-27 144672] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-05 203264] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520] R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2012-09-27 216640] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] R2 Sophos Web Control Service;Sophos Web Control Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [2012-07-27 357400] R2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-09-27 2863168] R2 swi_update_64;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe [2012-08-08 2009152] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys [2012-07-27 36640] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-28 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [2011-02-12 25608] S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2012-07-27 139840] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' . 2013-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 08:27] . 2013-05-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-405216875-598066598-2656060311-1000Core.job - c:\users\Pauline-Sophie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 16:36] . 2013-05-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-405216875-598066598-2656060311-1000UA.job - c:\users\Pauline-Sophie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-30 16:36] . 2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 18:42] . 2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 18:42] . 2013-05-08 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . 2013-04-28 c:\windows\Tasks\HPCeeScheduleForHP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-14 171520] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Examen supplémentaire ------- . uStart Page = about:blank uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000 LSP: c:\programdata\Sophos\Web Intelligence\swi_ifslsp.dll TCP: DhcpNameServer = 192.168.1.1 DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} - hxxp://www.opticiens-atol.com/pages/collections/adriana/total-immersion/plugin/DFusionHomeWebPlugIn.InstallerFull.exe FF - ProfilePath - c:\users\Pauline-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\8ilzesm6.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=111808&tt=3212_6&babsrc=KW_ss&mntrId=224ce0c2000000000000f67bcb5c60a4&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111808&tt=3212_6 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q= FF - user.js: extensions.BabylonToolbar.id - 224ce0c2000000000000f67bcb5c60a4 FF - user.js: extensions.BabylonToolbar.instlDay - 15558 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.623:30 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . - - - - ORPHELINS SUPPRIMES - - - - . Wow6432Node-HKCU-Run-AmazonMP3DownloaderHelper - c:\users\Pauline-Sophie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe Wow6432Node-HKLM-Run-DivX Download Manager - c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe Wow6432Node-HKLM-Run-eorezo - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-SoftwareUpdate_is1 - c:\users\Pauline-Sophie\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2013-05-09 00:38:20 ComboFix-quarantined-files.txt 2013-05-08 22:38 . Avant-CF: 544 620 118 016 octets libres Après-CF: 545 434 517 504 octets libres . - - End Of File - - F0CA2444D59FF8787806F9568151F3D9

Bonsoir! Voilà, mon pc (windows 7) a été infecté par "System care antivirus" donc après avoir cherché un peu sur internet depuis un autre ordi, j'ai redémarré en mode sans échec avec prise en charge du réseau. Dans mes recherches d'aide, il était indiqué de télécharger SpyHunter, mais ayant déjà Combofix sur mon pc, je l'ai lancé. Etait-ce la bonne marche à suivre? Combofix prépare actuellement le compte-rendu. Merci d'avance