Sujet Précédent Sujet Suivant

Analyse du PC

Résolu/Fermé
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 - 5 avril 2011 à 20:09
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 - 10 avril 2011 à 14:37
Bonjour,

Je demande votre aide après les analyses que je viens de faire suite à le non fonctionnement de ma barre de Tâches, et du ralentissement de mon PC à la mise en route et à la fermeture de celui-ci. Je vous ajoute deux liens si dessous de l'analyse du logiciel ZHPDiag et du logiciel Anti-Malware (MBAM). Je vous remercie de votre aide !

Voici les deux liens :
ZHPDIAG
http://www.cijoint.fr/cjlink.php?file=cj201104/cijAoUM8XG.txt
Anti-Malware (MBAM)
http://www.cijoint.fr/cjlink.php?file=cj201104/cijVcdnQ72.txt

Merci.
A voir également:

35 réponses

  • 1
  • 2
Réponse 1 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
Modifié par jfkpresident le 5/04/2011 à 21:14
Bonsoir,

Un pc sur-infecté ....Merci Bitorrent :(

? Télécharge FindyKill sur ton bureau :

http://www.teamxscript.org/findykillTelechargement.html

! Déconnecte toi et ferme toutes applications en cours !

* Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

* Fais un clic droit sur le raccourci FindyKill présent sur ton bureau et choisis "éxécuter en tant qu'administrateur" .

* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

* Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

? Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )


***Membre Contributeur Sécurité***
0
Réponse 2 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
5 avril 2011 à 22:16
############################## | FindyKill V5.052 |

# User : raphael (Administrateurs) # PC-DE-RAPHAEL
# Update on 23/10/2010 by El Desaparecido
# Start at: 22:15:12 | 05/04/2011
# Website : http://www.teamxscript.org/
# Contact : eldesaparecido@teamxscript.org

# Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
# Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 64-bit) # Service Pack 2
# Internet Explorer 7.0.6002.18005
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 916,78 Go (298,22 Go free) [HP] # NTFS
# D:\ # Disque fixe local # 14,73 Go (2,08 Go free) [FACTORY_IMAGE] # NTFS
# E:\ # Disque CD-ROM # 181,24 Mo (0 Mo free) [IP71] # CDFS
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque CD-ROM
# K:\ # Disque fixe local # 698,46 Go (601,28 Go free) [STOREX] # FAT32

################## | Eléments infectieux |

E:\autorun.inf

################## | Registre |


################## | Etat |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Uac : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | ! Fin du rapport # FindyKill V5.052 ! |
0
Réponse 3 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
5 avril 2011 à 23:08
! Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

* Fais un clic droit sur le raccourci FindyKill présent sur ton bureau et choisis "éxécuter en tant qu'administrateur" .

* Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

* Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

* Le pc va redémarrer automatiquement ...

? le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

--> Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
0
Réponse 4 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
6 avril 2011 à 16:20
C'est normal que ça soit aussi long ? Je les mis environ as 14h15 et la il n'est qu'à 40% je m'inquiète un peu.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
6 avril 2011 à 17:58
############################## | FindyKill V5.052 |

# User : raphael (Administrateurs) # PC-DE-RAPHAEL
# Update on 23/10/2010 by El Desaparecido
# Start at: 14:11:03 | 06/04/2011
# Website : http://www.teamxscript.org/
# Contact : eldesaparecido@teamxscript.org

# Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
# Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 64-bit) # Service Pack 2
# Internet Explorer 7.0.6002.18005
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 916,78 Go (297,92 Go free) [HP] # NTFS
# D:\ # Disque fixe local # 14,73 Go (2,08 Go free) [FACTORY_IMAGE] # NTFS
# E:\ # Disque CD-ROM # 181,24 Mo (0 Mo free) [IP71] # CDFS
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque CD-ROM
# K:\ # Disque fixe local # 698,46 Go (601,28 Go free) [STOREX] # FAT32
# L:\ # Disque amovible # 245,27 Mo (136,62 Mo free) [LEXAR MEDIA] # FAT

################## | Eléments infectieux |

(!) Non supprimé ! E:\autorun.inf

################## | CRC32 ... |


################## | Registre |


################## | Etat |

# Mode sans echec : OK


# Affichage des fichiers cachés : OK

# Uac : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | Fichiers corrompus |

... OK !

################## | Upload |

Veuillez envoyer le fichier : C:\FindyKill_Upload_Me_PC-de-raphael.zip : http://www.teamxscript.org/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # FindyKill V5.052 ! |
0
Réponse 6 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 avril 2011 à 20:34
Télécharges ComboFix à partir d'un de ces liens :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
https://forospyware.com
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

? Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

? Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
la protection en temps réel de ton Antivirus et de tes Antispywares,
qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.


Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt,.
est automatiquement sauvegardé et rangé à C:\Combofix.txt)

? Réactive la protection en temps réel de ton Antivirus et de tes Antispywares,
avant de te reconnecter à internet.

? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
0
Réponse 7 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
6 avril 2011 à 20:36
Tu penses que cela dure combien de temps ?
0
Réponse 8 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 avril 2011 à 21:41 
Tu penses que cela dure combien de temps ?


C'est a dire ....? Tu parles du temps du scan ? de la durée de la désinfection ? Précises .
0
Réponse 9 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
6 avril 2011 à 22:12
ComboFix 11-04-05.02 - raphael 06/04/2011 21:47:20.1.4 - x64
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.8190.6003 [GMT 2:00]
Lancé depuis: c:\users\raphael\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\64\AutocompletePro64.dll
c:\program files (x86)\AutocompletePro\AutocompletePro.dll
c:\program files (x86)\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files (x86)\AutocompletePro\ChromeSetSearchInBrowser.exe
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\program files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
c:\program files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome\scanquery.jar
c:\program files (x86)\OfferBox
c:\program files (x86)\OfferBox\OfferBox.exe
c:\program files (x86)\OfferBox\OfferBoxBHO.dll
c:\program files (x86)\OfferBox\OfferBoxChromeExtension.crx
c:\program files (x86)\OfferBox\OfferBoxEngine.dll
c:\program files (x86)\OfferBox\offerboxffx@offerbox.com\chrome.manifest
c:\program files (x86)\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
c:\program files (x86)\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\program files (x86)\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
c:\program files (x86)\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\program files (x86)\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\program files (x86)\OfferBox\OfferBoxLauncher.exe
c:\program files (x86)\OfferBox\res\language.xml
c:\program files (x86)\OfferBox\res\loader.gif
c:\program files (x86)\OfferBox\uninst.exe
c:\program files (x86)\ShopperReports3
c:\program files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar
c:\users\raphael\AppData\Roaming\.#
c:\users\raphael\AppData\Roaming\.#\MBX@90C@2A826F8.###
c:\users\raphael\AppData\Roaming\.#\MBX@90C@2A82728.###
c:\users\raphael\AppData\Roaming\OfferBox
c:\users\raphael\AppData\Roaming\OfferBox\config.dat
c:\users\raphael\AppData\Roaming\OfferBox\config.xml
c:\windows\SysWow64\Ijl11.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-06 au 2011-04-06 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-06 20:04 . 2011-04-06 20:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-06 11:54 . 2011-04-06 11:55 -------- d-----w- c:\users\raphael\AppData\Local\{EED00FF0-835C-4623-A280-FE21994A920A}
2011-04-05 20:01 . 2011-04-06 15:55 -------- d-----w- C:\FyK
2011-04-05 16:50 . 2011-04-05 16:50 -------- d-----w- c:\users\raphael\AppData\Roaming\Malwarebytes
2011-04-05 16:50 . 2010-11-29 15:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-05 16:50 . 2011-04-05 16:50 -------- d-----w- c:\programdata\Malwarebytes
2011-04-05 16:50 . 2011-04-05 16:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-05 16:50 . 2010-11-29 15:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-05 16:32 . 2011-04-05 16:32 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-04-05 16:22 . 2011-04-05 16:32 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-04-05 14:52 . 2011-03-09 13:02 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-04-05 14:52 . 2011-03-09 13:02 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-04-05 14:52 . 2011-03-09 13:02 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-04-05 14:52 . 2011-03-09 13:02 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-04-05 14:49 . 2011-03-09 13:07 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-04-05 14:48 . 2011-04-05 14:48 -------- d-----w- c:\users\raphael\AppData\Roaming\TuneUp Software
2011-04-05 14:48 . 2011-04-05 14:52 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
2011-04-05 14:48 . 2011-04-05 14:51 -------- d-----w- c:\programdata\TuneUp Software
2011-04-05 14:47 . 2011-04-05 14:47 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-04-05 14:46 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{267AF1A5-FCBB-43DD-ADB0-3FDA59DA3380}\mpengine.dll
2011-04-05 14:34 . 2011-04-05 14:34 -------- d-----w- c:\users\raphael\AppData\Local\{EE5845EC-F9CD-4ABD-BEC1-5709856FF446}
2011-04-04 16:33 . 2011-04-04 16:33 -------- d-----w- c:\users\raphael\AppData\Local\{BB032A55-3337-4D44-A53A-736C16501F94}
2011-04-03 19:18 . 2011-04-03 19:18 -------- d-----w- c:\users\raphael\AppData\Local\{44A991DC-083E-49FD-B9F6-3647D49002BE}
2011-04-03 16:55 . 2011-04-03 16:55 -------- d-----w- c:\program files (x86)\mIRC
2011-04-03 07:18 . 2011-04-03 07:18 -------- d-----w- c:\users\raphael\AppData\Local\{B237C114-4F08-4671-8B45-4201313BD55F}
2011-04-02 18:43 . 2011-04-02 18:43 -------- d-----w- c:\users\raphael\AppData\Local\{AFF53641-A20D-401A-9A68-5E5C2AF10A99}
2011-04-02 09:14 . 2009-07-14 18:34 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui
2011-04-02 09:14 . 2009-07-14 18:18 42064 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-04-02 09:14 . 2009-07-14 18:18 654928 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-04-02 09:08 . 2011-04-02 09:08 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-04-02 06:42 . 2011-04-02 06:43 -------- d-----w- c:\users\raphael\AppData\Local\{E9C05BD8-111B-4C8D-9F80-746DAA74F6B8}
2011-04-01 16:35 . 2011-04-01 16:36 -------- d-----w- c:\users\raphael\AppData\Local\{D489FE19-CDF6-4473-8C3B-D33278CFFB63}
2011-03-31 16:48 . 2011-03-31 16:48 -------- d-----w- c:\users\raphael\AppData\Roaming\Leadertech
2011-03-31 16:42 . 2011-03-31 16:42 -------- d-----w- c:\programdata\LogiShrd
2011-03-31 16:40 . 2011-03-31 16:40 -------- d-----w- c:\users\raphael\AppData\Local\{65C70E92-4D66-4849-9E03-70E4A2AE8C8F}
2011-03-30 18:43 . 2011-03-30 18:43 -------- d-----w- c:\users\raphael\AppData\Roaming\DarksporeData
2011-03-30 11:50 . 2011-03-30 11:51 -------- d-----w- c:\users\raphael\AppData\Local\{0BF67B70-BC54-4396-AD51-166892E63A94}
2011-03-29 20:42 . 2011-03-29 20:42 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2011-03-29 19:42 . 2011-03-29 19:42 -------- d-----w- c:\users\raphael\AppData\Local\{2C12B17A-2358-43EC-948E-83FF10D8CF12}
2011-03-29 07:41 . 2011-03-29 07:42 -------- d-----w- c:\users\raphael\AppData\Local\{DEE4676B-04FE-4B44-AD1A-778C7DAE74D3}
2011-03-28 20:27 . 2011-03-28 20:46 -------- d-----w- c:\users\raphael\AppData\Roaming\Steinberg
2011-03-28 20:24 . 2005-06-04 07:09 131072 ----a-w- c:\windows\SysWow64\pneng50.dll
2011-03-28 20:24 . 2005-06-04 07:09 352768 ----a-w- c:\windows\SysWow64\pngu3263.dll
2011-03-28 20:24 . 2005-06-04 07:09 81920 ----a-w- c:\windows\SysWow64\ra3214_4.dll
2011-03-28 20:24 . 2005-06-04 07:09 72704 ----a-w- c:\windows\SysWow64\ra3228_8.dll
2011-03-28 20:24 . 2005-06-04 07:09 21504 ----a-w- c:\windows\SysWow64\ra32dnet.dll
2011-03-28 20:24 . 2005-06-04 07:08 87040 ----a-w- c:\windows\SysWow64\ra32sipr.dll
2011-03-28 20:24 . 2005-06-04 07:08 487936 ----a-w- c:\windows\SysWow64\rmbe3260.dll
2011-03-28 20:24 . 2005-06-04 07:11 85504 ----a-w- c:\windows\SysWow64\encdnet.dll
2011-03-28 20:24 . 2005-06-04 07:09 61952 ----a-w- c:\windows\SysWow64\decdnet.dll
2011-03-28 20:24 . 2005-06-04 07:09 130560 ----a-w- c:\windows\SysWow64\pnc3250.dll
2011-03-28 20:18 . 2004-08-31 16:47 21888 ----a-w- c:\windows\SysWow64\drivers\synUSB64.sys
2011-03-28 20:18 . 2004-05-10 13:58 147456 ----a-w- c:\windows\SysWow64\SynsoLChk.dll
2011-03-28 20:18 . 2002-11-25 06:36 45056 ----a-w- c:\windows\SysWow64\Synsopos.exe
2011-03-28 20:18 . 1999-11-30 23:40 401462 ----a-w- c:\windows\SysWow64\temp.000
2011-03-28 20:17 . 2011-03-28 20:18 -------- d-----w- c:\program files (x86)\Syncrosoft
2011-03-28 20:17 . 2005-10-17 07:35 704512 ----a-w- c:\windows\SysWow64\SYNSOACC.dll
2011-03-28 17:04 . 2011-03-28 17:04 -------- d-----w- c:\users\raphael\AppData\Roaming\widestream
2011-03-28 17:04 . 2011-04-06 19:29 -------- d-----w- c:\users\raphael\AppData\Local\widestream6 Air
2011-03-28 17:03 . 2011-03-28 17:03 -------- d-----w- c:\program files (x86)\Widestream6
2011-03-28 17:00 . 2011-03-28 17:00 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2011-03-28 16:59 . 2011-03-28 16:59 -------- d-----w- c:\program files (x86)\VideoLAN
2011-03-28 16:30 . 2011-03-28 16:30 -------- d-----w- c:\users\raphael\AppData\Local\{63456051-3720-4F83-AA61-85CC041AEE61}
2011-03-27 09:10 . 2011-03-27 09:11 -------- d-----w- c:\users\raphael\AppData\Local\{EC62EBFD-41CF-4FA5-A54D-E9A1B7B970EE}
2011-03-26 19:44 . 2011-03-26 19:44 -------- d-----w- c:\users\raphael\AppData\Local\{50CF987A-3243-413D-8EFB-016F46DC6BB6}
2011-03-26 07:49 . 2011-03-26 07:49 -------- d-----w- c:\program files (x86)\Microsoft
2011-03-26 07:43 . 2011-03-26 07:44 -------- d-----w- c:\users\raphael\AppData\Local\{371A170D-F1FB-4B08-9F4F-CFD611798275}
2011-03-25 17:31 . 2011-03-25 17:32 -------- d-----w- c:\users\raphael\AppData\Local\{EFC7E982-C9E2-4F71-819E-E0FC8BE9BF11}
2011-03-24 17:58 . 2011-03-24 17:58 -------- d-----w- c:\users\raphael\AppData\Local\{5AAB49E2-A82A-498E-8751-E2961DDB3A45}
2011-03-24 02:25 . 2011-03-24 02:26 -------- d-----w- c:\users\raphael\AppData\Local\{F17F7597-152D-4890-AB43-7130C176441D}
2011-03-23 13:07 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 13:07 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 13:07 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 13:07 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 13:07 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-23 12:50 . 2011-03-23 12:50 -------- d-----w- c:\users\raphael\AppData\Local\{6FE01663-437F-409E-AA05-AB395528CA7E}
2011-03-22 18:39 . 2011-03-22 18:39 -------- d-----w- c:\users\raphael\AppData\Local\{FE156886-D9C1-45FD-A1D4-9DAFCB3BFD79}
2011-03-21 17:26 . 2011-03-21 17:26 -------- d-----w- c:\users\raphael\AppData\Local\{904F528A-1F79-49D4-80C9-24D82F48F1F7}
2011-03-20 10:08 . 2011-03-20 10:08 -------- d-----w- c:\users\raphael\AppData\Local\{6F9DB2E1-8B2E-4375-999E-80F8C5D61EAF}
2011-03-20 00:27 . 2011-03-20 00:27 -------- d-----w- C:\Fiaa
2011-03-19 21:44 . 2011-03-19 21:44 -------- d-----w- c:\users\raphael\AppData\Local\{7EAE727E-104B-45FE-B098-EEB3E33EF18C}
2011-03-19 09:21 . 2011-03-19 09:21 -------- d-----w- c:\users\raphael\AppData\Local\{2388C25D-EF3E-4EEC-BB3F-15739FA220C8}
2011-03-18 18:26 . 2011-03-18 18:27 -------- d-----w- c:\users\raphael\AppData\Local\{94871302-7E7B-41D7-9774-9E20883466F1}
2011-03-17 18:08 . 2011-03-17 18:08 -------- d-----w- c:\users\raphael\AppData\Local\{B8DE3D0C-B156-47A7-9C7E-E108F188DBAD}
2011-03-16 19:00 . 2011-03-16 19:00 -------- d-----w- c:\users\raphael\AppData\Local\{6EE117BA-3B40-4398-BFF1-B5FA4CBFA4F6}
2011-03-15 18:20 . 2011-03-15 18:21 -------- d-----w- c:\users\raphael\AppData\Local\{48B7C59E-F325-41C1-AF60-6A82A0A764EF}
2011-03-15 05:31 . 2011-03-15 05:31 -------- d-----w- c:\users\raphael\AppData\Local\{1E146999-40CF-4B30-B021-680BA164B9ED}
2011-03-14 17:30 . 2011-03-14 17:30 -------- d-----w- c:\users\raphael\AppData\Local\{01E19681-5A78-4149-A0E8-44BA054014B4}
2011-03-13 18:59 . 2011-03-13 18:59 -------- d-----w- c:\programdata\WindowsSearch
2011-03-13 08:33 . 2011-03-13 08:33 -------- d-----w- c:\users\raphael\AppData\Local\{3316E36E-5569-4E0E-AEA6-C05C9D19F078}
2011-03-12 08:24 . 2011-03-12 08:24 -------- d-----w- c:\users\raphael\AppData\Local\{C30379CA-5448-407C-8683-AA682B209EFD}
2011-03-11 18:51 . 2011-03-11 18:51 -------- d-----w- c:\users\raphael\AppData\Local\{689F6721-E0F2-467A-A239-F197CF3295D2}
2011-03-10 18:57 . 2011-03-10 18:57 -------- d-----w- c:\users\raphael\AppData\Local\{2458322E-422D-4D81-8182-757BB126615F}
2011-03-10 06:56 . 2011-03-10 06:56 -------- d-----w- c:\users\raphael\AppData\Local\{645B81A9-E163-4013-8A1B-F69155D73DC7}
2011-03-09 17:49 . 2011-03-09 17:50 -------- d-----w- c:\users\raphael\AppData\Local\{342B72EA-F7C4-442B-942B-225026AE3064}
2011-03-09 17:34 . 2010-12-17 17:34 2425344 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 17:34 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-09 17:34 . 2010-12-17 15:41 731136 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 17:34 . 2010-12-17 13:54 677888 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-09 17:34 . 2010-12-29 19:01 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 17:34 . 2010-12-29 19:01 416768 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 17:34 . 2010-12-29 19:01 210944 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 17:34 . 2010-12-29 18:59 226816 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 17:34 . 2010-12-29 18:28 322560 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 17:34 . 2010-12-29 18:28 153088 ----a-w- c:\windows\SysWow64\sbeio.dll
2011-03-09 17:34 . 2010-12-29 18:28 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 17:34 . 2010-12-29 18:26 177664 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-09 05:49 . 2011-03-09 05:49 -------- d-----w- c:\users\raphael\AppData\Local\{3E223716-6E16-4F27-92C6-9929987944AE}
2011-03-08 20:03 . 2011-03-08 20:03 -------- d-----w- c:\program files (x86)\Veetle
2011-03-08 06:52 . 2011-03-08 06:52 -------- d-----w- c:\users\raphael\AppData\Local\{18247546-4027-41BA-A892-8A7EBC8ECF55}
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 15:55 . 2011-04-06 15:55 879 ----a-w- C:\FindyKill_Upload_Me_PC-de-raphael.zip
2011-03-29 13:31 . 2010-11-10 19:56 179616 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2011-03-11 06:15 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 20:40 . 2010-04-18 09:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 17:11 . 2010-02-01 17:58 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:46 . 2011-02-08 22:01 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-08 22:01 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-08 22:01 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-08 22:01 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-08 22:01 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-08 22:01 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-08 22:01 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-08 22:01 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-08 22:01 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-08 22:01 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-08 22:01 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-08 22:01 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-08 22:01 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-08 22:01 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-08 22:01 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-08 22:01 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-08 22:01 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-08 22:01 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-08 22:01 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-08 22:01 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-08 22:01 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-08 22:01 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-08 22:01 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-08 22:01 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-08 22:01 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-08 22:01 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-08 22:01 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-08 22:01 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-08 22:01 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-08 22:01 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-08 22:01 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-08 22:01 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-08 22:01 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-08 22:01 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-08 22:01 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-08 22:01 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-08 22:01 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-08 22:01 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-08 22:01 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-08 22:01 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-08 22:01 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-08 22:01 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-08 22:01 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-08 22:01 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-08 22:01 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-08 22:01 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-08 22:01 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-08 09:03 . 2011-02-08 21:58 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 08:47 . 2011-02-08 21:58 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-08 06:45 . 2011-02-08 21:58 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-01-08 06:28 . 2011-02-08 21:58 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-08 03:27 . 2011-01-22 10:17 7729256 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-01-08 03:27 . 2011-01-22 10:17 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2011-01-22 10:17 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-01-08 03:27 . 2011-01-22 10:17 5653096 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-01-08 03:27 . 2011-01-22 10:16 6604904 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2011-01-22 10:16 4941928 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-01-08 03:27 . 2011-01-22 10:16 3112040 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2011-01-22 10:16 2895976 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-01-08 03:27 . 2011-01-22 10:16 2479720 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2011-01-22 10:16 2251368 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-01-08 03:27 . 2011-01-22 10:16 20471912 ----a-w- c:\windows\system32\nvoglv64.dll
2011-01-08 03:27 . 2011-01-22 10:16 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-01-08 03:27 . 2011-01-22 10:16 18580072 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2011-01-22 10:16 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-01-08 03:27 . 2011-01-22 10:16 15047272 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-01-08 03:27 . 2011-01-22 10:16 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-01-08 03:27 . 2011-01-22 10:16 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-01-08 03:27 . 2011-01-22 10:16 12961640 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-08 03:27 . 2009-06-19 15:03 2200680 ----a-w- c:\windows\system32\nvapi64.dll
2011-01-08 03:27 . 2009-06-19 15:03 12859496 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-01-08 03:27 . 2009-06-19 15:03 10078312 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-01-07 19:50 . 2011-01-07 19:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-07 19:50 . 2011-01-07 19:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 19:49 . 2011-01-07 19:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll
2011-01-07 19:49 . 2011-01-07 19:49 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 19:49 . 2011-01-07 19:49 61032 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 19:49 . 2011-01-07 19:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 19:49 . 2011-01-07 19:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1a6dc111-b030-4c3e-be65-299284128b91}]
2011-02-02 11:58 134816 ----a-w- c:\program files (x86)\Widestream6\spointer\extensions\widestream6_air_ie.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-04-04 1644088]
"NCsoft Launcher"="c:\program files (x86)\NCsoft\Launcher\NCLauncher.exe" [2011-02-22 38184]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-11-17 1242448]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-14 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ESL Wire"="c:\program files\EslWire\wire.exe" [2011-03-30 4072960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-09 185640]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]
"SystrayORAHSS"="c:\program files (x86)\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2010-01-17 611712]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"H2O"="c:\program files (x86)\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]
.
c:\users\raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ENJOY Plus!.lnk - c:\program files (x86)\ENJOY Plus!\ENJOY Plus!.exe [2010-4-2 1438208]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Desktop Manager.lnk - c:\program files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe [2009-7-1 1717592]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "c:\programdata\Nuance\NaturallySpeaking10\Ereg.ini
"BlackBerryAutoUpdate"="c:\program files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" /background
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ClickPotatoLiteSA"="c:\program files (x86)\ClickPotatoLite\bin\10.0.668.0\ClickPotatoLiteSA.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 27648]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 135664]
R2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-02-11 15872]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-03 1038088]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-02-11 358768]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50a64.sys [x]
R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCASp50a64.sys [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 27648]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 2111368]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-09 2026304]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2010-03-23 704760]
S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [x]
S3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 06:11]
.
2011-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 06:11]
.
2010-11-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 2320752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10203&bi=400
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Recherche AOL Toolbar - c:\programdata\AOL\ieToolbar\resources\fr-FR\local\search.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Trusted Zone: everestpoker.fr\account
FF - ProfilePath - c:\users\raphael\AppData\Roaming\Mozilla\Firefox\Profiles\7n6rf3j6.default\
FF - prefs.js: browser.search.selectedEngine - ACPro
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.autocompletepro.com?si=10203&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Interest Recognizer for Widestream6: widestream6@spointer.com - c:\program files (x86)\Widestream6\spointer\extensions\widestream6@spointer.com
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-SmartMenu - %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-OfferBox Browser - c:\program files (x86)\OfferBox\uninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-GeoGebra WebStart - c:\windows\system32\javaws.exe
AddRemove-Launcher Aion-Guard - c:\program files (x86)\NCsoft\AionEU\Uninstal.exe
AddRemove-Patch RMXP 1.0.0.1 (V&S) - c:\windows\system32\Uninstal.exe
AddRemove-S-I-R.O.S.E Online - c:\program files (x86)\S-I-R.O.S.E Online\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2323554733-3628690304-3601217247-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):67,fe,b7,6d,85,d7,ca,7e,20,2e,38,21,f7,90,09,3f,b8,b6,d4,0c,11,
10,dd,1f,c4,67,87,c2,28,58,93,01,08,28,2c,f3,0e,85,a6,b5,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2323554733-3628690304-3601217247-1000_Classes\Wow6432Node\CLSID\{f8211311-3f1e-4bd5-b34d-eca0cf5444b7}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000e2
"Therad"=dword:0000001a
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-04-06 22:09:25
ComboFix-quarantined-files.txt 2011-04-06 20:09
.
Avant-CF: 319 727 562 752 octets libres
Après-CF: 319 797 583 872 octets libres
.
- - End Of File - - EFB1BDF9B3865FD627BEF3EE6A4B6067
0
Réponse 10 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 avril 2011 à 22:19
Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier :

c:\windows\system32\mfmp4src.dll

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.
0
Réponse 11 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
6 avril 2011 à 22:21
juste un truc en plus as tu un bon antivirus gratuit pour moi ?
0
Réponse 12 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
Modifié par Rypklash le 6/04/2011 à 22:47
File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:
MD5: 743b1957729de905dc44782a957fd284
Date first seen: 2011-02-08 19:36:40 (UTC)
Date last seen: 2011-02-26 10:39:43 (UTC)
Detection ratio: 0/43

What do you wish to do?
0
Réponse 13 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 avril 2011 à 23:18
Tu as tuneup utilities d'installé sur ton pc ?

> Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)
- Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie/colle dedans les lignes suivantes :


Folder::
c:\program files (x86)\ClickPotatoLite

File::
c:\users\raphael\AppData\Roaming\widestream
c:\program files (x86)\Widestream6
c:\users\raphael\AppData\Local\widestream6 Air

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ClickPotatoLiteSA"=-

- Enregistre ce fichier sous le nom CFScript
- Fait un glisser/déposer de ce fichier CFScrïpt sur le fichier ComboFix.exe comme sur cette image. (Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris.) Combofix va démarrer.
- Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
- Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
- Ne touche à rien tant que le scan n'est pas terminé sinon le PC peut planter !
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Note : Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


0
Réponse 14 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
7 avril 2011 à 06:37
Oui j'ai tineup utilities en période d'essai pourquoi ? (Je ferais ce que tu m'a dis ce soir) J'aimerai encore te remercier pour l'aide que tu m'apporte et pour le temps que tu m'accorde !
J'aimerai savoir si tu avais un antivirus pour mon ordi (gratuit) et quelque truc pour le défendre !
0
Réponse 15 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
7 avril 2011 à 19:17
ComboFix 11-04-05.02 - raphael 07/04/2011 19:00:08.2.4 - x64
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.8190.6075 [GMT 2:00]
Lancé depuis: c:\users\raphael\Downloads\ComboFix.exe
Commutateurs utilisés :: c:\users\raphael\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Widestream6"
"c:\users\raphael\AppData\Local\widestream6 Air"
"c:\users\raphael\AppData\Roaming\widestream"
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-07 au 2011-04-07 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-07 17:11 . 2011-04-07 17:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-07 16:36 . 2011-04-07 16:37 -------- d-----w- c:\users\raphael\AppData\Local\{F0BF1A78-BC00-4B68-8E39-0839EEA59790}
2011-04-07 04:10 . 2011-04-07 04:11 -------- d-----w- c:\users\raphael\AppData\Local\{15BFEFEB-0799-42AC-B7A1-B5B863D59F23}
2011-04-06 11:54 . 2011-04-06 11:55 -------- d-----w- c:\users\raphael\AppData\Local\{EED00FF0-835C-4623-A280-FE21994A920A}
2011-04-05 20:01 . 2011-04-06 15:55 -------- d-----w- C:\FyK
2011-04-05 16:50 . 2011-04-05 16:50 -------- d-----w- c:\users\raphael\AppData\Roaming\Malwarebytes
2011-04-05 16:50 . 2010-11-29 15:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-05 16:50 . 2011-04-05 16:50 -------- d-----w- c:\programdata\Malwarebytes
2011-04-05 16:50 . 2011-04-05 16:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-05 16:50 . 2010-11-29 15:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-05 16:32 . 2011-04-05 16:32 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-04-05 16:22 . 2011-04-05 16:32 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-04-05 14:52 . 2011-03-09 13:02 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-04-05 14:52 . 2011-03-09 13:02 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-04-05 14:52 . 2011-03-09 13:02 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-04-05 14:52 . 2011-03-09 13:02 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-04-05 14:49 . 2011-03-09 13:07 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-04-05 14:48 . 2011-04-05 14:48 -------- d-----w- c:\users\raphael\AppData\Roaming\TuneUp Software
2011-04-05 14:48 . 2011-04-05 14:52 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
2011-04-05 14:48 . 2011-04-05 14:51 -------- d-----w- c:\programdata\TuneUp Software
2011-04-05 14:47 . 2011-04-05 14:47 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-04-05 14:46 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{267AF1A5-FCBB-43DD-ADB0-3FDA59DA3380}\mpengine.dll
2011-04-05 14:34 . 2011-04-05 14:34 -------- d-----w- c:\users\raphael\AppData\Local\{EE5845EC-F9CD-4ABD-BEC1-5709856FF446}
2011-04-04 16:33 . 2011-04-04 16:33 -------- d-----w- c:\users\raphael\AppData\Local\{BB032A55-3337-4D44-A53A-736C16501F94}
2011-04-03 19:18 . 2011-04-03 19:18 -------- d-----w- c:\users\raphael\AppData\Local\{44A991DC-083E-49FD-B9F6-3647D49002BE}
2011-04-03 16:55 . 2011-04-03 16:55 -------- d-----w- c:\program files (x86)\mIRC
2011-04-03 07:18 . 2011-04-03 07:18 -------- d-----w- c:\users\raphael\AppData\Local\{B237C114-4F08-4671-8B45-4201313BD55F}
2011-04-02 18:43 . 2011-04-02 18:43 -------- d-----w- c:\users\raphael\AppData\Local\{AFF53641-A20D-401A-9A68-5E5C2AF10A99}
2011-04-02 09:14 . 2009-07-14 18:34 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui
2011-04-02 09:14 . 2009-07-14 18:18 42064 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-04-02 09:14 . 2009-07-14 18:18 654928 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-04-02 09:08 . 2011-04-02 09:08 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-04-02 06:42 . 2011-04-02 06:43 -------- d-----w- c:\users\raphael\AppData\Local\{E9C05BD8-111B-4C8D-9F80-746DAA74F6B8}
2011-04-01 16:35 . 2011-04-01 16:36 -------- d-----w- c:\users\raphael\AppData\Local\{D489FE19-CDF6-4473-8C3B-D33278CFFB63}
2011-03-31 16:48 . 2011-03-31 16:48 -------- d-----w- c:\users\raphael\AppData\Roaming\Leadertech
2011-03-31 16:42 . 2011-03-31 16:42 -------- d-----w- c:\programdata\LogiShrd
2011-03-31 16:40 . 2011-03-31 16:40 -------- d-----w- c:\users\raphael\AppData\Local\{65C70E92-4D66-4849-9E03-70E4A2AE8C8F}
2011-03-30 18:43 . 2011-03-30 18:43 -------- d-----w- c:\users\raphael\AppData\Roaming\DarksporeData
2011-03-30 11:50 . 2011-03-30 11:51 -------- d-----w- c:\users\raphael\AppData\Local\{0BF67B70-BC54-4396-AD51-166892E63A94}
2011-03-29 20:42 . 2011-03-29 20:42 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2011-03-29 19:42 . 2011-03-29 19:42 -------- d-----w- c:\users\raphael\AppData\Local\{2C12B17A-2358-43EC-948E-83FF10D8CF12}
2011-03-29 07:41 . 2011-03-29 07:42 -------- d-----w- c:\users\raphael\AppData\Local\{DEE4676B-04FE-4B44-AD1A-778C7DAE74D3}
2011-03-28 20:27 . 2011-03-28 20:46 -------- d-----w- c:\users\raphael\AppData\Roaming\Steinberg
2011-03-28 20:24 . 2005-06-04 07:09 131072 ----a-w- c:\windows\SysWow64\pneng50.dll
2011-03-28 20:24 . 2005-06-04 07:09 352768 ----a-w- c:\windows\SysWow64\pngu3263.dll
2011-03-28 20:24 . 2005-06-04 07:09 81920 ----a-w- c:\windows\SysWow64\ra3214_4.dll
2011-03-28 20:24 . 2005-06-04 07:09 72704 ----a-w- c:\windows\SysWow64\ra3228_8.dll
2011-03-28 20:24 . 2005-06-04 07:09 21504 ----a-w- c:\windows\SysWow64\ra32dnet.dll
2011-03-28 20:24 . 2005-06-04 07:08 87040 ----a-w- c:\windows\SysWow64\ra32sipr.dll
2011-03-28 20:24 . 2005-06-04 07:08 487936 ----a-w- c:\windows\SysWow64\rmbe3260.dll
2011-03-28 20:24 . 2005-06-04 07:11 85504 ----a-w- c:\windows\SysWow64\encdnet.dll
2011-03-28 20:24 . 2005-06-04 07:09 61952 ----a-w- c:\windows\SysWow64\decdnet.dll
2011-03-28 20:24 . 2005-06-04 07:09 130560 ----a-w- c:\windows\SysWow64\pnc3250.dll
2011-03-28 20:18 . 2004-08-31 16:47 21888 ----a-w- c:\windows\SysWow64\drivers\synUSB64.sys
2011-03-28 20:18 . 2004-05-10 13:58 147456 ----a-w- c:\windows\SysWow64\SynsoLChk.dll
2011-03-28 20:18 . 2002-11-25 06:36 45056 ----a-w- c:\windows\SysWow64\Synsopos.exe
2011-03-28 20:18 . 1999-11-30 23:40 401462 ----a-w- c:\windows\SysWow64\temp.000
2011-03-28 20:17 . 2011-03-28 20:18 -------- d-----w- c:\program files (x86)\Syncrosoft
2011-03-28 20:17 . 2005-10-17 07:35 704512 ----a-w- c:\windows\SysWow64\SYNSOACC.dll
2011-03-28 17:04 . 2011-03-28 17:04 -------- d-----w- c:\users\raphael\AppData\Roaming\widestream
2011-03-28 17:04 . 2011-04-07 16:50 -------- d-----w- c:\users\raphael\AppData\Local\widestream6 Air
2011-03-28 17:03 . 2011-03-28 17:03 -------- d-----w- c:\program files (x86)\Widestream6
2011-03-28 17:00 . 2011-03-28 17:00 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2011-03-28 16:59 . 2011-03-28 16:59 -------- d-----w- c:\program files (x86)\VideoLAN
2011-03-28 16:30 . 2011-03-28 16:30 -------- d-----w- c:\users\raphael\AppData\Local\{63456051-3720-4F83-AA61-85CC041AEE61}
2011-03-27 09:10 . 2011-03-27 09:11 -------- d-----w- c:\users\raphael\AppData\Local\{EC62EBFD-41CF-4FA5-A54D-E9A1B7B970EE}
2011-03-26 19:44 . 2011-03-26 19:44 -------- d-----w- c:\users\raphael\AppData\Local\{50CF987A-3243-413D-8EFB-016F46DC6BB6}
2011-03-26 07:49 . 2011-03-26 07:49 -------- d-----w- c:\program files (x86)\Microsoft
2011-03-26 07:43 . 2011-03-26 07:44 -------- d-----w- c:\users\raphael\AppData\Local\{371A170D-F1FB-4B08-9F4F-CFD611798275}
2011-03-25 17:31 . 2011-03-25 17:32 -------- d-----w- c:\users\raphael\AppData\Local\{EFC7E982-C9E2-4F71-819E-E0FC8BE9BF11}
2011-03-24 17:58 . 2011-03-24 17:58 -------- d-----w- c:\users\raphael\AppData\Local\{5AAB49E2-A82A-498E-8751-E2961DDB3A45}
2011-03-24 02:25 . 2011-03-24 02:26 -------- d-----w- c:\users\raphael\AppData\Local\{F17F7597-152D-4890-AB43-7130C176441D}
2011-03-23 13:07 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 13:07 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 13:07 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 13:07 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 13:07 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-23 12:50 . 2011-03-23 12:50 -------- d-----w- c:\users\raphael\AppData\Local\{6FE01663-437F-409E-AA05-AB395528CA7E}
2011-03-22 18:39 . 2011-03-22 18:39 -------- d-----w- c:\users\raphael\AppData\Local\{FE156886-D9C1-45FD-A1D4-9DAFCB3BFD79}
2011-03-21 17:26 . 2011-03-21 17:26 -------- d-----w- c:\users\raphael\AppData\Local\{904F528A-1F79-49D4-80C9-24D82F48F1F7}
2011-03-20 10:08 . 2011-03-20 10:08 -------- d-----w- c:\users\raphael\AppData\Local\{6F9DB2E1-8B2E-4375-999E-80F8C5D61EAF}
2011-03-20 00:27 . 2011-03-20 00:27 -------- d-----w- C:\Fiaa
2011-03-19 21:44 . 2011-03-19 21:44 -------- d-----w- c:\users\raphael\AppData\Local\{7EAE727E-104B-45FE-B098-EEB3E33EF18C}
2011-03-19 09:21 . 2011-03-19 09:21 -------- d-----w- c:\users\raphael\AppData\Local\{2388C25D-EF3E-4EEC-BB3F-15739FA220C8}
2011-03-18 18:26 . 2011-03-18 18:27 -------- d-----w- c:\users\raphael\AppData\Local\{94871302-7E7B-41D7-9774-9E20883466F1}
2011-03-17 18:08 . 2011-03-17 18:08 -------- d-----w- c:\users\raphael\AppData\Local\{B8DE3D0C-B156-47A7-9C7E-E108F188DBAD}
2011-03-16 19:00 . 2011-03-16 19:00 -------- d-----w- c:\users\raphael\AppData\Local\{6EE117BA-3B40-4398-BFF1-B5FA4CBFA4F6}
2011-03-15 18:20 . 2011-03-15 18:21 -------- d-----w- c:\users\raphael\AppData\Local\{48B7C59E-F325-41C1-AF60-6A82A0A764EF}
2011-03-15 05:31 . 2011-03-15 05:31 -------- d-----w- c:\users\raphael\AppData\Local\{1E146999-40CF-4B30-B021-680BA164B9ED}
2011-03-14 17:30 . 2011-03-14 17:30 -------- d-----w- c:\users\raphael\AppData\Local\{01E19681-5A78-4149-A0E8-44BA054014B4}
2011-03-13 18:59 . 2011-03-13 18:59 -------- d-----w- c:\programdata\WindowsSearch
2011-03-13 08:33 . 2011-03-13 08:33 -------- d-----w- c:\users\raphael\AppData\Local\{3316E36E-5569-4E0E-AEA6-C05C9D19F078}
2011-03-12 08:24 . 2011-03-12 08:24 -------- d-----w- c:\users\raphael\AppData\Local\{C30379CA-5448-407C-8683-AA682B209EFD}
2011-03-11 18:51 . 2011-03-11 18:51 -------- d-----w- c:\users\raphael\AppData\Local\{689F6721-E0F2-467A-A239-F197CF3295D2}
2011-03-10 18:57 . 2011-03-10 18:57 -------- d-----w- c:\users\raphael\AppData\Local\{2458322E-422D-4D81-8182-757BB126615F}
2011-03-10 06:56 . 2011-03-10 06:56 -------- d-----w- c:\users\raphael\AppData\Local\{645B81A9-E163-4013-8A1B-F69155D73DC7}
2011-03-09 17:49 . 2011-03-09 17:50 -------- d-----w- c:\users\raphael\AppData\Local\{342B72EA-F7C4-442B-942B-225026AE3064}
2011-03-09 17:34 . 2010-12-17 17:34 2425344 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 17:34 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-09 17:34 . 2010-12-17 15:41 731136 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 17:34 . 2010-12-17 13:54 677888 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-09 17:34 . 2010-12-29 19:01 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 17:34 . 2010-12-29 19:01 416768 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 17:34 . 2010-12-29 19:01 210944 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 17:34 . 2010-12-29 18:59 226816 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 17:34 . 2010-12-29 18:28 322560 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 17:34 . 2010-12-29 18:28 153088 ----a-w- c:\windows\SysWow64\sbeio.dll
2011-03-09 17:34 . 2010-12-29 18:28 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 17:34 . 2010-12-29 18:26 177664 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-09 05:49 . 2011-03-09 05:49 -------- d-----w- c:\users\raphael\AppData\Local\{3E223716-6E16-4F27-92C6-9929987944AE}
2011-03-08 20:03 . 2011-03-08 20:03 -------- d-----w- c:\program files (x86)\Veetle
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 15:55 . 2011-04-06 15:55 879 ----a-w- C:\FindyKill_Upload_Me_PC-de-raphael.zip
2011-03-29 13:31 . 2010-11-10 19:56 179616 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2011-03-11 06:15 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 20:40 . 2010-04-18 09:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 17:11 . 2010-02-01 17:58 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:46 . 2011-02-08 22:01 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-08 22:01 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-08 22:01 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-08 22:01 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-08 22:01 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-08 22:01 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-08 22:01 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-08 22:01 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-08 22:01 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-08 22:01 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-08 22:01 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-08 22:01 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-08 22:01 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-08 22:01 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-08 22:01 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-08 22:01 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-08 22:01 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-08 22:01 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-08 22:01 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-08 22:01 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-08 22:01 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-08 22:01 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-08 22:01 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-08 22:01 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-08 22:01 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-08 22:01 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-08 22:01 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-08 22:01 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-08 22:01 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-08 22:01 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-08 22:01 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-08 22:01 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-08 22:01 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-08 22:01 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-08 22:01 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-08 22:01 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-08 22:01 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-08 22:01 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-08 22:01 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-08 22:01 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-08 22:01 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-08 22:01 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-08 22:01 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-08 22:01 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-08 22:01 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-08 22:01 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-08 22:01 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-08 09:03 . 2011-02-08 21:58 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 08:47 . 2011-02-08 21:58 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-08 06:45 . 2011-02-08 21:58 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-01-08 06:28 . 2011-02-08 21:58 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-08 03:27 . 2011-01-22 10:17 7729256 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-01-08 03:27 . 2011-01-22 10:17 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2011-01-22 10:17 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-01-08 03:27 . 2011-01-22 10:17 5653096 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-01-08 03:27 . 2011-01-22 10:16 6604904 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2011-01-22 10:16 4941928 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-01-08 03:27 . 2011-01-22 10:16 3112040 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2011-01-22 10:16 2895976 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-01-08 03:27 . 2011-01-22 10:16 2479720 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2011-01-22 10:16 2251368 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-01-08 03:27 . 2011-01-22 10:16 20471912 ----a-w- c:\windows\system32\nvoglv64.dll
2011-01-08 03:27 . 2011-01-22 10:16 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-01-08 03:27 . 2011-01-22 10:16 18580072 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2011-01-22 10:16 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-01-08 03:27 . 2011-01-22 10:16 15047272 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-01-08 03:27 . 2011-01-22 10:16 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-01-08 03:27 . 2011-01-22 10:16 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-01-08 03:27 . 2011-01-22 10:16 12961640 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-08 03:27 . 2009-06-19 15:03 2200680 ----a-w- c:\windows\system32\nvapi64.dll
2011-01-08 03:27 . 2009-06-19 15:03 12859496 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-01-08 03:27 . 2009-06-19 15:03 10078312 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-01-07 19:50 . 2011-01-07 19:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-07 19:50 . 2011-01-07 19:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 19:49 . 2011-01-07 19:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll
2011-01-07 19:49 . 2011-01-07 19:49 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 19:49 . 2011-01-07 19:49 61032 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 19:49 . 2011-01-07 19:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 19:49 . 2011-01-07 19:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-06_20.04.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 02:23 . 2011-04-07 04:07 77446 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-12-02 14:47 . 2011-04-07 04:07 15900 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2323554733-3628690304-3601217247-1000_UserData.bin
+ 2009-12-02 14:46 . 2011-04-07 16:46 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-02 14:46 . 2011-04-06 17:04 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-02 14:46 . 2011-04-07 16:46 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-02 14:46 . 2011-04-06 17:04 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-02 14:46 . 2011-04-07 16:46 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-02 14:46 . 2011-04-06 17:04 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-15 18:43 . 2011-04-07 04:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-15 18:43 . 2011-04-06 19:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-15 18:43 . 2011-04-06 19:39 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-15 18:43 . 2011-04-07 04:06 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-15 18:43 . 2011-04-06 19:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-15 18:43 . 2011-04-07 04:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:40 . 2011-04-07 04:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:40 . 2011-04-06 19:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-08 22:40 . 2011-04-06 19:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-08 22:40 . 2011-04-07 04:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-04-06 19:34 . 2011-04-06 19:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-07 04:04 . 2011-04-07 04:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-07 04:04 . 2011-04-07 04:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-06 19:34 . 2011-04-06 19:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-05 00:51 . 2011-04-07 16:36 531542 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 15:45 . 2011-04-07 04:07 113296 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2010-11-24 19:50 . 2011-04-06 19:31 441012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-24 19:50 . 2011-04-06 20:57 441012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-06-19 15:46 . 2011-04-06 20:57 5487296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-11-24 19:50 . 2011-04-06 19:31 3902696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2323554733-3628690304-3601217247-1000-8192.dat
+ 2010-11-24 19:50 . 2011-04-06 20:57 3902696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2323554733-3628690304-3601217247-1000-8192.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1a6dc111-b030-4c3e-be65-299284128b91}]
2011-02-02 11:58 134816 ----a-w- c:\program files (x86)\Widestream6\spointer\extensions\widestream6_air_ie.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-04-04 1644088]
"NCsoft Launcher"="c:\program files (x86)\NCsoft\Launcher\NCLauncher.exe" [2011-02-22 38184]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-11-17 1242448]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-14 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ESL Wire"="c:\program files\EslWire\wire.exe" [2011-03-30 4072960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-09 185640]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]
"SystrayORAHSS"="c:\program files (x86)\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2010-01-17 611712]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"H2O"="c:\program files (x86)\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]
.
c:\users\raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ENJOY Plus!.lnk - c:\program files (x86)\ENJOY Plus!\ENJOY Plus!.exe [2010-4-2 1438208]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Desktop Manager.lnk - c:\program files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe [2009-7-1 1717592]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "c:\programdata\Nuance\NaturallySpeaking10\Ereg.ini
"BlackBerryAutoUpdate"="c:\program files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" /background
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 27648]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 135664]
R2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-02-11 15872]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-03 1038088]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-02-11 358768]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50a64.sys [x]
R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCASp50a64.sys [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 27648]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 2111368]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-09 2026304]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2010-03-23 704760]
S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [x]
S3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 06:11]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 06:11]
.
2010-11-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 2320752]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10203&bi=400
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Recherche AOL Toolbar - c:\programdata\AOL\ieToolbar\resources\fr-FR\local\search.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Trusted Zone: everestpoker.fr\account
FF - ProfilePath - c:\users\raphael\AppData\Roaming\Mozilla\Firefox\Profiles\7n6rf3j6.default\
FF - prefs.js: browser.search.selectedEngine - ACPro
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.autocompletepro.com?si=10203&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Interest Recognizer for Widestream6: widestream6@spointer.com - c:\program files (x86)\Widestream6\spointer\extensions\widestream6@spointer.com
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2323554733-3628690304-3601217247-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):67,fe,b7,6d,85,d7,ca,7e,20,2e,38,21,f7,90,09,3f,b8,b6,d4,0c,11,
10,dd,1f,c4,67,87,c2,28,58,93,01,08,28,2c,f3,0e,85,a6,b5,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2323554733-3628690304-3601217247-1000_Classes\Wow6432Node\CLSID\{f8211311-3f1e-4bd5-b34d-eca0cf5444b7}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000e2
"Therad"=dword:0000001a
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-04-07 19:17:04
ComboFix-quarantined-files.txt 2011-04-07 17:17
ComboFix2.txt 2011-04-06 20:09
.
Avant-CF: 319 518 683 136 octets libres
Après-CF: 318 428 184 576 octets libres
.
- - End Of File - - 457E9C97AE7FBB3F0EEE1DE6BA8AA8D5
0
Réponse 16 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
7 avril 2011 à 22:09 
Oui j'ai tineup utilities en période d'essai pourquoi ?


C'était juste pour savoir si il s'agissait d'un crack ou d'une période d'essai . 
J'aimerai savoir si tu avais un antivirus pour mon ordi (gratuit) et quelque truc pour le défendre !


Antivir + MBAM ,c'est largement suffisant .

Peux tu me recoller un nouveau log ZhpDiag pour finir .
0
Réponse 17 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
7 avril 2011 à 22:35
http://www.cijoint.fr/cjlink.php?file=cj201104/cijdcHaXRA.txt
0
Réponse 18 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
8 avril 2011 à 13:19
Déconnecte toi d'Internet et ferme toutes les applications ouvertes.

1/Double Clique sur l'icone ZhpFix .

2/ZhpFix va s'ouvrir ,clique sur "importer un rapport ZhpDiag" puis "ok" .

3/Laisse travailler l'outil.

4/Coche ces cases (et pas d'autres !):

[MD5.948F7790D5D6B6D17F9995734501BB59] - (.Widestream6 - Interest Recognizer for Widestream6.) -- C:\Program Files (x86)\Widestream6\spointer\widestream6_air.exe [1300128]
M2 - MFEP: prefs.js [raphael - 7n6rf3j6.default\support@predictad.com] [] AutocompletePro - Your handy search suggestions tool v1.0.0 (.Yossi Marouani; http://www.predictad.com.) (Adware.PredictAd)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com
O2 - BHO: SuggestMeYesBHO [64Bits] - {0FB6A909-6086-458F-BD92-1F8EE10042A0} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\AutocompletePro\64\AutocompletePro64.dll
[HKCU\Software\AppDataLow\Software\ShopperReports3]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\Grand Virtual]
[HKCU\Software\WideStream]
O43 - CFD: 28/03/2011 - 19:04:34 - [604] ----D- C:\Users\raphael\AppData\Roaming\widestream
O43 - CFD: 28/03/2011 - 19:03:34 - [3923007] ----D- C:\Program Files (x86)\Widestream6
O69 - SBI: SearchScopes [HKCU] {18EAB056-9057-F224-FD4C-1F6569C4D8D2} - (Ask) - http://www.plusnetwork.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.autocompletepro.com
O87 - FAEL: "TCP Query User{CA23A398-D90C-4FC7-8A5A-A7F868B9EADA}C:\users\raphael\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" | In - Public - P6 - TRUE | .(.Octoshape ApS.) -- C:\users\raphael\appdata\roaming\m
[HKCR\AppID\AutocompletePro.DLL]
[HKCR\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\autocompletepro3_is1] PredictAd)
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ClickpotatoliteSA]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShopperReportsSA]
[HKLM\Software\Classes\AppID\autocompletepro.dll]
[HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}]
[HKLM\Software\Microsoft\Internet Explorer\toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17}
[HKLM\Software\mozilla\firefox\extensions]:offerboxffx@offerbox.com
C:\Program Files (x86)\Widestream6


5/Pour finir clique sur "Nettoyer" .


6/colle le rapport obtenu .

0
Réponse 19 / 35
Rypklash Messages postés 36 Date d'inscription samedi 4 décembre 2010 Statut Membre Dernière intervention 20 juin 2011 1
8 avril 2011 à 20:25
Rapport de ZHPFix 1.12.3273 par Nicolas Coolman, Update du 03/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-08-04-2011-20-22-53.txt
Run by raphael at 08/04/2011 20:22:52
Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Processus mémoire ==========
C:\Program Files (x86)\Widestream6\spointer\widestream6_air.exe [1300128] => Supprimé et mis en quarantaine

========== Clé(s) du Registre ==========
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\AutocompletePro\64\AutocompletePro64.dll => Clé non supprimée
HKCU\Software\AppDataLow\Software\ShopperReports3 => Clé supprimée avec succès
HKCU\Software\AskSearchAsst => Clé supprimée avec succès
HKCU\Software\Grand Virtual => Clé supprimée avec succès
HKCU\Software\WideStream => Clé supprimée avec succès
O69 - SBI: SearchScopes [HKCU] {18EAB056-9057-F224-FD4C-1F6569C4D8D2} - (Ask) - http://www.plusnetwork.com => Clé supprimée avec succès
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.autocompletepro.com => Clé supprimée avec succès
HKCR\AppID\AutocompletePro.DLL => Clé supprimée avec succès
HKCR\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} => Clé supprimée avec succès
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} => Clé absente
HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\autocompletepro3_is1 => Clé supprimée avec succès
HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ClickpotatoliteSA => Clé supprimée avec succès
HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShopperReportsSA => Clé supprimée avec succès
HKLM\Software\Classes\AppID\autocompletepro.dll => Clé absente
HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} => Clé absente

========== Valeur(s) du Registre ==========
TCP Query User{CA23A398-D90C-4FC7-8A5A-A7F868B9EADA}C:\users\raphael\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe => Valeur supprimée avec succès
[HKLM\Software\Microsoft\Internet Explorer\toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} => Valeur supprimée avec succès
[HKLM\Software\mozilla\firefox\extensions]:offerboxffx@offerbox.com => Valeur supprimée avec succès

========== Elément(s) de donnée du Registre ==========
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com => Donnée supprimée avec succès

========== Dossier(s) ==========
C:\Documents and Settings\raphael\Application Data\Mozilla\Firefox\Profiles\7n6rf3j6.default\extensions\support@predictad.com => Supprimé et mis en quarantaine
C:\Users\raphael\AppData\Roaming\widestream => Supprimé et mis en quarantaine
C:\Program Files (x86)\Widestream6 => Supprimé et mis en quarantaine

========== Fichier(s) ==========


========== Récapitulatif ==========
1 : Processus mémoire
15 : Clé(s) du Registre
3 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
3 : Dossier(s)


End of the scan
0
Réponse 20 / 35
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
8 avril 2011 à 22:18
Comment va le pc ?
0