impossible de télécharger le moindre "ZHPDiag"...une vraie conspiration...donc je vous envois le rapport de "Rogue killer" :
RogueKiller V8.6.2 [Jul 2 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees :
hxxp://www.adlice.com/forum/Site Web :
http://www.sur-la-toile.com/RogueKiller/Blog :
http://tigzyrk.blogspot.com/Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur : Ffyes [Droits d'admin]
Mode : Recherche -- Date : 07/16/2013 18:57:25
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 3 ¤¤¤
[SUSP PATH] eGdpSvc.exe -- C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe [7] -> TUÉ [TermProc]
[BLPATH] tuto4pc_fr_43.exe -- C:\Program Files\tuto4pc_fr_43\tuto4pc_fr_43.exe [7] -> TUÉ [TermProc]
[BLPATH] upt4pc_fr_43.exe -- C:\Documents and Settings\Ffyes\Local Settings\Application Data\tuto4pc_fr_43\upt4pc_fr_43.exe [7] -> TUÉ [TermProc]
¤¤¤ Entrees de registre : 3 ¤¤¤
[RUN][BLPATH] HKLM\[...]\Run : tuto4pc_fr_43 ("C:\Program Files\tuto4pc_fr_43\tuto4pc_fr_43.exe" [7]) -> TROUVÉ
[RUN][BLPATH] HKLM\[...]\Run : upt4pc_fr_43.exe (C:\Documents and Settings\Ffyes\Local Settings\Application Data\tuto4pc_fr_43\upt4pc_fr_43.exe -runhelper [7]) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V1][ROGUE ST] Plus-HD-2.3-chromeinstaller.job : C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe - /installcrx /agentregpath='Plus-HD-2.3' /extensionfilepath='C:\Program Files\Plus-HD-2.3\33426.crx' /appid=33426 /srcid='000208' /subid='0' /zdata='0' /bic=5330F2BDC5C84CEF9850DB6F7B81E6E5IE /verifier=3b2feb86a20286fe5c9ade6c5a18aa8c /installerversion=1_27_153 /installerfullversion=1.27.153.9 /installationtime=1373969913 /statsdomain=hxxp://stats.statsdatasrv.com /errorsdomain=hxxp://errors.statsdatasrv.com /waitforbrowser=300 /extensionid=omfoidjpeklpjhlhabhcomekbkclkbec /extensionversion=1.23.24 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ISbqxJwyMhm5pgIoRpzBVwFnAOSc+HsTEOpRNjd/dCJp6UThqmkObQsHv9aN+pXeCaY3ZoaV1vOR7Rh7KnyOi8zUEq5n4am+x7gqd+ZvEaaKNhL6CuNPkZJGwZcRdcpH+EcjaPkcDv4q3l3IBf8Fg8U0oDZAZCG0Arbc84SukQIDAQAB /allusers /allprofiles /externallog='' [7][x][x][x][x][x][x] -> TROUVÉ
[V1][ROGUE ST] Plus-HD-2.3-firefoxinstaller.job : C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe - /installxpi /agentregpath='Plus-HD-2.3' /extensionfilepath='C:\Program Files\Plus-HD-2.3\33426.xpi' /appid=33426 /srcid='000208' /subid='0' /zdata='0' /bic=5330F2BDC5C84CEF9850DB6F7B81E6E5IE /verifier=3b2feb86a20286fe5c9ade6c5a18aa8c /installerversion=1_27_153 /installerfullversion=1.27.153.9 /installationtime=1373969913 /statsdomain=hxxp://stats.statsdatasrv.com /errorsdomain=hxxp://errors.statsdatasrv.com /waitforbrowser=300
/extensionid=7125a285-7e68-47aa-9d72-e8 ... 7c5fda.com /extensionversion=0.91 /prefsbranch=a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426 /updateurl=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/33426.rdf /allusers /allprofiles /externallog='' [7][x][x][x][x][x][x][x][x] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : Rogue.ProgFiles ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Maxtor 6E040L0 +++++
--- User ---
[MBR] 0c4872faff96738967e22ac735ef8f69
[BSP] ad473261083203306dd0e791495347d9 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39197 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: Maxtor 6E040L0 +++++
--- User ---
[MBR] 847c4292ffb5751fe7dc59e76a607740
[BSP] bbeea90dba5c23dccb83d12b7c344962 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78159 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_07162013_185725.txt >>