voici:
############################## | UsbFix V 7.161 | [Recherche]
Utilisateur: laurent (Administrateur) # PC-DE-LAURENT
Mis à jour le 15/01/2014 par El Desaparecido - Team SosVirus
Lancé à 13:20:55 | 20/01/2014
Site Web :
http://www.usbfix.net
Changelog :
http://www.usbfix.net/maj/
Support :
http://www.sosvirus.net/
Upload Malware :
http://www.sosvirus.net/upload_malware.php
Contact :
http://www.usbfix.net/contact/
PC: Acer (EM61SM/EM61PM )
CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
RAM -> [Total : 1023 Mo| Free : 389 Mo]
Bios: Phoenix Technologies, LTD
Boot: Normal boot
OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Mozilla Firefox : 26.0
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [(!) Disabled | Updated]
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 113 Go (48 Go libre(s) - 42%) [ACER] # NTFS
D:\ -> Disque fixe # 113 Go (103 Go libre(s) - 91%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
J:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 612 |ParentID: 600)
C:\Windows\system32\wininit.exe (ID: 652 |ParentID: 600)
C:\Windows\system32\csrss.exe (ID: 664 |ParentID: 644)
C:\Windows\system32\services.exe (ID: 700 |ParentID: 652)
C:\Windows\system32\lsass.exe (ID: 712 |ParentID: 652)
C:\Windows\system32\lsm.exe (ID: 720 |ParentID: 652)
C:\Windows\system32\svchost.exe (ID: 860 |ParentID: 700)
C:\Windows\system32\winlogon.exe (ID: 920 |ParentID: 644)
C:\Windows\system32\nvvsvc.exe (ID: 944 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 976 |ParentID: 700)
C:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 1016 |ParentID: 700)
C:\Windows\System32\svchost.exe (ID: 1116 |ParentID: 700)
C:\Windows\System32\svchost.exe (ID: 1184 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 1204 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 1300 |ParentID: 700)
C:\Windows\system32\SLsvc.exe (ID: 1316 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 700)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ID: 1524 |ParentID: 944)
C:\Windows\system32\nvvsvc.exe (ID: 1532 |ParentID: 944)
C:\Windows\system32\svchost.exe (ID: 1552 |ParentID: 700)
C:\Windows\System32\spoolsv.exe (ID: 2016 |ParentID: 700)
C:\Windows\system32\Dwm.exe (ID: 2036 |ParentID: 1184)
C:\Windows\system32\svchost.exe (ID: 120 |ParentID: 700)
C:\Windows\Explorer.EXE (ID: 288 |ParentID: 1956)
C:\Windows\system32\taskeng.exe (ID: 372 |ParentID: 1204)
C:\Windows\system32\taskeng.exe (ID: 760 |ParentID: 1204)
C:\Windows\RtHDVCpl.exe (ID: 1564 |ParentID: 288)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 1588 |ParentID: 288)
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ID: 1908 |ParentID: 288)
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (ID: 1900 |ParentID: 288)
C:\Program Files\Vista Start Menu\VistaStartMenu.exe (ID: 216 |ParentID: 288)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 2204 |ParentID: 700)
C:\Windows\ATKKBService.exe (ID: 2228 |ParentID: 700)
C:\Windows\System32\bgsvcgen.exe (ID: 2240 |ParentID: 700)
C:\Windows\ehome\ehRecvr.exe (ID: 2284 |ParentID: 700)
C:\Windows\ehome\ehsched.exe (ID: 2296 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 2344 |ParentID: 700)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (ID: 2476 |ParentID: 700)
C:\Windows\system32\taskeng.exe (ID: 2516 |ParentID: 1204)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (ID: 2700 |ParentID: 700)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 2728 |ParentID: 700)
C:\Program Files\Microsoft LifeCam\MSCamS32.exe (ID: 2764 |ParentID: 700)
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (ID: 2788 |ParentID: 700)
C:\Program Files\Polar\Daemon\polard.exe (ID: 2820 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 2844 |ParentID: 700)
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (ID: 2856 |ParentID: 700)
C:\Windows\system32\svchost.exe (ID: 2920 |ParentID: 700)
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (ID: 2948 |ParentID: 700)
C:\Windows\system32\UAService7.exe (ID: 3020 |ParentID: 700)
C:\Windows\system32\SearchIndexer.exe (ID: 3060 |ParentID: 700)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3224 |ParentID: 700)
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (ID: 3296 |ParentID: 2948)
C:\Program Files\Windows Media Player\wmpnscfg.exe (ID: 3820 |ParentID: 288)
C:\Windows\system32\SearchProtocolHost.exe (ID: 3256 |ParentID: 3060)
C:\Windows\system32\SearchFilterHost.exe (ID: 3252 |ParentID: 3060)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1500 |ParentID: 860)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ID: 852 |ParentID: 1524)
################## | Regedit Run |
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
04 - HKLM\..\Run : [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-4158589418-311073554-940919832-1000\..\Run : [VistaStartMenu] C:\Program Files\Vista Start Menu\VistaStartMenu.exe
04 - HKU\S-1-5-21-4158589418-311073554-940919832-1000\..\Run : [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|EnableShellExecuteHooks -> 1
Présent! HKLM\Software\Microsoft\Security Center|UacDisableNotify -> 1
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowPrinters -> 0
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSetProgramAccessAndDefaults -> 0
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\acer.empowering.framework.supervisor.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\decryption.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\edstbmngr.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\eperformance.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\eragent.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npsguide.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nw-e000 series manuals.exe
Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\acer.empowering.framework.supervisor.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\decryption.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\edstbmngr.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\eperformance.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\eragent.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npsguide.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nw-e000 series manuals.exe
Présent! HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe
################## | Vaccin |
################## | E.O.F |
http://www.usbfix.net -
http://www.sosvirus.net |
puis
RogueKiller V8.8.2 [Jan 17 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees :
http://www.adlice.com/forum/
Site Web :
http://www.sur-la-toile.com/RogueKiller/
Blog :
http://www.adlice.com
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : laurent [Droits d'admin]
Mode : Suppression -- Date : 01/20/2014 13:30:00
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 6 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (C:\Windows\System32\drivers\sfsync02.sys @ 0x83A788B4)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x368E4566)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x368E4566)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x368E4566)
[Inline] EAT @firefox.exe (?UndefinedHandleValue@JS@@3V?$Handle@VValue@JS@@@1@B) : mozjs.dll -> HOOKED (Unknown @ 0x72BEFDB1)
[Inline] EAT @firefox.exe (?singleton@CrossCompartmentWrapper@js@@2V12@A) : mozjs.dll -> HOOKED (Unknown @ 0x5ABEC2CC)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDT725025VLA SCSI Disk Device +++++
--- User ---
[MBR] 92837347c87d940b3f8d6e6e9ca587fd
[BSP] 42fb87e6620cefab125618f5128b0fc9 : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 6997 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 14329980 | Size: 115914 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 251722485 | Size: 115561 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
Termine : << RKreport[0]_D_01202014_133000.txt >>
RKreport[0]_S_01202014_132858.txt
puis
RogueKiller V8.8.2 [Jan 17 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees :
http://www.adlice.com/forum/
Site Web :
http://www.sur-la-toile.com/RogueKiller/
Blog :
http://www.adlice.com
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : laurent [Droits d'admin]
Mode : Recherche -- Date : 01/20/2014 13:28:58
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 6 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (C:\Windows\System32\drivers\sfsync02.sys @ 0x83A788B4)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\Drivers\UBHelper.sys -> HOOKED (Unknown @ 0x8591F1F8)
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x368E4566)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x368E4566)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x368E4566)
[Inline] EAT @firefox.exe (?UndefinedHandleValue@JS@@3V?$Handle@VValue@JS@@@1@B) : mozjs.dll -> HOOKED (Unknown @ 0x72BEFDB1)
[Inline] EAT @firefox.exe (?singleton@CrossCompartmentWrapper@js@@2V12@A) : mozjs.dll -> HOOKED (Unknown @ 0x5ABEC2CC)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
[...]
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDT725025VLA SCSI Disk Device +++++
--- User ---
[MBR] 92837347c87d940b3f8d6e6e9ca587fd
[BSP] 42fb87e6620cefab125618f5128b0fc9 : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 6997 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 14329980 | Size: 115914 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 251722485 | Size: 115561 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
Termine : << RKreport[0]_S_01202014_132858.txt >>
puis
RogueKiller V8.8.2 [Jan 17 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees :
http://www.adlice.com/forum/
Site Web :
http://www.sur-la-toile.com/RogueKiller/
Blog :
http://www.adlice.com
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : laurent [Droits d'admin]
Mode : Raccourcis RAZ -- Date : 01/20/2014 13:39:56
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 1 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 0 / Fail 0
Mes documents: Success 7 / Fail 7
Mes favoris: Success 0 / Fail 0
Mes images: Success 1 / Fail 0
Ma musique: Success 1 / Fail 0
Mes videos: Success 1 / Fail 0
Disques locaux: Success 7 / Fail 35
Sauvegarde: [NOT FOUND]
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\CdRom1 -- 0x5 --> Skipped
[F:] \Device\CdRom0 -- 0x5 --> Skipped
[H:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[I:] \Device\HarddiskVolume6 -- 0x2 --> Restored
[J:] \Device\CdRom2 -- 0x5 --> Skipped
[K:] \Device\HarddiskVolume4 -- 0x2 --> Restored
[L:] \Device\HarddiskVolume7 -- 0x2 --> Restored
[M:] \Device\HarddiskVolume8 -- 0x2 --> Restored
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[0]_SC_01202014_133956.txt >>
RKreport[0]_D_01202014_133000.txt;RKreport[0]_S_01202014_132858.txt
Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
Fichier d'export Registre :
Run by laurent at 20/01/2014 13:33:48
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Corbeille vidée (00mn 03s)
========== Clés du Registre ==========
SUPPRIMÉ: HKCU\Software\LdShih
SUPPRIMÉ: HKCU\Software\Multi_Media_France
SUPPRIMÉ: HKCU\Software\PartyFrance
SUPPRIMÉ: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go for FilesUpdate
SUPPRIMÉ: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate
SUPPRIMÉ: HKCU\Software\Microsoft\aoprndtws
SUPPRIMÉ: HKCU\Software\Microsoft\removerp
SUPPRIMÉ: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
SUPPRIMÉ: HKCU\Software\Classes\MF
SUPPRIMÉ: HKLM\Software\Classes\Interface\{12FB9C3D-0875-4CAA-B3B1-9DCCCE749DE5}
SUPPRIMÉ: HKLM\SYSTEM\CurrentControlSet\Services\RKHit
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}
SUPPRIMÉ: HKLM\Software\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}
SUPPRIMÉ: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E4E012DC-1925-48E9-8010-2D195574642A}
SUPPRIMÉ: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E4E012DC-1925-48E9-8010-2D195574642A}
SUPPRIMÉ: HKLM\Software\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}
SUPPRIMÉ: HKLM\Software\Classes\IminentBHONavigationError.CHelperBHO.1
SUPPRIMÉ: HKLM\Software\Classes\AppID\Iminent.BHO.NavigationError.DLL
========== Eléments de donnée du Registre ==========
REMPLACÉ Value Start_ShowSetProgramAccessAndDefaults : Good (1) - Bad (0)
========== Dossiers ==========
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{008D762C-A378-4355-A581-2D1A8A740222}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{00FA054C-D814-4583-9062-0F2F3D52D84C}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{02E66A0A-7D0B-4C66-BDD2-8CDF2D8529C4}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{0312274C-C3A3-48C5-85D5-78136CF542F7}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{0645A37A-9B07-4536-8814-3F9930CC5774}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{082647D4-F10A-44B7-9E6F-9A38F663C056}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{0A14CC84-13F1-4611-9B4C-845C14516CAB}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{0A2E2203-03C0-4DAF-B92D-01342BB623E9}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{100EDAEB-D789-43CE-AF32-9D091DA0638F}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{156BD0EE-4289-4A9C-87CC-0D1ED0A476D2}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{18AD71AF-B219-43F7-B359-CD08FC044105}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{1AD2E6C2-0E4E-4DD9-99A2-0A72BB2C3A0D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{1D6C0CF2-B1CC-42E7-8E77-0B63C921BB2D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{1F64C142-D3B9-4F65-A307-9D48902050B1}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{23F76FA8-1018-41E2-A946-81B6FC9EB983}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{25FF0AB2-CA57-4136-B1BA-DD974B9872B1}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{26941D5A-BDF2-4D3E-B3C0-CAF8F2E10573}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{27E4DFB9-3F72-440F-8086-2E847DA21618}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{28483718-AD25-4C06-91EA-ADF711F2A3EF}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2958B5B3-CB90-40D7-B738-B60980500551}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2B167CBC-9270-465A-A3F7-EB095695AEA8}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2BBA137F-12F9-4A70-AB07-00AB785869D7}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2DA54A6E-1DFE-40E4-991B-CCEB73E956AF}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2F2B6F17-45FE-450F-85A4-9C5630F2ADD3}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2F84FCE2-AAA3-4484-AFAC-FB02E96CBDFA}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{2F9557ED-3004-4310-BCC8-2D48230C7807}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{30A4E921-7A8B-4BBE-AA53-262C0022F67D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{35DC9016-52EF-4DF0-B6E2-04D93E4D6644}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{37D7B956-CBD0-49A1-8EEA-C4EACB4CCD95}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{3B3327D0-0DC8-46C6-904F-6F3709B75975}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{3F3FF519-9E1F-4AE0-A2A5-F73BA2B69363}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{442C42AF-B851-4351-BF14-DE936828D985}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{44CAAB2F-C1C0-4CDB-A06D-0B83E99B7298}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{45AD9713-A34A-4B23-AAA4-223C3504AA99}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{4B311591-283B-4C0B-B05A-DD0020A96369}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{4FFC854B-368E-4300-A683-C43484EEE1E7}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{51865C92-856A-47D9-9DF9-A783A0E22E76}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{54BB3B7A-5F84-4F7C-9390-C630C5AF727C}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{5801BF50-F77D-408D-B3C2-0AEEA91C1118}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{5C15FBEF-DE16-4562-88F5-97D5F2DCB77B}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{5E522D8A-0F94-40AD-AED7-FBE1C848AB92}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{5F3FEA2C-4F25-4942-A787-85BA193B86EA}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6037E664-3E5E-4595-86A7-6A74EDD658ED}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{61779FD2-F239-4973-A052-B8C773E84F78}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{63406347-AE56-4AA6-B8C4-D6DD4A9D4892}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6456AC34-3F7B-4D9E-A61E-D4F330E355E0}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6890FC13-5950-44AD-8DF8-DD4FCFF82F95}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6B136DFA-FCDB-48CA-AFA6-2377D1A84E39}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6B369E7E-5B08-4319-808D-1102B1A2DEAC}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6D968C77-4781-4A51-B507-B171C7B36726}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6F4B224C-4FD8-4280-9BC0-4EF0FCA4355D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{6FE070E6-940D-4C42-B943-44448E0241EF}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{708E2BBE-9183-4847-9736-8B879925B4C7}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{718B3613-CDE6-481C-A2BC-92A179567693}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{793511CE-11E1-40C3-BA27-243DD75EF77B}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{7D0CCE5F-BD90-4255-9F34-306119AAB2B1}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{804AEB96-DCFF-40E5-98FB-685EE0FF1F81}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{8081ECC2-AE26-44A7-BA27-4F0F62E80FCA}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{83C95CA0-FFCD-4F13-B1B9-08DC2A50429E}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{842F35A6-48AE-4C2B-B52D-F4DC73C16513}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{86D3DD13-C037-4AB4-B829-32C631954EDD}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{87A6DD36-D3F4-460E-83DD-84668B258A0C}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{87F4D6B1-DEA2-41E0-8FF5-B247286C4CFA}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{8AA647E7-AE3E-49DF-B5BD-94A3CDF894BC}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{8AD3C203-B3CE-4292-9AEB-8902580F9A74}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{8CEC1BE4-DFBF-46A5-A948-B2249E5BDC21}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{8CF096CC-A761-4F6A-A8B5-5126319E1321}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{8D0FB413-874F-409D-8F4A-402B64BC43BB}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{90186292-152A-41A3-A4D5-B158ADC3B762}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{923FDDFF-BB54-4D2D-A25C-8C9255F5236A}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{92A94192-FD57-4C5C-A288-18F2B16BC26F}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{92DC0F05-5556-4D22-927C-014ABB6C63AA}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{94C3104C-FD3A-4668-B058-2355F83B601A}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{94E908BF-69FD-4156-AED3-4163F99FD6F1}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{993DEB2F-383E-4B25-B7BB-4DE605A50C83}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{995A12A5-0E1C-4746-BF3D-BD442576F593}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{998E5498-A174-4EE6-87F3-1152DB50F974}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{9AD3EA51-C5AE-4034-B7F8-F8C6C0F2B3D6}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{9D2F2E25-FF41-413E-8FDB-AFF6585C96F9}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{9E177E1D-42EC-4FDC-B5B4-2E151D723158}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{9E84850A-F18D-4D17-99D8-95966622A946}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{9EF403B4-017E-4A05-AFB2-41EF14B79F9A}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{9FD9BCCD-8A64-4A56-9165-2526788241C5}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A0782DEC-A688-413C-B502-17D4F8FC3D05}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A14DB72B-8148-4B5D-8315-FE980E2EB83D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A40ECE98-2414-4DDF-8668-54898D741149}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A508217F-7EA5-4B82-B71F-D90CE43FA4C2}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A6860EA6-0DCD-4043-83F9-5A82B8143D1D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A78D6CEC-94D6-40E4-B925-27629F93EB09}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A7C8B537-A9C2-4994-8CBE-B3AD14090733}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A8273EEA-4B0E-495F-BEAF-DE082DA07CD3}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{A997A556-D5C1-4234-8F15-98A866F3CA9D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{AD80F96D-C1AA-43A3-8D4B-46C2E70C6E84}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{AE85C48A-4342-4185-834D-E5B4857D0736}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{B207DD43-191F-4AEB-8D86-6FA534643F18}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{B4AC3A2E-6786-4F54-8078-A9B6A044BE2A}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{B90F5529-B5CD-4B44-87D7-8A19D40921ED}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{BC6DE009-02D4-4869-9AE9-92F274442EA6}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{BDD41132-E212-43D7-B5F5-109E656AE25D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{BEE036C6-C707-46D5-8A77-878420220257}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{BEEC41A9-55A1-4879-84FB-CBEB9084F6D0}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C198E2B9-72C4-4950-99D6-2138ED4DBF0B}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C19D2E26-4A41-4879-892C-29C110FA3B2E}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C2599A75-4A89-4D8F-93A6-77A46BE82348}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C60451D6-E8A0-4460-9659-B1F2B8CAD8C3}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C7F9FCAA-1112-446D-B63F-A0F9952EB4F0}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C88F9EBF-5B3C-4B71-81F0-387DF1E146FE}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C893E055-D91F-4482-A081-0B114FF071F0}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C9041368-51E3-42DD-81A4-091FB6538B8B}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C93BB77F-8FA4-434F-82B8-24E8209AD6D4}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C98C3CE3-EEC3-467D-BF1A-2085680D2E80}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{C9F8CFE3-F6F7-40D1-B27C-3B058BF98025}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{CA8E6BEA-62CE-4CD6-A279-CAC26C0FEB26}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{CB8E5A76-2939-4D01-8F5C-23A7E1ACBDB5}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{CE247140-E2A1-4B0A-B58A-928B8587F1C6}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{D4067E9D-3A9C-49EA-AE7D-6F5358CB0C38}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{D5212D3E-88BA-4AA1-A095-A133A8EA6A08}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{D5B3DB68-5B4B-40EF-A1BF-24E0ECA4677D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{D5DC3F7F-833A-4BCE-B9ED-D35DA97AF69F}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{D6B38130-7332-45E8-997C-EA0D71A1D61D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{D74344AC-10F4-43CC-94B9-0F4E7A95A83D}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{DB238225-3E58-40BE-A8B8-4EB333EA42D5}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{DCC03007-AB76-4677-9B0A-BCD196FDBB16}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E3E8C868-CF47-4242-AA86-49A42B7F5B4B}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E43FD642-39BA-4D45-9DA3-60DE70B146BC}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E6D0F3B2-5147-4628-BDE2-B9E725096E71}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E7FA35C5-3CC2-4A4B-A5E1-903FB36D52B5}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E86567B7-BA7D-4D2B-A2E9-5CEB898C9425}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E8D6AFCC-BE49-4581-9015-9F24ACFED7F7}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{E9F02BF4-4CE4-4B08-9AB5-7C007A7ED50E}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{EA10496A-1F3F-4C08-9016-F15E9B13438E}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{EA3C67D2-A339-47B9-891A-250D314B81E3}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{EB058921-55FC-4424-AC83-CF4441BD301C}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{EDF8EF4B-48FB-4865-A7A4-2EBD8022E327}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{EE0C08ED-30BC-4A85-9C64-FB050D5187CD}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{F078FC75-5DB4-4F8A-BBD7-1F071037C135}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{F2F11435-E494-4E6E-BBCB-2BBF431F4D0C}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{F4CF7726-4987-40D3-9D8A-A48999A3EF9F}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{F9C5CB85-3FD8-4DF7-924D-651EAB42C265}
SUPPRIMÉ: C:\Users\laurent\AppData\Local\{FBB71AB4-DAB4-4EAA-AFE2-E7CA6F2B0765}
========== Fichiers ==========
SUPPRIMÉ: C:\Windows\Installer\14514f2.msi
SUPPRIMÉ: C:\Windows\Installer\21870bc.msi
SUPPRIMÉ: C:\Windows\Installer\280449.msi
SUPPRIMÉS Flash Cookies (83) (51 028 octets)
SUPPRIMÉS Temporaires Windows (65) (12 177 216 octets)
========== Récapitulatif ==========
19 : Clés du Registre
1 : Eléments de donnée du Registre
140 : Dossiers
5 : Fichiers
End of clean in 00mn 32s
========== Chemin de fichier rapport ==========
C:\Users\laurent\AppData\Roaming\ZHP\ZHPFix[R1].txt - 13/01/2014 14:34:41 [599]
C:\Users\laurent\AppData\Roaming\ZHP\ZHPFix[R2].txt - 20/01/2014 13:33:52 [13819]