Sujet Précédent Sujet Suivant

Platange, trojans, rootkits, virus sur PC

Fermé
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011 - Modifié par tambourine le 18/04/2011 à 15:51
 Utilisateur anonyme - 21 avril 2011 à 15:30
Bonjour,

Voilà, mon PC connaît à peu près tous les maux.

Il met un certain temps pour s'allumer et parfois seul un écran noir s'affiche et je dois l'éteindre pour le rallumer. D'autres fois il plante carrément (écran bleu avec plein d'écritures) dans les 10 minutes suivant son démarrage.
Mon antivirus avast détecte trojan et rootkit à chaque session. J'ai fais des rapports 4 fois en une semaine mais les problèmes persistent.
Une fois en allumant mon PC l'écran est resté noir et bizarrement il émettait de la musique très fort que je n'ai jamais téléchargé comme si il était contrôlé par une autre personne.
Une autre Mon iTunes s'est mis a affiché la bibliothèque d'une autre personne alors que personne n'a jamais connecté son iPod à mon PC.
Autre chose, je suis très souvent redirigé vers une autre page quand j'utilise le net

En gros, tout va mal et je ne sais pas trop à quel saint me vouer. J'ai vraiment besoin de ce PC en ce moment et de mes données (gros travail universitaire), donc j'apprécierais grandement votre expertise.

Merci encore d'avance

A voir également:

32 réponses

  • 1
  • 2
Réponse 1 / 32
Utilisateur anonyme
18 avril 2011 à 15:53
bonjour,


* Télécharge TDSSKiller sur ton bureau :

https://support.kaspersky.com/downloads/utils/tdsskiller.exe


* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

* Clique sur [Start Scan] pour démarrer l'analyse.

* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

* Un rapport s'ouvrira au redémarrage du PC.

* Copie/Colle son contenu dans ta prochaine réponse.

Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.







* /!\Avertissement :
Ce logiciel n'est à utiliser que prescrit par un helper qualifié.
Ne pas utiliser en dehors de ce cas de figure : dangereux!


► Télécharges ComboFix à partir de ce lien et enregistres le sur ton bureau :
https://forum.pcastuces.com/combofix_renomme_au_telechargement-f31s22.htm
ou ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
A lire
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Avant d'utiliser ComboFix :

► ferme les fenêtres de tous les programmes en cours.

► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.
/!\Utilisateur de Vista : Clique droit sur le logo de Combofix, « exécuter en tant qu'Administrateur »

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

- il se peut que Combofix ait besoin de se connecter à internet pour trouver les mises à jour, donc il faut l'autoriser.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.


0
Réponse 2 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 15:57
Super rapide!
Je m'y mets de suite et je te tiens au courant, merci!
0
Réponse 3 / 32
Utilisateur anonyme
18 avril 2011 à 16:01
plus rapide que moi, n'existe pas voyons :P


si tu vois que Combofix ne passe pas, change son nom !

si tu as avg comme antivirus, il faut le désinstaller :-)


0
Réponse 4 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 16:02
Voici le rapport TDSS

[SPOILER]2011/04/18 15:58:10.0812 2288 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/18 15:58:12.0816 2288 ================================================================================
2011/04/18 15:58:12.0816 2288 SystemInfo:
2011/04/18 15:58:12.0816 2288
2011/04/18 15:58:12.0816 2288 OS Version: 6.1.7600 ServicePack: 0.0
2011/04/18 15:58:12.0816 2288 Product type: Workstation
2011/04/18 15:58:12.0817 2288 ComputerName: FRANCK-PC
2011/04/18 15:58:12.0818 2288 UserName: franck
2011/04/18 15:58:12.0818 2288 Windows directory: C:\windows
2011/04/18 15:58:12.0818 2288 System windows directory: C:\windows
2011/04/18 15:58:12.0818 2288 Processor architecture: Intel x86
2011/04/18 15:58:12.0818 2288 Number of processors: 2
2011/04/18 15:58:12.0818 2288 Page size: 0x1000
2011/04/18 15:58:12.0818 2288 Boot type: Normal boot
2011/04/18 15:58:12.0818 2288 ================================================================================
2011/04/18 15:58:17.0835 2288 Initialize success
2011/04/18 15:58:22.0174 2056 ================================================================================
2011/04/18 15:58:22.0174 2056 Scan started
2011/04/18 15:58:22.0174 2056 Mode: Manual;
2011/04/18 15:58:22.0174 2056 ================================================================================
2011/04/18 15:58:25.0859 2056 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2011/04/18 15:58:25.0955 2056 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2011/04/18 15:58:26.0134 2056 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2011/04/18 15:58:26.0364 2056 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2011/04/18 15:58:26.0570 2056 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2011/04/18 15:58:26.0740 2056 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2011/04/18 15:58:26.0900 2056 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
2011/04/18 15:58:27.0060 2056 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2011/04/18 15:58:27.0160 2056 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2011/04/18 15:58:27.0350 2056 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2011/04/18 15:58:27.0400 2056 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2011/04/18 15:58:27.0500 2056 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2011/04/18 15:58:27.0650 2056 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2011/04/18 15:58:27.0720 2056 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2011/04/18 15:58:27.0810 2056 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
2011/04/18 15:58:27.0980 2056 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2011/04/18 15:58:28.0040 2056 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
2011/04/18 15:58:28.0230 2056 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2011/04/18 15:58:28.0470 2056 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2011/04/18 15:58:28.0557 2056 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2011/04/18 15:58:28.0700 2056 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\windows\system32\drivers\aswFsBlk.sys
2011/04/18 15:58:28.0871 2056 aswMonFlt (b0f137f664f10829cd2380b0e20e7c29) C:\windows\system32\drivers\aswMonFlt.sys
2011/04/18 15:58:28.0969 2056 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\windows\system32\drivers\aswRdr.sys
2011/04/18 15:58:29.0212 2056 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\windows\system32\drivers\aswSnx.sys
2011/04/18 15:58:29.0379 2056 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\windows\system32\drivers\aswSP.sys
2011/04/18 15:58:29.0466 2056 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\windows\system32\drivers\aswTdi.sys
2011/04/18 15:58:30.0215 2056 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2011/04/18 15:58:30.0295 2056 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2011/04/18 15:58:30.0435 2056 athr (ac4adac154563ab41cc79b0257bc685a) C:\windows\system32\DRIVERS\athr.sys
2011/04/18 15:58:30.0755 2056 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2011/04/18 15:58:30.0935 2056 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/04/18 15:58:31.0155 2056 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2011/04/18 15:58:31.0275 2056 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2011/04/18 15:58:31.0475 2056 bowser (fcafaef6798d7b51ff029f99a9898961) C:\windows\system32\DRIVERS\bowser.sys
2011/04/18 15:58:31.0545 2056 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/04/18 15:58:31.0635 2056 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/04/18 15:58:31.0845 2056 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2011/04/18 15:58:31.0915 2056 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2011/04/18 15:58:31.0995 2056 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/04/18 15:58:32.0075 2056 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2011/04/18 15:58:32.0195 2056 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\DRIVERS\BthEnum.sys
2011/04/18 15:58:32.0325 2056 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2011/04/18 15:58:32.0425 2056 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
2011/04/18 15:58:32.0901 2056 BTHPORT (4a34888e13224678dd062466afec4240) C:\windows\system32\Drivers\BTHport.sys
2011/04/18 15:58:33.0114 2056 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\windows\system32\Drivers\BTHUSB.sys
2011/04/18 15:58:33.0281 2056 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys
2011/04/18 15:58:33.0411 2056 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys
2011/04/18 15:58:33.0679 2056 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys
2011/04/18 15:58:33.0950 2056 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys
2011/04/18 15:58:34.0250 2056 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2011/04/18 15:58:34.0442 2056 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2011/04/18 15:58:34.0565 2056 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2011/04/18 15:58:34.0756 2056 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2011/04/18 15:58:34.0996 2056 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2011/04/18 15:58:35.0066 2056 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2011/04/18 15:58:35.0236 2056 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2011/04/18 15:58:35.0406 2056 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2011/04/18 15:58:35.0486 2056 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/04/18 15:58:35.0686 2056 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2011/04/18 15:58:35.0966 2056 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys
2011/04/18 15:58:36.0056 2056 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2011/04/18 15:58:36.0276 2056 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2011/04/18 15:58:36.0476 2056 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2011/04/18 15:58:36.0636 2056 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
2011/04/18 15:58:37.0003 2056 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2011/04/18 15:58:37.0370 2056 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2011/04/18 15:58:37.0531 2056 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2011/04/18 15:58:37.0699 2056 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2011/04/18 15:58:37.0858 2056 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2011/04/18 15:58:37.0948 2056 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2011/04/18 15:58:38.0188 2056 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2011/04/18 15:58:38.0258 2056 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2011/04/18 15:58:38.0508 2056 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2011/04/18 15:58:38.0878 2056 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2011/04/18 15:58:39.0148 2056 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2011/04/18 15:58:39.0268 2056 fssfltr (3a00ed350f5e247980ac9044841455b0) C:\windows\system32\DRIVERS\fssfltr.sys
2011/04/18 15:58:39.0418 2056 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2011/04/18 15:58:39.0688 2056 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
2011/04/18 15:58:39.0778 2056 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/04/18 15:58:39.0958 2056 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/18 15:58:40.0220 2056 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2011/04/18 15:58:40.0358 2056 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2011/04/18 15:58:40.0545 2056 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/04/18 15:58:40.0612 2056 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2011/04/18 15:58:40.0904 2056 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2011/04/18 15:58:41.0184 2056 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2011/04/18 15:58:41.0610 2056 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2011/04/18 15:58:41.0836 2056 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/04/18 15:58:42.0076 2056 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2011/04/18 15:58:42.0256 2056 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2011/04/18 15:58:42.0366 2056 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2011/04/18 15:58:42.0586 2056 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
2011/04/18 15:58:42.0976 2056 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/04/18 15:58:43.0416 2056 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2011/04/18 15:58:43.0696 2056 IntcAzAudAddService (e345ec27c8dff8728f5c6f0413699dc5) C:\windows\system32\drivers\RTKVHDA.sys
2011/04/18 15:58:43.0926 2056 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2011/04/18 15:58:44.0006 2056 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2011/04/18 15:58:44.0196 2056 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/04/18 15:58:44.0296 2056 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/04/18 15:58:44.0386 2056 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2011/04/18 15:58:44.0616 2056 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2011/04/18 15:58:44.0686 2056 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2011/04/18 15:58:44.0779 2056 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2011/04/18 15:58:44.0967 2056 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/04/18 15:58:45.0056 2056 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2011/04/18 15:58:45.0154 2056 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2011/04/18 15:58:45.0352 2056 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
2011/04/18 15:58:45.0682 2056 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2011/04/18 15:58:45.0830 2056 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/04/18 15:58:45.0971 2056 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/04/18 15:58:46.0041 2056 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/04/18 15:58:46.0111 2056 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/04/18 15:58:46.0231 2056 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2011/04/18 15:58:46.0421 2056 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\windows\system32\drivers\massfilter.sys
2011/04/18 15:58:47.0081 2056 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2011/04/18 15:58:47.0261 2056 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2011/04/18 15:58:47.0351 2056 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\windows\system32\drivers\mfeavfk.sys
2011/04/18 15:58:47.0931 2056 mfebopk (1d003e3056a43d881597d6763e83b943) C:\windows\system32\drivers\mfebopk.sys
2011/04/18 15:58:48.0021 2056 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\windows\system32\drivers\mfehidk.sys
2011/04/18 15:58:48.0171 2056 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\windows\system32\drivers\mferkdk.sys
2011/04/18 15:58:48.0251 2056 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\windows\system32\drivers\mfesmfk.sys
2011/04/18 15:58:48.0351 2056 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2011/04/18 15:58:48.0568 2056 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2011/04/18 15:58:48.0670 2056 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2011/04/18 15:58:48.0843 2056 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2011/04/18 15:58:48.0953 2056 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2011/04/18 15:58:49.0051 2056 MPFP (95675c3398dcc084c8d1dc35cc4e9e01) C:\windows\system32\Drivers\Mpfp.sys
2011/04/18 15:58:49.0241 2056 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2011/04/18 15:58:49.0356 2056 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2011/04/18 15:58:49.0435 2056 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2011/04/18 15:58:49.0621 2056 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/04/18 15:58:49.0693 2056 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/04/18 15:58:49.0841 2056 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/04/18 15:58:49.0973 2056 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2011/04/18 15:58:50.0213 2056 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2011/04/18 15:58:50.0423 2056 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2011/04/18 15:58:50.0533 2056 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2011/04/18 15:58:50.0720 2056 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2011/04/18 15:58:51.0017 2056 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2011/04/18 15:58:51.0371 2056 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2011/04/18 15:58:51.0562 2056 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2011/04/18 15:58:51.0647 2056 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2011/04/18 15:58:51.0805 2056 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2011/04/18 15:58:52.0135 2056 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2011/04/18 15:58:52.0355 2056 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2011/04/18 15:58:52.0515 2056 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2011/04/18 15:58:52.0756 2056 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2011/04/18 15:58:53.0112 2056 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2011/04/18 15:58:53.0335 2056 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2011/04/18 15:58:53.0479 2056 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2011/04/18 15:58:53.0646 2056 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
2011/04/18 15:58:53.0716 2056 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
2011/04/18 15:58:53.0779 2056 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
2011/04/18 15:58:54.0011 2056 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2011/04/18 15:58:54.0220 2056 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
2011/04/18 15:58:54.0510 2056 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2011/04/18 15:58:54.0750 2056 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2011/04/18 15:58:54.0850 2056 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2011/04/18 15:58:55.0170 2056 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
2011/04/18 15:58:55.0420 2056 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2011/04/18 15:58:55.0500 2056 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
2011/04/18 15:58:55.0660 2056 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
2011/04/18 15:58:55.0750 2056 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
2011/04/18 15:58:56.0010 2056 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
2011/04/18 15:58:56.0380 2056 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2011/04/18 15:58:56.0550 2056 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
2011/04/18 15:58:56.0717 2056 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2011/04/18 15:58:56.0929 2056 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
2011/04/18 15:58:57.0002 2056 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
2011/04/18 15:58:57.0277 2056 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2011/04/18 15:58:57.0440 2056 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2011/04/18 15:58:57.0543 2056 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2011/04/18 15:58:58.0055 2056 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2011/04/18 15:58:58.0125 2056 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2011/04/18 15:58:58.0365 2056 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2011/04/18 15:58:58.0525 2056 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2011/04/18 15:58:58.0723 2056 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2011/04/18 15:58:58.0833 2056 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2011/04/18 15:58:58.0895 2056 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2011/04/18 15:58:59.0304 2056 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/04/18 15:58:59.0566 2056 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/04/18 15:58:59.0861 2056 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2011/04/18 15:59:00.0051 2056 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2011/04/18 15:59:00.0191 2056 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
2011/04/18 15:59:00.0351 2056 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2011/04/18 15:59:00.0421 2056 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/04/18 15:59:00.0611 2056 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2011/04/18 15:59:00.0701 2056 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2011/04/18 15:59:00.0781 2056 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
2011/04/18 15:59:01.0018 2056 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
2011/04/18 15:59:01.0343 2056 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
2011/04/18 15:59:01.0647 2056 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2011/04/18 15:59:01.0742 2056 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\windows\system32\DRIVERS\Rt86win7.sys
2011/04/18 15:59:01.0921 2056 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
2011/04/18 15:59:02.0051 2056 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
2011/04/18 15:59:02.0241 2056 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
2011/04/18 15:59:02.0641 2056 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/04/18 15:59:02.0901 2056 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2011/04/18 15:59:02.0971 2056 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2011/04/18 15:59:03.0041 2056 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2011/04/18 15:59:03.0271 2056 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
2011/04/18 15:59:03.0351 2056 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
2011/04/18 15:59:03.0441 2056 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
2011/04/18 15:59:03.0521 2056 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2011/04/18 15:59:03.0771 2056 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
2011/04/18 15:59:03.0861 2056 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/04/18 15:59:03.0961 2056 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2011/04/18 15:59:04.0131 2056 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2011/04/18 15:59:04.0381 2056 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2011/04/18 15:59:04.0571 2056 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\windows\system32\DRIVERS\srv.sys
2011/04/18 15:59:04.0741 2056 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\windows\system32\DRIVERS\srv2.sys
2011/04/18 15:59:04.0921 2056 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\windows\system32\DRIVERS\srvnet.sys
2011/04/18 15:59:05.0061 2056 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2011/04/18 15:59:05.0265 2056 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
2011/04/18 15:59:05.0647 2056 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
2011/04/18 15:59:05.0945 2056 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\drivers\tcpip.sys
2011/04/18 15:59:06.0527 2056 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\DRIVERS\tcpip.sys
2011/04/18 15:59:06.0767 2056 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
2011/04/18 15:59:06.0867 2056 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
2011/04/18 15:59:06.0967 2056 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
2011/04/18 15:59:07.0157 2056 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
2011/04/18 15:59:07.0237 2056 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
2011/04/18 15:59:07.0667 2056 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/04/18 15:59:07.0797 2056 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
2011/04/18 15:59:07.0947 2056 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2011/04/18 15:59:08.0047 2056 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
2011/04/18 15:59:08.0377 2056 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
2011/04/18 15:59:08.0557 2056 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
2011/04/18 15:59:08.0637 2056 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2011/04/18 15:59:08.0857 2056 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\windows\system32\Drivers\usbaapl.sys
2011/04/18 15:59:08.0937 2056 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
2011/04/18 15:59:09.0127 2056 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
2011/04/18 15:59:09.0207 2056 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
2011/04/18 15:59:09.0428 2056 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys
2011/04/18 15:59:09.0621 2056 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2011/04/18 15:59:09.0799 2056 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2011/04/18 15:59:10.0025 2056 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/04/18 15:59:10.0168 2056 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
2011/04/18 15:59:10.0395 2056 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
2011/04/18 15:59:11.0265 2056 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
2011/04/18 15:59:11.0418 2056 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2011/04/18 15:59:11.0561 2056 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2011/04/18 15:59:11.0629 2056 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
2011/04/18 15:59:11.0735 2056 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
2011/04/18 15:59:11.0981 2056 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2011/04/18 15:59:12.0144 2056 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
2011/04/18 15:59:12.0242 2056 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
2011/04/18 15:59:12.0370 2056 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2011/04/18 15:59:12.0544 2056 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
2011/04/18 15:59:12.0644 2056 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2011/04/18 15:59:12.0854 2056 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2011/04/18 15:59:12.0944 2056 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2011/04/18 15:59:13.0124 2056 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2011/04/18 15:59:13.0314 2056 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/04/18 15:59:13.0369 2056 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/04/18 15:59:13.0573 2056 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2011/04/18 15:59:13.0749 2056 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2011/04/18 15:59:14.0122 2056 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2011/04/18 15:59:14.0215 2056 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2011/04/18 15:59:14.0729 2056 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/04/18 15:59:14.0969 2056 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2011/04/18 15:59:15.0149 2056 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
2011/04/18 15:59:15.0339 2056 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/04/18 15:59:15.0686 2056 ZTEusbmdm6k (f9d62935e48ded9a2421be9faa93d6e8) C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/04/18 15:59:15.0831 2056 ZTEusbnet (e9c90ede4ee66e64222d2c23f45473f7) C:\windows\system32\DRIVERS\ZTEusbnet.sys
2011/04/18 15:59:16.0033 2056 ZTEusbnmea (f9d62935e48ded9a2421be9faa93d6e8) C:\windows\system32\DRIVERS\ZTEusbnmea.sys
2011/04/18 15:59:16.0257 2056 ZTEusbser6k (f9d62935e48ded9a2421be9faa93d6e8) C:\windows\system32\DRIVERS\ZTEusbser6k.sys
2011/04/18 15:59:16.0336 2056 ZTEusbvoice (f9d62935e48ded9a2421be9faa93d6e8) C:\windows\system32\DRIVERS\ZTEusbvoice.sys
2011/04/18 15:59:16.0695 2056 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/04/18 15:59:16.0715 2056 ================================================================================
2011/04/18 15:59:16.0715 2056 Scan finished
2011/04/18 15:59:16.0716 2056 ================================================================================
2011/04/18 15:59:16.0804 1424 Detected object count: 1
/SPOILER
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
Utilisateur anonyme
18 avril 2011 à 16:03
il t'a demandé le redemarrage ?
0
Réponse 6 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 16:07
Non, aucun redémarrage n'a été demandé.
J'ai juste télécharger, démarrer le scan qui s'est fait en même pas 1minutes puis copié collé le scan
0
Réponse 7 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 16:09
La je m'apprete à passer à l'autre étape, comboFix (je lis avec attention car je ne suis pas un pro de l'informatique!)
0
Réponse 8 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 16:33
Pardon de ma connerie.

Apres le scan TDSS, on m'avait effectivement demandé de redémarrer le PC pour éliminer le virus.
J'ai redémarré mon PC. Et pour l'instant, à part ce message qui continue à s'afficher lorsque j'allume le PC:

runDLL
Problème lors du démarrage de
C://user/franck/AppDATA/Local/SApm095.dll

Le module spécifié est introuvable.

Non seulement mon PC ne s'est plus rallumé aussi vite depuis un bail, mais je n'ai plus toutes ces alertes d'AVAST dès que mon PC est allumé et qui me signalent qu'il y a des URLs malveillantes, Chevaux de Troie etc.

J'ai eu le temps de télécharger ComboFix, ça vaut toujours la peine de l'exécuter ou pas?
0
Réponse 9 / 32
Utilisateur anonyme
18 avril 2011 à 16:53
lance Combofix !

0
Réponse 10 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 18:31
Voici le rapport ComboFix


ComboFix 11-04-17.03 - franck 18/04/2011 17:09:53.1.2 - x86
Microsoft Windows 7 Édition Starter 6.1.7600.0.1252.33.1036.18.1014.242 [GMT 2:00]
Lancé depuis: c:\users\franck\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee VirusScan *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee VirusScan *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
* Un antivirus résident est actif
.
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\programdata\Microsoft\Windows
c:\programdata\Microsoft\Windows\Caches\{67D69890-D853-4011-A87E-AA64FA83CE5A}.2.ver0x0000000000000001.db
c:\programdata\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000003.db
c:\programdata\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db
c:\programdata\Microsoft\Windows\Caches\cversions.2.db
c:\programdata\Microsoft\Windows\DeviceMetadataStore\en-US\34e548a8-3268-4dde-bedf-c40f9b6c814a.devicemetadata-ms
c:\programdata\Microsoft\Windows\DeviceMetadataStore\en-US\63921eef-8415-4368-9201-f0df4af5778f.devicemetadata-ms
c:\programdata\Microsoft\Windows\DRM\blackbox.bin
c:\programdata\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key
c:\programdata\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-21-1680670562-1251304338-3357876734-1000\Indiv01.key
c:\programdata\Microsoft\Windows\DRM\Cache\Indiv01.bla
c:\programdata\Microsoft\Windows\DRM\Cache\Indiv01.key
c:\programdata\Microsoft\Windows\DRM\Cache\Indiv01.tmp
c:\programdata\Microsoft\Windows\DRM\drmstore.hds
c:\programdata\Microsoft\Windows\DRM\IndivBox.key
c:\programdata\Microsoft\Windows\DRM\v2ksndv.bla
c:\programdata\Microsoft\Windows\DRM\v3ks.bla
c:\programdata\Microsoft\Windows\DRM\v3ks.sec
c:\programdata\Microsoft\Windows\GameExplorer\{3E86B019-09C7-4DBE-BB55-6789421359A0}\PlayTasks\0\Play.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{3E86B019-09C7-4DBE-BB55-6789421359A0}\SupportTasks\0\Play more games.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{7B4F4EFC-35CA-41BC-B74C-8A5548EF5213}\PlayTasks\0\Play.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{7B4F4EFC-35CA-41BC-B74C-8A5548EF5213}\SupportTasks\0\Play more games.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{89F908E2-2F6A-4AEA-A12D-09B7E5E78D7A}\PlayTasks\0\Play.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{89F908E2-2F6A-4AEA-A12D-09B7E5E78D7A}\SupportTasks\0\Play more games.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{B61627AB-4DA1-43BE-9A99-0F17B85580FD}\PlayTasks\0\Play.lnk
c:\programdata\Microsoft\Windows\GameExplorer\{B61627AB-4DA1-43BE-9A99-0F17B85580FD}\SupportTasks\0\Play more games.lnk
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-ntkl.etl
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2010-07-11.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2010-07-15.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2010-07-29.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2010-08-31.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2010-09-13.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2010-10-15.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2011-01-31.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2011-03-07.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-2011-03-15.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report-latest.xml
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-report.html
c:\programdata\Microsoft\Windows\Power Efficiency Diagnostics\energy-trace.etl
c:\programdata\Microsoft\Windows\Ringtones\desktop.ini
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 01.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 02.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 03.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 04.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 05.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 06.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 07.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 08.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 09.wma
c:\programdata\Microsoft\Windows\Ringtones\Ringtone 10.wma
c:\programdata\Microsoft\Windows\Start Menu\Default Programs.lnk
c:\programdata\Microsoft\Windows\Start Menu\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\AnyPC Client\Aide.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\AnyPC Client\AnyPC.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\AnyPC Client\Créer le fichier d'installation AnyPC Server.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\AnyPC Client\Désinstaller AnyPC.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus\avast! Free Antivirus.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\Assistance DivX.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\Chercher les mises à jour.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\Enregistrez.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\Pourquoi acheter DivX Pro .lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\Publiez des vidéos DivX® sur votre site web.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\DivX Plus\Réglages du Codec.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Alice Greenfingers.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Dairy Dash.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy 2.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Go-Go Gourmet.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Google Chrome\Désinstaller Google Chrome.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Google Chrome\Uninstall Google Chrome.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\iTunes\À propos d'iTunes.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Lanceur de tâches Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Désinstaller.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee SecurityCenter.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in\Aide d'Office Live Add-in.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in\Office Live Workspace.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office - 60 Day Trial.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Bibliothèque multimédia Microsoft.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Certificat numérique pour les projets VBA.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Microsoft Office 2007 Paramètres de langue.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Microsoft Office Diagnostics.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outils Microsoft Office\Microsoft Office Picture Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Base de données Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Calendrier Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Lanceur de tâches Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Mise en route.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Porte-documents Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Tableur Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Traitement de texte Microsoft Works.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Mode sans échec).lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Phoenix Technologies Ltd\FailSafe Setup.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\QuickTime\À propos de QuickTime.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\QuickTime\Désinstaller QuickTime.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Safari.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Alice Greenfingers\Alice Greenfingers.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Alice Greenfingers\Samsung Casual Games.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Alice Greenfingers\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Dairy Dash\Dairy Dash.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Dairy Dash\Samsung Casual Games.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Dairy Dash\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Farm Frenzy 2\Farm Frenzy 2.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Farm Frenzy 2\Samsung Casual Games.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Farm Frenzy 2\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Game Pack.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Go-Go Gourmet\Go-Go Gourmet.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Go-Go Gourmet\Samsung Casual Games.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung Casual Games\Go-Go Gourmet\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Battery Life Extender\BatteryLifeExtender.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\ChargeableUSB\ChargeableUSB.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Easy Display Manager\Easy Display Manager Option.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Easy Display Manager\Easy Display Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Easy Network Manager\Easy Network Manager Help.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Easy Network Manager\Easy Network Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Easy Resolution Manager\Easy Resolution Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Support Center\Samsung Support Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Update Plus\Samsung Update Plus Help.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Update Plus\Samsung Update Plus.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Samsung\User Guide\User Guide.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SFR\Gestionnaire de Connexion\Désinstaller Gestionnaire de Connexion.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SFR\Gestionnaire de Connexion\Gestionnaire de Connexion.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft Office PowerPoint 2007.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mail Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Messenger Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Movie Maker Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Photo Gallery Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Sync Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer Beta.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Windows Update.lnk
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_ABCd_ZTE.exe_c9f4ba1fa115d7c74dfff61eb053c2ba4f6b1ebb_03c1e639\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_ABCd_ZTE.exe_d8fe5d114879f868aa8b5e64536943423da13cb_03c217c4\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_ABCd_ZTE.exe_d8fe5d114879f868aa8b5e64536943423da13cb_1d644c00\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_mcshield.exe_a35feb87713ad97bc0aea67c2dc912d0eb5fc2f_0f0a60b5\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_mcshield.exe_a35feb87713ad97bc0aea67c2dc912d0eb5fc2f_1c963166\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_ntvdm.exe_824b1b1c516f514055101a93e1158122fe12aa7b_1386dab2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_setup.exe_o Inte_c55de254ba51dda5ec46aaf336f8e10983acb5d_13a4d97c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_sharepod.exe_edada07bb1f184eb9277be8999fbee4df38e736_1506974f\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_svchost.exe_93e154ff624b928c50e62adee38051b03db0d1ef_0414d49d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_svchost.exe_93e154ff624b928c50e62adee38051b03db0d1ef_15d4c3e6\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_svchost.exe_93e154ff624b928c50e62adee38051b03db0d1ef_15d4d0a2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppCrash_WLIDSVC.EXE_bf809441b3bcf2cda2aac9b8ee294df8462cc65b_03c249fa\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_027fa36f\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_03746824\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_03d5007d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_040ceec1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_045bbaf5\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_06bbc13c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_06f01ac0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_074f754e\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0794d123\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0a067aca\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0a87d97c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0ad365f3\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0b0f11bb\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0c53d99c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0ca2bbb0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0cc82f2a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0ce08017\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0d1fc63b\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0d7b85a3\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0d93709d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_0e9b0415\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_10db6779\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_11042bf1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_1150ea7d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_118b7148\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_120038cb\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_12503e66\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_126431d8\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_12cfc032\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_12dfea5e\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_139ff314\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_1456a8ad\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_152b98c5\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_15a4932a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_15c31cd2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_16905e93\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_178563f0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_AMService_e3965e73f5257183d7da29864e8f39a6e9a898_17e41ad0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_avast! Antivirus_fed63e2b1e6c2fece5f5bced764adbddeb702695_016775ab\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_avast! Antivirus_fed63e2b1e6c2fece5f5bced764adbddeb702695_04109db5\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_avast! Antivirus_fed63e2b1e6c2fece5f5bced764adbddeb702695_07c71aa1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\AppHang_avast! Antivirus_fed63e2b1e6c2fece5f5bced764adbddeb702695_07d9bf0a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0284b74d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_03159cf9\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_03b1f95b\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_03e91d11\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_04c3a0c1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_06be953c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0b90277d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0c450014\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0ccabc8a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0cde8c95\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0d06ddb1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0d097dd6\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_10238600\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_10269108\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_1080621c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_0933c61fab54779895356c4d5245a73c95f_07969d19\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_1c74619606e02ba7bdb62c861b6c16d1b1248_018f0816\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_314dba050848b59681e9c7fb2de59bda0fea8f0_03e55051\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_3434e3ab2f32e57b40634a392e03a5f31988d_03e580e2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_47ec4281378bda137ed4887b63a5bbf8863ca8_121f861d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_67297920f2cdd3aeb73568159ee41e2f4f4af6_2169b3d1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_03b463a2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_03c582d5\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_03f95ed3\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_056b2f78\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_06d5aaee\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_06f73e9a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_08ce530f\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_091bbe30\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_091d4bce\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_09f4790b\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0a8b9858\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0b55a70f\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0b889a8a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0d0e6059\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0dbbd087\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0e2422de\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0f3d65f4\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0f3e975a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0fdfa939\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0fef7695\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_0fefc9b6\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_10a6e47a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1177d883\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_11b52dcd\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1227846b\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_125a5cbf\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1323979d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_13d0ee4a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_13df0093\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_13f90669\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_143660b2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1457f8b0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_162b3246\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_164ff97a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_171aa7d7\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1755b8b4\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_17b97203\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_17e05d16\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_18a241ac\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_18b05e40\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_18eb5b6d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_19b784ed\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1bac1d99\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1c42c7c6\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1cbdcf6f\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1ce2b91c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_05ba7d33\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_0fe33eb5\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_10d02a69\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_11a0e29c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_12038ce9\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_136966a0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_13a2796c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_13bb9c45\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_14cda6f8\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_178052c2\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_1a621470\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_1e059cef\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_9ce8635398adc03f3a3cbabd84e2d34c18e0b26b_2cd79e42\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_c839eaa568e172b37a5a166d4925be24f149b4d0_02a56a4a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_c839eaa568e172b37a5a166d4925be24f149b4d0_03e6cc24\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_c839eaa568e172b37a5a166d4925be24f149b4d0_0d770a4f\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_c839eaa568e172b37a5a166d4925be24f149b4d0_1baa4b7c\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_c839eaa568e172b37a5a166d4925be24f149b4d0_1dff1700\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_cb51c0ac54c804f7e2953d1e098399b4b1f4ac3_16036142\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_01880a38\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_018fa619\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_02f473ce\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03c20c8d\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03c2e040\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03c3451a\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03c3d799\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03dc3a80\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03dca0e0\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03dd2cf9\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03e5a5a1\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_03e5c5ce\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ce6b211b939e95ce397b8452cbf2c194af7ac3_041106a4\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_d47685b18b03e98461e680ed3be38675192b37_121f93d3\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_ea66d7e6a173e5136c142f48ee74db6c82c0a914_2108f154\Report.wer
c:\programdata\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_2cc370ce2f6955561f7a614da2d9979013cef866_07d8d6e3\Report.wer
c:\users\franck\AppData\Roaming\cacaoweb
c:\users\franck\AppData\Roaming\cacaoweb\adstorage.db
c:\users\franck\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\franck\AppData\Roaming\cacaoweb\errorlog.txt
c:\users\franck\AppData\Roaming\cacaoweb\replicating2303EAEF3DFFF7B0B5FC42906B18AB08.cacao
c:\users\franck\AppData\Roaming\cacaoweb\replicatingAC1CB25C7C1F5AE8021BD5FC2D0C7443.cacao
c:\users\franck\AppData\Roaming\cacaoweb\replicatingEDEFC5D88BD3C114A174FD8456FD1E85.cacao
c:\users\franck\AppData\Roaming\cacaoweb\storage.db
c:\users\franck\Desktop\cacaoweb.exe
c:\windows\$xntuninstall643$
c:\windows\$xntuninstall643$\apUninstall.exe
c:\windows\$XNTUninstall643$\mbdwt.dll
c:\windows\$XNTUninstall643$\xgOIr.dll
c:\windows\$xntuninstall643$\zrpt.xml
c:\windows\system32\imapidll.dll
.
----- BITS: Il y a peut-être des sites infectés -----
.
hxxp://au.download.windowsupdate.com
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-18 au 2011-04-18 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-18 16:12 . 2011-04-18 16:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-12 10:21 . 2011-04-12 10:21 -------- d-----w- c:\users\franck\AppData\Local\ElevatedDiagnostics
2011-04-11 17:32 . 2011-04-11 17:33 -------- d-----w- c:\program files\CCleaner
2011-04-11 16:34 . 2011-04-11 16:34 -------- d-----w- c:\windows\Sun
2011-04-07 17:31 . 2011-04-07 17:31 -------- d-----w- c:\windows\system32\240EF5B0AC89E166C39C76643AB71D27
2011-04-06 14:51 . 2011-04-06 15:12 316784 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-04-06 12:17 . 2011-04-06 15:11 -------- d-----w- c:\programdata\Comodo
2011-04-05 03:41 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-22 00:27 . 2011-03-22 00:27 -------- d-----w- c:\program files\Common Files\Adobe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-22 00:21 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-23 14:04 . 2010-06-29 11:38 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 14:04 . 2010-06-29 11:38 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 13:56 . 2010-06-29 11:40 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 13:55 . 2010-06-29 11:40 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 13:55 . 2010-06-29 11:40 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 13:55 . 2010-06-29 11:40 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 13:54 . 2010-06-29 11:40 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-19 05:33 . 2011-03-08 23:55 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-08 23:55 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-08 23:55 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-18 15:36 . 2011-02-18 15:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-03 05:45 . 2011-02-09 18:39 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 18:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-06-07 4176760]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-16 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-21 7625248]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-10 1218008]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe" [2010-06-29 231888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AMService;AMService;c:\windows\TEMP\ymxe\setup.exe run [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-29 135664]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-04-27 9216]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2009-08-21 114688]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2009-09-19 105088]
R4 wlcrasvc;Windows Live Devices remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-07-31 49504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 88176]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
S2 Rezip;Rezip;c:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
S2 SFR.DashBoard.Service;SFR.DashBoard.Service;c:\program files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe [2010-03-16 14488]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-21 189440]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-29 11:59]
.
2011-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-29 11:59]
.
2011-04-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-06-29 10:22]
.
2011-03-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-06-29 10:22]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.ask.com?o=16795S&l=dis
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\users\franck\AppData\Roaming\Mozilla\Firefox\Profiles\4gc9lsgd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW4&o=16795&locale=fr_FR&apn_uid=169C9F12-E380-4466-B09D-DE09DEC0B511&apn_ptnrs=3O&apn_sauid=94F68469-0C51-4B46-907D-30D32E40419E&apn_dtid=VIN008YYFR&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\Alwil Software\Avast5\WebRep\FF
FF - Ext: vShare Plugin: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: cacaoweb: cacaoweb@cacaoweb.org - %profile%\extensions\cacaoweb@cacaoweb.org
FF - Ext: Foxyproxy: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-SFR ABCd - c:\program files\SFR\Gestionnaire de Connexion SFR\ABCd_ZTE.exe
HKCU-Run-cacaoweb - c:\users\franck\AppData\Roaming\cacaoweb\cacaoweb.exe
HKCU-Run-Bpurezivanom - c:\users\franck\AppData\Local\SApm095.dll
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-bipro - c:\windows\$XNTUninstall643$\mbdwt.dll
Notify-glowext - c:\windows\system32\config\systemprofile\AppData\Local\glowext.dll
AddRemove-$XNTUninstall643$ - c:\windows\$XNTUninstall643$\apUninstall.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1680670562-1251304338-3357876734-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1680670562-1251304338-3357876734-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-04-18 18:26:44
ComboFix-quarantined-files.txt 2011-04-18 16:26
.
Avant-CF: 7 990 181 888 octets libres
Après-CF: 9 718 546 432 octets libres
.
- - End Of File - - 81E324A2E31F700F6F1F09B6EA566FC6
0
Réponse 11 / 32
Utilisateur anonyme
18 avril 2011 à 18:41
Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

ou ici :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/


/!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »

. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
Réponse 12 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 22:21
Ca fait déjà 3h et demi que malwarebytes scanne le PC... C'est normal que ça prenne si longtemps?
0
Réponse 13 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
18 avril 2011 à 23:08
Après plus de 4h d'analyse, voici ce fameux rapport


Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 6391

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18/04/2011 23:06:31
mbam-log-2011-04-18 (23-06-31).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 252090
Temps écoulé: 4 heure(s), 10 minute(s), 1 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\deployment\cache\6.0\0\540c36c0-75d0b83e (Malware.Packer) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\deployment\cache\6.0\51\542d3073-14701777 (Malware.Packer) -> Quarantined and deleted successfully.
c:\Windows\System32\gnuhashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.
0
Réponse 14 / 32
Utilisateur anonyme
19 avril 2011 à 07:53
bonjour,

relance MBAM, vide sa quarantaine,

repasse un nouveau zhpdiag tout neuf,

colle le lien du rapport hébergé ici :-)

0
Réponse 15 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
19 avril 2011 à 08:34
Voici le rapport ;)


Rapport de ZHPDiag v1.27.1903 par Nicolas Coolman, Update du 17/04/2011
Run by franck at 4/19/2011 8:23:06 AM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
MFIE: Mozilla Firefox v3.6.16 (fr)
GCIE: Google Chrome v10.0.648.205

---\\ System Information
Windows 7 Starter Edition, 32-bit (Build 7600)
Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1014.4 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (21%) free of 40 GB

---\\ Logged in mode
Computer Name: FRANCK-PC
User Name: franck
All Users Names: franck, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\franck\AppData\Roaming
%LocalAppData%=C:\Users\franck\AppData\Local
%StartMenu%=C:\Users\franck\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 40 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK



---\\ Recherche particulière de fichiers génériques
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.10/31/2009 6:45:39 AM.) -- C:\windows\Explorer.exe [2614272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 2:14:45 AM.) -- C:\windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2/24/2011 6:32:44 AM.) -- C:\windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/28/2009 7:17:59 AM.) -- C:\windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 2:26:15 AM.) -- C:\windows\system32\drivers\atapi.sys [21584]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.7/14/2009 2:20:44 AM.) -- C:\windows\system32\drivers\ntfs.sys [1210432]



---\\ Processus lancés
[MD5.796AD8EBEA1CBC334D07FCBE152E6167] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~1\mcafee.com\agent\mcagent.exe [1218008]
[MD5.A765B211BD4CF9EA4049B2000B2B9316] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [832512]
[MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800]
[MD5.64DC778A1447D73CD87F3480AB8381C3] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [93184]
[MD5.06F7D67EC4D15F11A2923268BAA937D3] - (...) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912]
[MD5.B181B99000E2E00C391F93353C72ABA5] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952]
[MD5.36916E254D0843603D65485FA45B3D87] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248]
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552]
[MD5.8BF167D30A11F4F06FB14BC6874192B2] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584]
[MD5.E0D6538B62C79FCBF0B27F95FAF3208B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [246504]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3451496]
[MD5.EEB19CBFC3B8C8C1892AE6F726A4BB49] - (...) -- C:\Users\franck\AppData\Roaming\cacaoweb\cacaoweb.exe [370416]
[MD5.1BB21F4C2573A13B9A7E1FC7A4215109] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1004088]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\windows\system32\rundll32.exe [44544]
[MD5.79C6F3A81CDEFAE468E8FCD9D622FD5F] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPFix.exe [496640]
[MD5.D6D0AD94EFC131772C3265F242D78FCB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [644096]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [franck] -- C:\Users\franck\AppData\Roaming\Mozilla\Firefox\Profiles\4gc9lsgd.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [franck] -- C:\Users\franck\AppData\Roaming\Mozilla\Firefox\Profiles\4gc9lsgd.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [franck] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [franck] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [franck] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [franck] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [franck] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [franck] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.3.4.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.3.2804.0607] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [@veetle.com/vbp;version=0.9.17] - (.Veetle Inc - Version 0.9.17, copyright 2008-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
M0 - MFSP: prefs.js [franck - 4gc9lsgd.default] www.google.fr
M2 - MFEP: prefs.js [franck - 4gc9lsgd.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.12 (.http://www.cacaoweb.org/
M2 - MFEP: prefs.js [franck - 4gc9lsgd.default\foxyproxy@eric.h.jung] [] Foxyproxy v0.9.7 (.CLeahScape, Inc..)
M2 - MFEP: prefs.js [franck - 4gc9lsgd.default\vshare@toolbar] [] vShare Plugin v1.0.0 (.vShare.)



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] McAfee SiteAdvisor v.3.31.131.2 (Désactivé)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.ask.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-1680670562-1251304338-3357876734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.ask.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-1680670562-1251304338-3357876734-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.11.3.15590) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,131) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [mcagent_exe] . (.McAfee, Inc. - McAfee Integrated Security Platform.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\franck\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKUS\S-1-5-21-1680670562-1251304338-3357876734-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1680670562-1251304338-3357876734-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1680670562-1251304338-3357876734-1000\..\Run: [cacaoweb] . (...) -- C:\Users\franck\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\franck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\franck\Desktop\Ares.lnk . (.Ares Development Group.) -- C:\Program Files\Ares\Ares.exe
O4 - Global Startup: C:\Users\franck\Desktop\CyberLink YouCam.lnk . (.CyberLink Corp..) -- C:\Program Files\CyberLink\YouCam\YouCam.exe
O4 - Global Startup: C:\Users\franck\Desktop\DivX Movies.lnk . (...) -- C:\Users\franck\Videos\DivX Movies
O4 - Global Startup: C:\Users\franck\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\windows\Installer\{C73F2967-062E-48F2-A462-D335B8950183}\SafariIco.exe
O4 - Global Startup: C:\Users\franck\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gestionnaire de Connexion.lnk . (.SFR.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe
O4 - Global Startup: C:\Users\franck\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\franck\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\franck\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe



---\\ ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype add-on for Internet Explorer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B00B6038-D4B1-4371-88B6-475CBB4EF341}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B00B6038-D4B1-4371-88B6-475CBB4EF341}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B00B6038-D4B1-4371-88B6-475CBB4EF341}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.188.0.1



---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\windows\system32\webcheck.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMService) - Clé orpheline
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Services.) - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Network Agent.) - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: (McODS) . (.McAfee, Inc. - McAfee VirusScan - On Demand Scan.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Proxy Service Module.) - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: (McSysmon) . (.McAfee, Inc. - McAfee SystemGuards Service.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: (MpfService) . (.McAfee, Inc. - McAfee Personal Firewall Service.) - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: (MSK80Service) . (.McAfee, Inc. - McAfee Anti-Spam Server.) - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: (OberonGameConsoleService) . (.Pas de propriétaire - OberonGameConsoleService.) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
O23 - Service: (Rezip) . (...) - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: (SFR.DashBoard.Service) . (.SFR - SFR.DashBoard.Service.) - C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\windows\Tasks\McDefragTask.job
O39 - APT:Automatic Planified Task - C:\windows\Tasks\McQcTask.job
[MD5.1BA4331122570A23452E8BA06F7C1672] [APT] [BatteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
[MD5.A765B211BD4CF9EA4049B2000B2B9316] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.21E151BEABD692DCE9911B8A71DC0332] [APT] [McQcTask] (.McAfee, Inc..) -- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
[MD5.6B773BA457B813850A76493B3425AB35] [APT] [Scheduled Update for Ask Toolbar] (.Pas de propriétaire.) -- C:\Program Files\Ask.com\UpdateTask.exe
[MD5.6FBBB73BE9FB38389AB73F38828A9CAC] [APT] [{626ED850-2D49-4BD1-924D-0C4A57462802}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - Pilote TCP/IP.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\System32\drivers\mfehidk.sys
O41 - Driver: (MPFP) . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - C:\Windows\System32\Drivers\Mpfp.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys
O41 - Driver: C:\windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: AnyPC Client - (.Doctorsoft.) [HKLM] -- {1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Ares 2.1.6 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D1434266-0486-4469-B338-A60082CC04E1}
O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: ChargeableUSB - (.SAMSUNG.) [HKLM] -- {92D50865-FC60-4EA8-BA7A-5581B0D13EFB}
O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {52CDDA92-56B6-4BA5-BD8D-E13B186008CB}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}
O42 - Logiciel: Easy Resolution Manager - (.Samsung.) [HKLM] -- {45535A5E-1F81-4F35-BE1D-43D10A7D03B4}
O42 - Logiciel: Easy SpeedUp Manager - (.Samsung Electronics Co.,Ltd..) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9}
O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}
O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
O42 - Logiciel: Galerie de photos Windows Live (bêta) - (.Microsoft Corporation.) [HKLM] -- {E672FA05-696F-4B98-ABC3-7A26B024496E}
O42 - Logiciel: Game Pack - (.Oberon Media, Inc..) [HKLM] -- {63eafc52-b963-4297-a7eb-d412944e7065}_is1
O42 - Logiciel: Gestionnaire de Connexion SFR 3.0 - (.SFR.) [HKLM] -- {FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1
O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Java(TM) 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {11EFF057-8ED2-4321-A19D-D673DECB36CC}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {035C76D2-7D8E-484D-8CA3-686C0B474A2B}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {2C4F4D53-78D6-41FB-A4D7-105C537464EB}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {314E3413-E1B7-4148-BE2E-F68FE449F033}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.16) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.16)
O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Pas de propriétaire.) [HKCU] -- Octoshape add-in for Adobe Flash Player
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: REALTEK Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {F2BC3383-F000-410C-A038-3846ADBE8D90}
O42 - Logiciel: Realtek Ethernet Controller Driver For Windows Vista and Later - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C73F2967-062E-48F2-A462-D335B8950183}
O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {4D2121FE-5CCC-4D47-B3A0-BF56045A5099}
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: User Guide - (.Pas de propriétaire.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) - (.Broadcom.) [HKLM] -- B7541EC5F72AA713F557569278EB6273725F5607
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- A6A8668C0A13640CA28FE2A7D9654BE4AE478B13
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE
O42 - Logiciel: Windows Live Bêta - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live Bêta - (.Microsoft Corporation.) [HKLM] -- {231E4621-2428-405D-A7A4-8EB93486BAC7}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {FA5D1C9E-154D-49B1-8CF0-DF5FAB6171EA}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {293493A8-6EF6-4335-8C96-08D2A8E87C73}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {A5DA9FAD-C016-4B49-8A04-4F2B2BF04A7B}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {00450E05-6F4C-42E5-9598-02CF18378FEA}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {46BAF2A0-3789-4E49-B000-4BB64426D1BF}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {488A6828-2E74-4517-9E9E-CD50664B0EBE}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {2607FE6B-1D61-46E5-A544-54666B0EF908}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {795851D4-BA00-4965-B2A8-94AA9C7C2789}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {2578D94A-A88A-4643-9DAA-F0A5E981EB04}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {8D73EFE7-ED6F-49C6-9685-C712A00F8DDD}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {9D0467C4-F69C-4E9D-8765-7774D8971F5C}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {46C106C9-3856-4A6A-AAC8-7070FBA02D2F}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {B6E6635A-4147-4101-BDF7-FDD7F38281FB}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {B5BD2B33-FDB8-4DE5-87B3-2810CAF4A6E4}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {61E7F654-7D99-4C69-94D8-DF53E297AF9B}
O42 - Logiciel: Windows Live Photo Common Beta - (.Microsoft Corporation.) [HKLM] -- {15643FB9-1509-44B2-A8CD-9868CB804A5B}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {91803386-4FBD-4C38-9644-26B0F9464031}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {98C73E3D-0486-4DD8-938B-EC9B1AF35B9C}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {E68CB7D2-E092-4898-94A5-19CF4FEC4E32}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {158154A2-4267-44FA-BB07-65E101E2920E}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {91F60D84-7781-4298-9FA4-529C5A5D4371}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {EFBE9DAB-9C80-4911-847B-2A2C25E8F9CB}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {74B0BEB0-2EB3-448F-B8E9-40983BC902E1}
O42 - Logiciel: Windows Live Sync ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {D65F8E34-C050-4E6C-86DB-D2B9075749A0}
O42 - Logiciel: Windows Live Sync Beta - (.Microsoft Corporation.) [HKLM] -- {15AFFFD3-0E7E-4F56-B393-F22A2FE1A63D}
O42 - Logiciel: Windows Live Sync Beta - (.Microsoft Corporation.) [HKLM] -- {7A8E7F22-3628-4846-A578-516BDCB2CEAA}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {6592C2B8-949A-4C88-BCB9-0990A218B215}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {59AFDB2C-9A14-404E-8574-B4BDAEFD13CF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {224935E4-2014-4B22-95DC-2CCF5428B4BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {66AF75C3-39FC-4B6F-A05D-C02E9088194C}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {EE338AB8-4E85-4C04-AC07-1357A266DD35}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62D14F31-92AF-4854-B9C9-C08F7F557F84}
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ares]
[HKCU\Software\Ask.com]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DivX]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SFR]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Veetle]
[HKCU\Software\Wget]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\cacaoweb]
[HKCU\Software\nadoicm]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASK]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AskToolbar]
[HKLM\Software\Atheros]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CHECKINSTALLER]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Dr.Soft]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Phoenix Technologies]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SFR]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Swearware]
[HKLM\Software\Synaptics]
[HKLM\Software\Veetle]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Z-opti]
[HKLM\Software\mcafeeup
0
Réponse 16 / 32
Utilisateur anonyme
Modifié par Electricien 69 le 20/04/2011 à 07:04
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/

<gras>O.o°*??? Membre, Contributeur Sécurité CCM o°.Oø¤º°'°º¤ø

O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire. Une fois ton problème passé, coche ton message comme résolu.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø
0
Réponse 17 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
19 avril 2011 à 16:05
Voici!

http://www.cijoint.fr/cjlink.php?file=cj201104/cijmYrg9PH.txt
0
Réponse 18 / 32
Utilisateur anonyme
19 avril 2011 à 23:38
* Télécharge de AD-Remover sur ton Bureau. (Merci à l'équipe TeamXscript)
http://www.teamxscript.org/adremoverTelechargement.html
( Lien officiel )

https://www.androidworld.fr/
( Miroir )
/!\ Ferme toutes applications en cours /!\

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
0
Réponse 19 / 32
tambourine Messages postés 18 Date d'inscription lundi 18 avril 2011 Statut Membre Dernière intervention 21 avril 2011
20 avril 2011 à 01:04
voici!



======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 00:49:35 le 20/04/2011, Mode normal

Microsoft Windows 7 Édition Starter (X86)
franck@FRANCK-PC (SAMSUNG ELECTRONICS CO., LTD. N140)

============== ACTION(S) ==============


Fichier supprimé: C:\windows\system32\Tasks\Scheduled Update for Ask Toolbar
Fichier supprimé: C:\Users\franck\AppData\Roaming\Mozilla\FireFox\Profiles\4gc9lsgd.default\searchplugins\askcom.xml
Dossier supprimé: C:\Users\franck\AppData\Roaming\Mozilla\FireFox\Profiles\4gc9lsgd.default\extensions\vshare@toolbar
Dossier supprimé: C:\Program Files\Ask.com
Dossier supprimé: C:\Users\franck\AppData\LocalLow\AskToolbar

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\franck\AppData\Roaming\Mozilla\FireFox\Profiles\4gc9lsgd.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
Ligne supprimée: user_pref("browser.search.selectedEngine", "Ask.com");
Ligne supprimée: user_pref("extensions.asktb.cbid", "3O");
Ligne supprimée: user_pref("extensions.asktb.clear-searches-on-exit", true);
Ligne supprimée: user_pref("extensions.asktb.config-updated", false);
Ligne supprimée: user_pref("extensions.asktb.crumb", "2010.10.13+03.42.09-toolbar003iad-FR-VHJveWVzLEZyYW5jZQ%3D%3D")...
Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&o={o}&l={l}&...
Ligne supprimée: user_pref("extensions.asktb.dtid", "VIN008YYFR");
Ligne supprimée: user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&s...
Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
Ligne supprimée: user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com...
Ligne supprimée: user_pref("extensions.asktb.l", "dis");
Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1301436803888");
Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne supprimée: user_pref("extensions.asktb.o", "16795");
Ligne supprimée: user_pref("extensions.asktb.options-lang", "fr");
Ligne supprimée: user_pref("extensions.asktb.options-locale", "FR");
Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
Ligne supprimée: user_pref("extensions.asktb.r", "2");
Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", true);
Ligne supprimée: user_pref("extensions.asktb.silent-upgrade", true);
Ligne supprimée: user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Ligne supprimée: user_pref("extensions.asktb.to", "16795T");
Ligne supprimée: user_pref("extensions.enabledItems", "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1,vshare@toolbar:1....
Ligne supprimée: user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW4&o=16795&locale=...
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé supprimée: HKLM\Software\AskToolbar
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé supprimée: HKU\.DEFAULT\Software\AskToolbar
Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.16 (fr)] ****

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )
HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files\McAfee\SiteAdvisor

-- C:\Users\franck\AppData\Roaming\Mozilla\FireFox\Profiles\4gc9lsgd.default --
Extensions\cacaoweb@cacaoweb.org (cacaoweb)
Extensions\foxyproxy@eric.h.jung (Foxyproxy)
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
Prefs.js - browser.startup.homepage, www.google.fr
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\PROGRA~1\mcafee\msk\mskapbho.dll)
BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 30 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 20/04/2011 00:51:24 (10316 Octet(s))

Fin à: 00:54:58, 20/04/2011

============== E.O.F ==============

merci encore, je REVIS!
0
Réponse 20 / 32
Utilisateur anonyme
20 avril 2011 à 07:06
bonjour,

relance ADR, clique sur désinstaller,


relance zhpdiag,
clique sur la flèce verte pour lancer une mise à jour,

une fois a mise à jour términée,

clique sur la loupe pour lancer le scan,

* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/

0