bohemes52

OK

Ca parait bon Merci beaucoup

All processes killed ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Wow6432Node\BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\1396421883_BrowseBurstSetup_RASAPI32\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\1396421883_BrowseBurstSetup_RASMANCS\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BrowseBurst_RASAPI32\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BrowseBurst_RASMANCS\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BrowseBurst_Setup_RASAPI32\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BrowseBurst_Setup_RASMANCS\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateBrowseBurst_RASAPI32\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateBrowseBurst_RASMANCS\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilBrowseBurst_RASAPI32\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilBrowseBurst_RASMANCS\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\services\eventlog\Application\Update BrowseBurst\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\services\eventlog\Application\Util BrowseBurst\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\services\Update BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\services\Util BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\ControlSet002\services\eventlog\Application\Update BrowseBurst\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\ControlSet002\services\eventlog\Application\Util BrowseBurst\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\ControlSet002\services\Update BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\ControlSet002\services\Util BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Application\Update BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\eventlog\Application\Util BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\Update BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\Util BrowseBurst\ not found. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\Firewall\Policy\5\\Filename deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\Firewall\Policy\5\\DeviceName deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\Firewall\Policy\6\\Filename deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\Firewall\Policy\6\\DeviceName deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\15\\. "Filename" not found. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\15\\DeviceName deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\18\\Filename deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\18\\DeviceName deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\18\Rules\0\Allowed\0\\Filename deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\18\Rules\0\Allowed\0\\DeviceName deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\19\\Filename deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\19\\. "DeviceName" not found. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\25\\Filename deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\25\\DeviceName deleted successfully. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\26\Rules\0\Allowed\0\\1 "Filename" not found. Registry value HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro\Configurations\2\HIPS\Policy\26\Rules\0\Allowed\0\\DeviceName deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Serge ->Temp folder emptied: 48074 bytes ->Temporary Internet Files folder emptied: 3193 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 20530150 bytes ->Flash cache emptied: 492 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 944 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 750625828 bytes Total Files Cleaned = 735,00 mb OTM by OldTimer - Version 3.1.21.0 log created on 04132014_142634 Files moved on Reboot... C:\Users\Serge\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Serge\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. Registry entries deleted on Reboot...

All processes killed ========== PROCESSES ========== No active process named Update BrowseBurst was found! No active process named Util BrowseBurst was found! ========== SERVICES/DRIVERS ========== Service Update BrowseBurst stopped successfully! Service Update BrowseBurst deleted successfully! Service Util BrowseBurst stopped successfully! Service Util BrowseBurst deleted successfully! ========== FILES ========== C:\Program Files (x86)\BrowseBurst folder moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\BrowseBurst\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Wow6432Node\BrowseBurst\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Serge ->Temp folder emptied: 55487 bytes ->Temporary Internet Files folder emptied: 2684924 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 19737322 bytes ->Flash cache emptied: 1712 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 2836 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 62563 bytes RecycleBin emptied: 588146094 bytes Total Files Cleaned = 583,00 mb OTM by OldTimer - Version 3.1.21.0 log created on 04132014_124126 Files moved on Reboot... C:\Users\Serge\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Serge\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. Registry entries deleted on Reboot... Apparamment, il en restait encore, ça a l'air clean Merci de votre aide

Bon, j'ai recommencé SEAF et à 1ère vue encore présent http://cjoint.com/?DDnmJEoWAN6

J'ai fait tourner Seaf Le rapport s'est généré, j'ai demandé de l'enregistrer sur le bureau, plus moyen de le trouver ni sur C Par contre l'entrée browseburst a bien disparu

OK c'est propre, par contre le browserburst est toujours dans mes programmes installés et ne veut pas s'en aller

Rapport zhpfix : http://cjoint.com/?DDnkLa90lc6 Rapport sftgc : http://cjoint.com/?DDnkMAJAymr

Salut tout le monde J'ai migré mon PC de XP à Seven J'ai téléchargé et installé Avast antivirus et Comodo Firewall Je fais toujours très attention en installant les machins gratuits de ne pas accepter les toolsbars et autre joyeusetés Je ne sais pas comment j'ai fait, mais j'ai vu un downmanager installé à qui je n'ai rien demandé, je l'ai désinstalé Mais j'ai aussi : BrowseBurst qui est indésinstallable, même avec regcleaner et qui m'ouvre de pubs à tout va dans mon navigateur (Firefox) Le rapport Zhpdiag : ~ Rapport de ZHPDiag v2014.4.12.22 - Nicolas Coolman (12/04/2014) ~ Lancé par Serge (13/04/2014 09:36:46) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.16428 MFIE: Mozilla Firefox 28.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 7TP9F Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2016 COMODO Internet Security v5.10.31649.2253 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 10 Plugin Adobe Reader XI Java 7 Update 51 ---\\ Informations sur le système ~ Processor: AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 2815 MB (49% free) System Restore: Activé (Enable) System drive C: has 134 GB (72%) free of 186 GB ---\\ Mode de connexion au système ~ Computer Name: SERGE-PC ~ User Name: Serge ~ All Users Names: Serge, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Serge\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Serge\AppData\Roaming\ ~ %Desktop% : C:\Users\Serge\Desktop\ ~ %Favorites% : C:\Users\Serge\Favorites\ ~ %LocalAppData% : C:\Users\Serge\AppData\Local\ ~ %StartMenu% : C:\Users\Serge\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 134 Go of 186 Go) D: Hard drive, Flash drive, Thumb drive (Free 448 Go of 466 Go) E: Hard drive, Flash drive, Thumb drive (Free 464 Go of 466 Go) F: CD-ROM drive (Not Inserted) H: Floppy drive, Flash card reader, USB Key (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Not Inserted) J: Floppy drive, Flash card reader, USB Key (Not Inserted) K: Floppy drive, Flash card reader, USB Key (Not Inserted) L: Hard drive, Flash drive, Thumb drive (Free 31 Go of 119 Go) M: Hard drive, Flash drive, Thumb drive (Free 112 Go of 161 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified ~ Security Center: 41 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2014 - 03:09:17.) -- C:\Windows\System32\wininet.dll [2332160] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 1/18 ~ Mon Bureau (My Desktop) : 0/217 ~ Menu demarrer (Programs) : 1/41 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.FB0C8699B87F7140BB6201BE7B4B6778] - (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe [827392] [PID.1428] [MD5.3D128E3AE74833E82F852BD096D937C5] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Serge\AppData\Roaming\Dropbox\bin\Dropbox.exe [33508336] [PID.2168] [MD5.E30DFD940A3549F76D1A72B630B88C29] - (.Firetrust Ltd - MailWasher Pro.) -- C:\Program Files\MailWasher Pro\MailWasher.exe [5215744] [PID.2192] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.2328] [MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.2352] [MD5.4D5D968FE6AE6BF94A807F73F7FF6B3D] - (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168] [PID.2428] [MD5.48314794C8A292C5FD247ACDDE03630F] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe [872448] [PID.2728] [MD5.490F9A7948EF661DF32A9F0DC8534284] - (.Brother Industries, Ltd. - Brother Status Monitor (Local).) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe [221184] [PID.3616] [MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.1452] [MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.1080] [MD5.2F777711F4A380AACADBB85A3E7EBFCB] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe [1864368] [PID.1552] [MD5.F69C58BEEEA291A6781903A4E3019593] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8211456] [PID.2228] [MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1360] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1796] [MD5.1F61D45D47BE3BF3C13D154EAF7D9759] - (...) -- C:\Program Files (x86)\BrowseBurst\updateBrowseBurst.exe [350496] [PID.1924] [MD5.635686E528F2C9CB916EC1BB04EE6AD1] - (...) -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736] [PID.2384] [MD5.1F61D45D47BE3BF3C13D154EAF7D9759] - (...) -- C:\Program Files (x86)\BrowseBurst\bin\utilBrowseBurst.exe [350496] [PID.2436] ~ Processes Running: Scanned in 00mn 03s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M0 - MFSP: prefs.js [serge - g1guu5f5.default] google.be ~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.be ~ IE Browser: 17 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 03s ~ Nombre de lignes (Lines number): 21 ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Brother Creative Center.lnk . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url O4 - GS\Program [Public]: Cartes de Visite.lnk . (...) -- C:\Program Files (x86)\Sybex\Visiten\Visiten.exe (.not file.) O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\QuickLaunch [serge]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [serge]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [serge]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [serge]: OziExp - Raccourci.lnk . (...) -- D:\OziExplorer\OziExp.exe O4 - GS\TaskBar [serge]: Raccourci vers emule.exe.lnk . (...) -- C:\Program Files (x86)\eMule\emule.exe (.not file.) O4 - GS\TaskBar [serge]: Weather-iGo-PC-v2 - Raccourci.lnk . (...) -- C:\Program Files (x86)\Weather-iGo2\Weather-iGo-PC-v2.exe (.not file.) O4 - GS\Program [serge]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SystemTools [serge]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop [serge]: IrfanView Thumbnails.lnk . (.Irfan Skiljan - IrfanView.) -- C:\Program Files (x86)\IrfanView\i_view32.exe O4 - GS\Desktop [serge]: IrfanView.lnk . (.Irfan Skiljan - IrfanView.) -- C:\Program Files (x86)\IrfanView\i_view32.exe O4 - GS\Desktop [serge]: Ordinateur - Raccourci.lnk - Clé orpheline ~ Global Startup: 64 Legitimates Filtered in 00mn 01s ---\\ Applications lancées au démarrage du système (O4) O4 - GS\Startup [serge]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Serge\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox O4 - GS\Startup [serge]: MailWasherPro.lnk . (.Firetrust Ltd - MailWasher Pro.) -- C:\Program Files\MailWasher Pro\MailWasher.exe O4 - GS\Startup [serge]: Organiseur.lnk . (...) -- C:\Program Files (x86)\Micro Application\Agenda et Contacts\Organiseur.exe (.not file.) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [snpstd3] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Wow6432Node\Run: [brMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [switchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation ~ Application: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{24352D57-C56A-49FC-A4DC-420DD3526D45}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{24352D57-C56A-49FC-A4DC-420DD3526D45}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{24352D57-C56A-49FC-A4DC-420DD3526D45}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (...) - C:\Windows\system32\guard64.dll (.not file.) ~ AppInit DLL: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Update BrowseBurst (Update BrowseBurst) . (...) - C:\Program Files (x86)\BrowseBurst\updateBrowseBurst.exe O23 - Service: Util BrowseBurst (Util BrowseBurst) . (...) - C:\Program Files (x86)\BrowseBurst\bin\utilBrowseBurst.exe ~ Services: 7 Legitimates Filtered in 00mn 10s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (wStLibG64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLibG64.sys =>PUP.LinkiDoo ~ Drivers: 84 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: BrowseBurst - (.BrowseBurst.) [HKLM][64Bits] -- BrowseBurst ~ Logic: 20 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\BrowseBurst] [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\WeDlMngr] =>PUP.weDownloadManager [HKCU\Software\bu] [HKLM\Software\Wow6432Node\BrowseBurst] ~ Key Software: 164 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 12/04/2014 - 06:07:36 - [4,538] ----D C:\Program Files (x86)\BrowseBurst O43 - CFD: 10/04/2014 - 20:53:39 - [0,241] ----D C:\Users\Serge\AppData\Roaming\Shortcut ~ Program Folder: 105 Legitimates Filtered in 00mn 36s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.4BA8E7B95183BE850474E9C325DDBDC7] - 10/04/2014 - 07:03:41 ---A- . (...) -- C:\mcdbp.log [24026334] O44 - LFC:[MD5.604CEF75E5CFD73B8A2D8C1047222517] - 10/04/2014 - 11:16:43 ---A- . (...) -- C:\Windows\TSSysprep.log [1355] O44 - LFC:[MD5.BCF2A605021BE603C5F5A425E5DBF3C0] - 10/04/2014 - 11:16:50 ---A- . (...) -- C:\Windows\DtcInstall.log [2790] O44 - LFC:[MD5.329D236B4B60C9C1B6A0CA46DAE8FF7A] - 10/04/2014 - 14:29:29 RSH-- . (...) -- C:\MPXZV [401029] O44 - LFC:[MD5.0C7F365D9B29C95FC7AFCE3A81E44406] - 10/04/2014 - 14:40:43 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [16843] O44 - LFC:[MD5.92C704590FCEDDA971B7A77945DCCDA4] - 10/04/2014 - 14:49:32 ---A- . (.Pas de propriétaire - About Page.) -- C:\Windows\System32\RtNicProp64.dll [74272] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/04/2014 - 07:30:26 ---A- . (...) -- C:\Windows\brdfxspd.dat [0] O44 - LFC:[MD5.C6D9924A98FFF222C3EFB48B18FF944C] - 11/04/2014 - 07:31:10 ---A- . (...) -- C:\Windows\BRPP2KA.INI [27] O44 - LFC:[MD5.96AB5888BC087FACFDB69D0956738724] - 11/04/2014 - 07:31:10 ---A- . (...) -- C:\Windows\BRWMARK.INI [434] O44 - LFC:[MD5.7D6E128FDC85D9EC2130ECAEC7FB7C76] - 11/04/2014 - 07:31:13 ---A- . (...) -- C:\Windows\Brfaxrx.ini [66] O44 - LFC:[MD5.3FC8CD18DA06D8D2F990EF4ECC42AB99] - 11/04/2014 - 07:31:13 ---A- . (...) -- C:\Windows\System32\bridf08a.dat [50] O44 - LFC:[MD5.D632E9CC65FA9D29A907F7F409E0331C] - 11/04/2014 - 07:31:52 ---A- . (...) -- C:\Windows\brpcfx.ini [93] O44 - LFC:[MD5.0F60C8FE70E2E186652C888614FAFDBD] - 11/04/2014 - 07:49:06 ---A- . (...) -- C:\Windows\Brpfx04a.ini [336] O44 - LFC:[MD5.B1E6C7F15FB25B4AB7BA371FCCE4E2EF] - 11/04/2014 - 08:10:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG64.sys [61120] =>PUP.LinkiDoo O44 - LFC:[MD5.0A07540776F2FB205F42F820013EC164] - 11/04/2014 - 13:30:08 ---A- . (...) -- C:\Windows\vsnpstd3.dll [53248] O44 - LFC:[MD5.6A66547C17D1CAB4537CBF3317363CA6] - 11/04/2014 - 15:47:30 ---A- . (...) -- C:\Windows\win.ini [412] O44 - LFC:[MD5.C15CC19B1BBD5EF53F86C010EE49C437] - 13/04/2014 - 02:34:20 ---A- . (...) -- C:\Windows\IE9_main.log [4055] O44 - LFC:[MD5.F5B4BC2B6A14E6F91142E3D8E20A4197] - 13/04/2014 - 03:04:33 ---A- . (...) -- C:\Windows\IE10_main.log [10886] O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 13/04/2014 - 03:09:16 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284] O44 - LFC:[MD5.ACFDBAED6C0F82204A7EA95DF02FACAF] - 13/04/2014 - 03:17:00 ---A- . (...) -- C:\Windows\IE11_main.log [14649] O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 31/03/2014 - 10:10:10 RSHA- . (...) -- C:\cmldr [263488] O44 - LFC:[MD5.5E026E5BB0857DA9753D5CEE0D46296A] - 31/03/2014 - 13:22:33 ---A- . (...) -- C:\DelFix.txt [6426] O44 - LFC:[MD5.3F26C65EFB18EC7A0524A4750BAF77B6] - 9/04/2014 - 00:08:54 --H-- . (...) -- C:\Boot.BAK [410] ~ Files: 494 Legitimates Filtered in 00mn 41s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.698D3D22D0D87E5DC193BC5FFC85E66C] - 11/04/2014 - 07:00:15 ---A- - C:\Windows\Prefetch\MFC-J625DW-INST-B1-USA.EXE-A106A6F6.pf O45 - LFCP:[MD5.23D892AB82E97EB22C99DA783ED0DB57] - 11/04/2014 - 07:01:10 ---A- - C:\Windows\Prefetch\INSTVIEW.EXE-4117E3BB.pf O45 - LFCP:[MD5.815C4C67893DA13F371224B17298879C] - 11/04/2014 - 07:02:08 ---A- - C:\Windows\Prefetch\BRREMPNP.EXE-39E0877B.pf O45 - LFCP:[MD5.907655A869CA4BB1A7095DFB71A5080E] - 11/04/2014 - 07:06:24 ---A- - C:\Windows\Prefetch\BRLOGRX64.EXE-7343FF47.pf O45 - LFCP:[MD5.0C682A7062A4AEBAF588B80FFCFAFC31] - 11/04/2014 - 07:06:26 ---A- - C:\Windows\Prefetch\BRDIFXAPI64.EXE-CFE007B4.pf O45 - LFCP:[MD5.5FB517AE4F16C265DF6508AC5202F6E9] - 11/04/2014 - 07:06:27 ---A- - C:\Windows\Prefetch\BRLOGRX.EXE-B146ECB5.pf O45 - LFCP:[MD5.5123521FB5EF1AAEAF04E604A4D3CC84] - 11/04/2014 - 07:06:27 ---A- - C:\Windows\Prefetch\BRREMOVEYNSVC.EXE-A685FB4E.pf O45 - LFCP:[MD5.6FCDD95E2D968ADE948BBE16BADF2F3A] - 11/04/2014 - 07:08:02 ---A- - C:\Windows\Prefetch\BROTHER CONTROL CENTER MFC 64-46E70C6B.pf O45 - LFCP:[MD5.9D998742C2A1D05ACA44472D18FEDF47] - 11/04/2014 - 07:28:54 ---A- - C:\Windows\Prefetch\5890-INST-WIN7-A.EXE-DF18FDBD.pf O45 - LFCP:[MD5.87D2404D7C57770A2B5EA50CECA66ABC] - 11/04/2014 - 07:30:42 ---A- - C:\Windows\Prefetch\BRREMPNP.EXE-0E923B82.pf O45 - LFCP:[MD5.396CB4BFA38A4E55969263FBE85D9CBA] - 11/04/2014 - 07:31:13 ---A- - C:\Windows\Prefetch\BRDIFXAPI64.EXE-1F678133.pf O45 - LFCP:[MD5.6F170BB5BA313135ADBF705D2D30E740] - 11/04/2014 - 07:31:13 ---A- - C:\Windows\Prefetch\BRLOGRX64.EXE-DD8FB8B6.pf O45 - LFCP:[MD5.8F108BDF136EBC93A24C3375DF3E8806] - 11/04/2014 - 07:32:15 ---A- - C:\Windows\Prefetch\BRC3RGIN.EXE-41194A3E.pf O45 - LFCP:[MD5.AE56D8441E1DE5F9C7734AC26A99CBED] - 11/04/2014 - 07:32:16 ---A- - C:\Windows\Prefetch\BRWIEVRG.EXE-5EF67044.pf O45 - LFCP:[MD5.CE78A513B3AA8FC141952D564E133CBD] - 11/04/2014 - 07:32:17 ---A- - C:\Windows\Prefetch\BRLOGRX.EXE-7C621F76.pf O45 - LFCP:[MD5.B436A8538D3E729A4D519F7ECB1D66E9] - 11/04/2014 - 07:32:17 ---A- - C:\Windows\Prefetch\BRSTDVPT.EXE-A45FBD37.pf O45 - LFCP:[MD5.1891B493FD07F69BEC2BFA71A56D08D1] - 11/04/2014 - 07:32:24 ---A- - C:\Windows\Prefetch\BROLINK0.EXE-16BF1158.pf O45 - LFCP:[MD5.385A8C0499C2C879A7C5EE33A8CB11E6] - 11/04/2014 - 07:33:32 ---A- - C:\Windows\Prefetch\BRLOGRX.EXE-79256514.pf O45 - LFCP:[MD5.6A0E819513D6534A06EEE3685AF5B9F7] - 11/04/2014 - 07:44:33 ---A- - C:\Windows\Prefetch\CC3UP_1.30.0020.EXE-83870CC3.pf O45 - LFCP:[MD5.42FA949B005A458DB578DC11EA69E435] - 11/04/2014 - 07:46:29 ---A- - C:\Windows\Prefetch\BRMAIN480.EXE-35FD6011.pf O45 - LFCP:[MD5.C25AC578C6A91B80D06015CD7BD46106] - 11/04/2014 - 07:46:39 ---A- - C:\Windows\Prefetch\PACK.EXE-0B2CB6FA.pf O45 - LFCP:[MD5.0D15F629C13035E748BEE51750C59049] - 11/04/2014 - 07:46:41 ---A- - C:\Windows\Prefetch\BRPDRMAI.EXE-3034A328.pf O45 - LFCP:[MD5.576195ECE8A4F7872E7C3C05BDB69892] - 11/04/2014 - 07:49:09 ---A- - C:\Windows\Prefetch\ADDRBOOK.EXE-EFC07D10.pf O45 - LFCP:[MD5.35618C1983414118CF7A2D63C7DD7F0D] - 11/04/2014 - 08:00:52 ---A- - C:\Windows\Prefetch\IMAGINGDEVICES.EXE-AAB79E67.pf O45 - LFCP:[MD5.9D8A15585700A914A98EFF87FA38D889] - 11/04/2014 - 11:16:43 ---A- - C:\Windows\Prefetch\FILTERAPP_C64.EXE-59339F6E.pf O45 - LFCP:[MD5.54BF8F2A14517A02B3AD842465EDA04A] - 11/04/2014 - 11:25:25 ---A- - C:\Windows\Prefetch\OZIEXP.EXE-AAADFD95.pf O45 - LFCP:[MD5.CB94D6E76B276DC13E27A690669803DF] - 11/04/2014 - 11:37:17 ---A- - C:\Windows\Prefetch\EMULE.EXE-9EDB7005.pf O45 - LFCP:[MD5.F78CCEF467B9CE0D83542BBCE5798289] - 11/04/2014 - 21:22:16 ---A- - C:\Windows\Prefetch\DSASSISTANT.EXE-45A3DFE3.pf O45 - LFCP:[MD5.D5668B5FE57A50422CE7F0EA38686F4F] - 12/04/2014 - 11:15:37 ---A- - C:\Windows\Prefetch\EMULE.EXE-E9D12381.pf O45 - LFCP:[MD5.48F8B7B93FFC617326F26C684CC84434] - 13/04/2014 - 05:07:18 ---A- - C:\Windows\Prefetch\UTILBROWSEBURST.EXE-6FCA216F.pf O45 - LFCP:[MD5.222AABE7F30D9DEF6619FB3811D9414A] - 13/04/2014 - 05:09:52 ---A- - C:\Windows\Prefetch\BRCTRCEN.EXE-6C8F2676.pf O45 - LFCP:[MD5.D35D8C7B3847F3619BDAF77D93A12567] - 13/04/2014 - 05:09:57 ---A- - C:\Windows\Prefetch\BRCCMCTL.EXE-B86260A9.pf O45 - LFCP:[MD5.9DD0579891BAF0A6C17D86E85C6AB762] - 13/04/2014 - 07:31:23 ---A- - C:\Windows\Prefetch\INSTUP.EXE-20062FAA.pf ~ Prefetcher: 33 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.8D4B8BF93C65BDBC133B20706A3B5208] - 10/04/2014 - 20:13:42 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] O58 - SDL:[MD5.0606875650850B0697D662934529F6FC] - 10/04/2014 - 20:13:42 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208928] O58 - SDL:[MD5.32B94975BF6F101C27C43E90FF8ABBEB] - 3/08/2012 - 10:36:52 ---A- . (.Windows ® Win 7 DDK provider - Synology Virtual USB Hub.) -- C:\Windows\System32\Drivers\busenum.sys [55776] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:[MD5.B1E6C7F15FB25B4AB7BA371FCCE4E2EF] - 11/04/2014 - 08:10:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG64.sys [61120] =>PUP.LinkiDoo ~ Drivers: 16 Legitimates Filtered in 00mn 04s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 10/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk [0] O61 - LFC: 10/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\Thunderbird\Crash Reports\InstallTime20140316131045 [10] =>.Mozilla Corporation O61 - LFC: 10/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\Downloads\vlc-2.1.3-win32.exe [16593] O61 - LFC: 10/04/2014 - 09:39:25 -SHA- . (...) -- C:\Users\Serge\AppData\Roaming\Microsoft\Credentials\38F93243BAD17543FE4E79C034892CDB [496] O61 - LFC: 10/04/2014 - 09:39:25 R-HA- . (...) -- C:\Users\Serge\Searches\Everywhere.search-ms [248] O61 - LFC: 10/04/2014 - 09:39:25 R-HA- . (...) -- C:\Users\Serge\Searches\Indexed Locations.search-ms [248] O61 - LFC: 11/04/2014 - 09:39:23 ---A- . (...) -- C:\Users\Serge\AppData\Local\GDIPFONTCACHEV1.DAT [58584] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\MailWasherPro.in [16] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\Training\Training archive - junk.rot135 [0] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\mwLog.20140411 [3680] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\spamLog.txt [1010] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\PC-FAX TX\address.ba2 [68] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\Links\Desktop.lnk [437] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\Links\Downloads.lnk [888] O61 - LFC: 11/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\Links\RecentPlaces.lnk [383] O61 - LFC: 11/04/2014 - 09:39:25 R--A- . (...) -- C:\Users\Serge\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe [10134] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\Blacklist.txt [918] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\Training\Performance.txt [978] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\Training\Training archive - legitimate.rot135 [39430] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\Training\TrainingMA.dat [6410] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\Trash.rot135 [54546] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\blackList.txt.backup [918] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\filters.txt [358] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\filters.txt.backup [358] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\mwLog.20140413 [13616] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\seenEmail.txt [270] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\MailWasherPro\tmpLog.txt [2941] O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\ZHP\Log.txt [15711] =>.Nicolas Coolman O61 - LFC: 13/04/2014 - 09:39:25 ---A- . (...) -- C:\Users\Serge\AppData\Roaming\ZHP\TestsZHPDiag.txt [2852] =>.Nicolas Coolman ~ Files: 90 Legitimates Filtered in 00mn 03s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 11/03/2012 - C:\Windows\System32\DRIVERS\cmdhlp.sys (cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP O64 - Services: CurCS - 3/02/2012 - C:\Windows\System32\DRIVERS\inspect.sys (inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\nvstor.sys (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 11/04/2014 - C:\Windows\System32\drivers\wStLibG64.sys (wStLibG64) .(.StdLib - StdLib.) - LEGACY_WSTLIBG64 =>PUP.LinkiDoo ~ Legacy: 117 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: prefs.js [serge - g1guu5f5.default] user_pref("extensions.crossrider.bic", "1454cfd90dc5206399ebc8907e172c26"); =>PUP.CrossRider O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\emule_RASAPI32 =>P2P.eMule HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\emule_RASMANCS =>P2P.eMule HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASAPI32 =>PUP.OptimizerPro HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASMANCS =>PUP.OptimizerPro ~ BTK: 113 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 10/07/1658 0 | (BrYNSvc) . (...) - C:\Program Files (x86)\Browny02\BrYNSvc.exe SS - | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 10/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 11/03/2012 2815496 | (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe SR - | Auto 16/03/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 9/04/2014 350496 | (Update BrowseBurst) . (...) - C:\Program Files (x86)\BrowseBurst\updateBrowseBurst.exe SR - | Auto 23/01/2014 248736 | (UsbClientService) . (...) - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe SR - | Auto 11/04/2014 350496 | (Util BrowseBurst) . (...) - C:\Program Files (x86)\BrowseBurst\bin\utilBrowseBurst.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 11s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Serge at 13/04/2014 09:41:17 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Serge at 13/04/2014 09:41:24 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 06s ---\\ Scan Additionnel (O88) Database Version : 13044 - (12/04/2014) Clés trouvées (Keys found) : 7 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 [HKCU\Software\Softonic] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASMANCS] =>PUP.OptimizerPro [HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASAPI32] =>PUP.OptimizerPro [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKCU\Software\WeDlMngr] =>PUP.weDownloadManager^ ~ Additionnel Scan: 261133 Items scanned in 00mn 40s ---\\ Récapitulatif des détections trouvées sur votre station ~ MSI: 5 link(s) detected in 00mn 00s ~ 1450 Legitimates filtered by white list End of the scan (519 lines in 05mn 18s)(0)

Ok tout est fait L'accélérateur, ben oui, je m'en suis rendu compte, mébon, j'ai une ligne tellement lente, on se croirait au temps des modem téléphoniques que malgré ma méfiance, j'ai essayé ... à tort J'ai du 266 ko/sec en down et 46 en up Maintenant, je suis au bout du monde au milieu des bois et encore content d'avoir internet Encore merci

Yess C'est propre Fameux boulot dis donc Un tout grand merci pour ton aide

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01 Ran by Serge at 2014-03-31 13:47:25 Run:1 Running from C:\Documents and Settings\Serge\Bureau Boot Mode: Normal ============================================== Content of fixlist: ***************** (Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe (Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe SearchScopes: HKLM - DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://go.speedbit.com/search.aspx?s=E3Laya1&q={searchTerms} SearchScopes: HKLM - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://go.speedbit.com/search.aspx?s=E3Laya1&q={searchTerms} FF DefaultSearchEngine: Speedbit Search FF SearchEngineOrder.1: Speedbit Search FF SelectedSearchEngine: Speedbit Search CHR DefaultSearchProvider: Speedbit Search R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [1751672 2014-03-04] (Speedbit Ltd.) R3 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [31640 2014-03-04] () C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys D373A079631118A9111DAF19A4E23596 2014-03-21 20:55 - 2014-03-26 13:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SpeedBit 2014-03-26 13:15 - 2014-03-21 20:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SpeedBit ***************** [2092] C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe => Process closed successfully. [4972] C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe => Process closed successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => Key not found. Firefox DefaultSearchEngine deleted successfully. Firefox SearchEngineOrder.1 deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox Keyword.URL deleted successfully. CHR DefaultSearchProvider: Speedbit Search ==> The Chrome "Settings" can be used to fix the entry. SBUpd => Service deleted successfully. SBUpdd => Service stopped successfully. SBUpdd => Service deleted successfully. "C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys D373A079631118A9111DAF19A4E23596" => File/Directory not found. C:\Documents and Settings\All Users\Application Data\SpeedBit => Moved successfully. "C:\Documents and Settings\All Users\Application Data\SpeedBit" => File/Directory not found. ==== End of Fixlog ====

Toujours les traces de SB dans les rapports http://cjoint.com/?DCFnkySO9Su http://cjoint.com/?DCFnlbzi1Jf http://cjoint.com/?DCFnlJZfgRi

http://cjoint.com/?DCFmKJ6r2Vl

combofix touné Console récup aussi reboot ComboFix 14-03-24.01 - Serge 31/03/2014 11:13:15.1.3 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.32.1036.18.2815.1913 [GMT 2:00] Lancé depuis: c:\documents and settings\Serge\Bureau\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . ADS - WINDOWS: deleted 24 bytes in 1 streams. . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Serge\WINDOWS C:\Documents c:\windows\system32\upd83.tmp c:\windows\system32\upd84.tmp E:\install.exe . . ((((((((((((((((((((((((((((( Fichiers créés du 2014-02-28 au 2014-03-31 )))))))))))))))))))))))))))))))))))) . . 2014-03-30 18:12 . 2014-03-30 18:12 -------- d-sh--w- c:\documents and settings\Serge\PrivacIE 2014-03-30 17:33 . 2014-03-30 17:33 -------- d-sh--w- c:\documents and settings\Serge\IETldCache 2014-03-30 17:05 . 2014-03-30 17:06 -------- d--h--w- c:\windows\$hf_mig$ 2014-03-30 17:04 . 2014-03-30 17:05 -------- dc-h--w- c:\windows\ie8 2014-03-30 16:56 . 2014-02-24 11:45 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2014-03-30 16:55 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll 2014-03-30 16:55 . 2014-02-24 11:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2014-03-30 16:55 . 2014-02-24 11:45 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2014-03-30 16:55 . 2014-02-24 11:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2014-03-30 16:55 . 2014-02-24 11:45 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2014-03-30 16:55 . 2014-02-24 11:45 2006016 -c----w- c:\windows\system32\dllcache\iertutil.dll 2014-03-30 16:55 . 2014-02-24 11:45 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2014-03-30 16:55 . 2014-02-24 11:45 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll 2014-03-29 11:58 . 2014-03-29 12:28 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-03-29 11:55 . 2014-03-29 11:55 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2014-03-29 11:55 . 2014-03-05 08:26 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-03-29 08:43 . 2014-03-29 08:43 -------- d-----w- c:\windows\ERUNT 2014-03-26 16:23 . 2014-03-29 23:19 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2014-03-26 13:03 . 2014-03-30 18:10 -------- d-----w- c:\documents and settings\Serge\Application Data\ZHP 2014-03-26 13:03 . 2014-03-29 23:18 -------- d-----w- c:\program files\ZHPDiag 2014-03-26 12:05 . 2013-12-18 19:46 145408 ----a-w- c:\windows\system32\javacpl.cpl 2014-03-26 12:05 . 2013-12-18 20:10 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2014-03-26 11:47 . 2014-03-29 09:27 -------- d-----w- C:\AdwCleaner 2014-03-26 11:27 . 2014-03-26 11:27 -------- d-----w- c:\documents and settings\Serge\Local Settings\Application Data\Skype 2014-03-26 11:27 . 2014-03-26 11:27 -------- d-----w- c:\program files\Fichiers communs\Skype 2014-03-26 11:27 . 2014-03-26 11:27 -------- d-----r- c:\program files\Skype 2014-03-25 20:00 . 2014-03-25 20:00 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2014-03-25 20:00 . 2014-03-25 20:00 252208 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2014-03-25 20:00 . 2014-03-25 20:00 43152 ----a-w- c:\windows\avastSS.scr 2014-03-25 20:00 . 2014-03-25 20:00 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2014-03-23 04:14 . 2014-03-23 04:14 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2014-03-23 04:13 . 2014-03-23 04:17 -------- d-----w- c:\windows\SHELLNEW 2014-03-23 04:13 . 2014-03-23 04:13 -------- d-----w- c:\documents and settings\Serge\Local Settings\Application Data\Microsoft Help 2014-03-23 04:13 . 2014-03-23 04:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2014-03-23 04:12 . 2014-03-23 04:12 -------- d-----r- C:\MSOCache 2014-03-22 14:14 . 2014-03-22 14:14 -------- d-----w- c:\windows\Performance 2014-03-22 14:13 . 2014-03-22 14:13 -------- d-----w- c:\documents and settings\Serge\Local Settings\Application Data\Microsoft Corporation 2014-03-21 18:55 . 2014-03-26 11:15 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit 2014-03-21 18:54 . 2014-03-21 18:54 -------- d-----w- c:\program files\Common Files 2014-03-02 07:04 . 2014-03-02 07:10 -------- d-----w- c:\documents and settings\Serge\Local Settings\Application Data\STDUViewer 2014-03-02 07:04 . 2014-03-02 07:04 -------- d-----w- c:\program files\Fichiers communs\STDUtility 2014-03-02 07:04 . 2014-03-02 07:04 -------- d-----w- c:\program files\STDU Viewer . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2014-03-25 20:00 . 2013-03-16 06:45 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-03-25 20:00 . 2013-03-16 06:45 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-03-25 20:00 . 2013-03-16 06:45 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys 2014-03-25 20:00 . 2011-10-30 11:35 411552 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-03-25 20:00 . 2011-10-30 11:35 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2014-03-25 20:00 . 2011-10-30 11:35 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2014-03-25 20:00 . 2011-10-30 11:35 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-03-25 20:00 . 2011-10-30 11:34 271264 ----a-w- c:\windows\system32\aswBoot.exe 2014-03-11 22:14 . 2012-04-23 17:21 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-11 22:14 . 2011-10-31 12:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-03-05 08:26 . 2012-12-09 14:24 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-02-24 11:45 . 2008-04-13 17:33 920064 ----a-w- c:\windows\system32\wininet.dll 2014-02-24 11:45 . 2008-04-13 17:33 43520 ------w- c:\windows\system32\licmgr10.dll 2014-02-24 11:45 . 2008-04-13 17:34 1469440 ------w- c:\windows\system32\inetcpl.cpl 2014-02-24 11:44 . 2008-04-13 17:33 18944 ------w- c:\windows\system32\corpol.dll 2014-02-24 10:55 . 2008-04-13 17:00 385024 ------w- c:\windows\system32\html.iec . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-03-25 20:00 260976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Serge\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Serge\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Serge\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Serge\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2013-01-16 2736128] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504] "RTHDCPL"="RTHDCPL.EXE" [2010-09-14 19576424] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048] "NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592] "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 1505144] "APSDaemon"="c:\program files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] "MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2008-04-13 208896] "Opware12"="c:\program files\ScanSoft\OmniPagePro12.0\Opware12.exe" [2002-08-01 49152] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-11-04 90112] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-05-01 421888] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-25 3854640] "AdobeAAMUpdater-1.0"="c:\program files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "AdobeCS5ServiceManager"="c:\program files\Fichiers communs\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "SwitchBoard"="c:\program files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2013-07-02 254336] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . c:\documents and settings\Serge\Menu Démarrer\Programmes\Démarrage\ Dropbox.lnk - c:\documents and settings\Serge\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328] MailWasherPro.lnk - c:\program files\Firetrust\MailWasher Pro\MailWasher.exe [2011-10-29 5215744] . c:\documents and settings\Serge\Menu Démarrer\Programmes\Démarrage\ Dropbox.lnk - c:\documents and settings\Serge\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328] MailWasherPro.lnk - c:\program files\Firetrust\MailWasher Pro\MailWasher.exe [2011-10-29 5215744] . c:\documents and settings\Serge\Menu Démarrer\Programmes\Démarrage\ Dropbox.lnk - c:\documents and settings\Serge\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328] MailWasherPro.lnk - c:\program files\Firetrust\MailWasher Pro\MailWasher.exe [2011-10-29 5215744] . c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2013-10-25 113664] . c:\documents and settings\Serge\Menu Démarrer\Programmes\Démarrage\ Dropbox.lnk - c:\documents and settings\Serge\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328] MailWasherPro.lnk - c:\program files\Firetrust\MailWasher Pro\MailWasher.exe [2011-10-29 5215744] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\Serge\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [25/03/2014 22:00 12112] R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [25/03/2014 22:00 252208] R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [16/03/2013 08:45 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [16/03/2013 08:45 180760] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07/09/2013 17:01 639224] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [25/03/2014 22:00 26136] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30/10/2011 13:35 776976] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [30/10/2011 13:35 411552] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [07/10/2011 19:48 497952] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [07/10/2011 19:48 32640] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [16/03/2013 08:45 67824] R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [25/03/2014 22:00 109048] R2 SBUpd;SpeedBit Update;c:\program files\Common Files\SpeedBit\SBUpdate\sbu.exe [04/03/2014 10:37 1751672] R3 SBUpdd;SpeedBit UpdateD;c:\program files\Common Files\SpeedBit\SBUpdate\sbw.sys [04/03/2014 10:36 31640] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23/10/2013 09:15 172192] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/10/2011 14:31 1691480] S3 SwitchBoard;SwitchBoard;c:\program files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37 517096] . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2013-01-16 10:46 454176 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-03-15 20:04 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe . Contenu du dossier 'Tâches planifiées' . 2014-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 22:14] . 2014-03-31 c:\windows\Tasks\AdobeAAMUpdater-1.0-DOSSAY-9D08EBDE-Serge.job - c:\program files\Fichiers communs\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-10-25 01:44] . 2014-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2014-03-31 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-25 20:00] . 2014-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-29 03:32] . 2014-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-29 03:32] . 2013-01-01 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job - c:\program files\Microsoft IntelliType Pro\itype.exe [2009-11-11 17:06] . 2014-03-31 c:\windows\Tasks\SBWUpdateTask_Logon_f4733d87-6C626DA44CBE.job - c:\program files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe [2013-07-08 07:18] . 2014-03-31 c:\windows\Tasks\SBWUpdateTask_Time_f4733d87-6C626DA44CBE.job - c:\program files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe [2013-07-08 07:18] . 2014-03-31 c:\windows\Tasks\SBW_UpdateTask_Time_313834353933353032372d575b323478415a45375a456c.job - c:\windows\system32\wscript.exe [2008-04-13 17:34] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: Interfaces\{A08FB649-A24A-4BAB-8B4C-B1F5860C831D}: NameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Serge\Application Data\Mozilla\Firefox\Profiles\6sqajc8v.default\ FF - prefs.js: browser.search.selectedEngine - Speedbit Search FF - prefs.js: network.proxy.type - 0 . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-10 - (no file) SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-OziExplorer 3.95_is1 - g:\oziexplorer\unins000.exe AddRemove-OziExplorer3D_is1 - g:\oziexplorer\unins001.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2014-03-31 11:22 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'lsass.exe'(1316) c:\windows\system32\guard32.dll . - - - - - - - > 'explorer.exe'(4436) c:\windows\system32\guard32.dll c:\program files\ScanSoft\OmniPagePro12.0\ophook12.dll c:\documents and settings\Serge\Application Data\Dropbox\bin\DropboxExt.22.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . - - - - - - - > 'csrss.exe'(1224) c:\windows\system32\cmdcsr.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\COMODO\COMODO Internet Security\cmdagent.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Google\Update\1.3.23.9\GoogleCrashHandler.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\windows\system32\rundll32.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac c:\documents and settings\Serge\Application Data\Dropbox\bin\Dropbox.exe c:\progra~1\MICROS~3\rapimgr.exe c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe . ************************************************************************** . Heure de fin: 2014-03-31 11:30:05 - La machine a redémarré ComboFix-quarantined-files.txt 2014-03-31 09:29 . Avant-CF: 131.853.389.824 octets libres Après-CF: 131.756.081.152 octets libres . WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - A1C0CF8CD7CEB0D0FF464C741763767C C99C3199CFAA4CBDCD91493F6D113A50