Sujet Précédent Sujet Suivant

Problème adware

Résolu/Fermé
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 - 12 sept. 2010 à 12:45
 professeur75 - 18 août 2011 à 08:43
Bonjour, comment je peu faire pour suprime l'adware suivant Gen:Adware.Heur.xy9@RSKFplci , merci .



A voir également:

69 réponses

Précédent
Réponse 21 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
14 sept. 2010 à 18:18
a
0
Réponse 22 / 69
Utilisateur anonyme
14 sept. 2010 à 19:05
essaie de le désinstaller via ajout/suppression de programme :-)
0
Réponse 23 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
14 sept. 2010 à 20:27
je désinstaller quoi
0
Réponse 24 / 69
Utilisateur anonyme
14 sept. 2010 à 20:35
C:\Program Files\Cicle Developement
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
14 sept. 2010 à 20:38
je ne le retrouve pas dans ajout/suppression de programme
0
Réponse 26 / 69
Utilisateur anonyme
14 sept. 2010 à 21:08
ok,
repasse un autre zhpdiag, enregistre son rapport sur ton bureau, héberge son rapport sur Cijoint ....

0
Réponse 27 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
14 sept. 2010 à 21:37
http://www.cijoint.fr/cjlink.php?file=cj201009/cijpH32rOg.txt
0
Réponse 28 / 69
Utilisateur anonyme
15 sept. 2010 à 17:46
bonjour,
redemarre ton pc en mode sans echec avec la prise en charge du réseau, puis lance ceci :

https://forums.commentcamarche.net/forum/affich-19160956-probleme-adware?full#19
0
Réponse 29 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
15 sept. 2010 à 18:39
bonjour ca ne marche ton lien
0
Réponse 30 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
15 sept. 2010 à 18:49
le dossier cicle developement est vide
0
Réponse 31 / 69
Utilisateur anonyme
Modifié par Electricien 69 le 15/09/2010 à 19:19
si le dosseir est vide, vire le direct !

relance Combofix, aide toi de ce poste:

https://forums.commentcamarche.net/forum/affich-19160956-probleme-adware?full#3


O.o°*??? Membre, Contributeur Sécurité CCM o°.Oø¤º°'°º¤ø
0
Réponse 32 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
15 sept. 2010 à 19:44
ComboFix 10-09-14.05 - stephane doux 15/09/2010 19:30:21.3.1 - x86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.959.732 [GMT 2:00]
Lancé depuis: c:\documents and settings\stephane doux\Mes documents\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\INSTALL.LOG
c:\program files\Internet Explorer\SET45.tmp
c:\program files\Internet Explorer\SET46.tmp
c:\windows\system32\_004270_.tmp.dll
c:\windows\system32\_004271_.tmp.dll
c:\windows\system32\_004272_.tmp.dll
c:\windows\system32\_004273_.tmp.dll
c:\windows\system32\_004280_.tmp.dll
c:\windows\system32\_004281_.tmp.dll
c:\windows\system32\_004282_.tmp.dll
c:\windows\system32\_004283_.tmp.dll
c:\windows\system32\_004285_.tmp.dll
c:\windows\system32\_004286_.tmp.dll
c:\windows\system32\_004289_.tmp.dll
c:\windows\system32\_004290_.tmp.dll
c:\windows\system32\_004292_.tmp.dll
c:\windows\system32\_004293_.tmp.dll
c:\windows\system32\_004294_.tmp.dll
c:\windows\system32\_004296_.tmp.dll
c:\windows\system32\_004299_.tmp.dll
c:\windows\system32\_004300_.tmp.dll
c:\windows\system32\_004302_.tmp.dll
c:\windows\system32\_004304_.tmp.dll
c:\windows\system32\_004305_.tmp.dll
c:\windows\system32\_004307_.tmp.dll
c:\windows\system32\_004310_.tmp.dll
c:\windows\system32\_004312_.tmp.dll
c:\windows\system32\_004313_.tmp.dll
c:\windows\system32\_004314_.tmp.dll
c:\windows\system32\_004315_.tmp.dll
c:\windows\system32\_004316_.tmp.dll
c:\windows\system32\_004319_.tmp.dll
c:\windows\system32\_004320_.tmp.dll
c:\windows\system32\_004321_.tmp.dll
c:\windows\system32\_004322_.tmp.dll
c:\windows\system32\_004323_.tmp.dll
c:\windows\system32\_004328_.tmp.dll
c:\windows\system32\_004330_.tmp.dll
c:\windows\system32\796525
c:\windows\t55ft2692f44.dat

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-15 au 2010-09-15 ))))))))))))))))))))))))))))))))))))
.

2010-09-15 16:19 . 2010-09-15 16:19 -------- d-----w- c:\windows\LastGood
2010-09-14 05:56 . 2010-09-15 16:39 -------- d-----w- C:\Lop SD
2010-09-13 18:01 . 2010-09-13 19:21 -------- d-----w- c:\program files\Ad-Remover
2010-09-12 14:11 . 2010-09-14 19:36 -------- d-----w- c:\program files\ZHPDiag
2010-09-12 10:36 . 2010-09-12 10:36 -------- d-----w- c:\documents and settings\stephane doux\Application Data\QuickScan
2010-09-12 08:40 . 2010-09-12 08:40 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2010-09-10 18:08 . 2010-09-10 18:26 -------- d-----w- c:\program files\PC Speed Maximizer
2010-08-19 10:47 . 2010-08-19 10:47 -------- d-----w- c:\program files\MarkAnyContentSAFER
2010-08-19 10:14 . 2010-08-19 10:43 89280248 ----a-w- c:\documents and settings\stephane doux\Application Data\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 11:06 . 2007-08-08 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-09-10 18:01 . 2007-08-08 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-09 10:46 . 2009-05-22 20:10 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-07 15:12 . 2010-07-21 09:01 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2009-05-04 13:55 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2009-05-04 13:55 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2009-05-04 13:55 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2009-05-04 13:55 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2009-05-04 13:55 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2009-05-04 13:55 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2009-05-04 13:55 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2009-05-04 13:55 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-19 10:51 . 2007-08-08 17:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-19 10:45 . 2007-10-25 15:26 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-08-19 10:14 . 2004-08-05 12:00 81648 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-19 10:14 . 2004-08-05 12:00 502280 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-14 16:55 . 2008-01-04 09:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-07-25 04:07 . 2007-08-08 19:33 -------- d-----w- c:\documents and settings\stephane doux\Application Data\Azureus
2010-06-30 12:32 . 2008-09-08 16:15 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:25 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2008-09-08 16:15 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-09-08 16:15 354304 ----a-w- c:\windows\system32\drivers\srv.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\Neuf\Kit\SFRNavErrorHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DL32"="DL32" [X]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpriteService"="c:\program files\Sprite Software\Sprite Backup\SpriteService.exe" [2006-08-15 544768]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-08-19 102400]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-08 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMremind.exe [2007-12-28 323584]
Monitor.lnk - c:\program files\ArcSoft\Media Card Companion\MCC Monitor.exe [2007-10-27 110592]

[HKLM\~\startupfolder\C:^Documents and Settings^stephane doux^Menu Démarrer^Programmes^Démarrage^OneNote 2007 - Capture d'écran et lancement.lnk]
path=c:\documents and settings\stephane doux\Menu Démarrer\Programmes\Démarrage\OneNote 2007 - Capture d'écran et lancement.lnk
backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^stephane doux^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\stephane doux\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-03-16 10:45 63712 ----a-w- c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-08 17:40 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\eMule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Sprite Software\\Sprite Backup\\SpriteService.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [04/05/2009 15:55 165584]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [04/05/2009 15:55 17744]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [26/09/2009 12:39 233472]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/02/2010 19:57 135664]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [26/09/2009 12:39 36608]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\h:\ntglm7x.sys --> h:\NTGLM7X.sys [?]
.
Contenu du dossier 'Tâches planifiées'

2010-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-09-15 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-08 02:31]

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 17:56]

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 17:56]

2010-09-15 c:\windows\Tasks\User_Feed_Synchronization-{318B34C3-FFD3-4B71-9F7B-EC4CB0C38442}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = http=localhost:7171
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.79\AMVConverter\grab.html
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 3.79\MediaManager\grab.html
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe
HKCU-Run-Device Detection - c:\program files\Foto.com\Editeur Foto.com\dd.exe
HKLM-Run-NPSStartup - (no file)
AddRemove-Notification de cadeaux MSN - c:\documents and settings\stephane doux\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 19:35
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2010-09-15 19:37:13
ComboFix-quarantined-files.txt 2010-09-15 17:37

Avant-CF: 82 640 097 280 octets libres
Après-CF: 82 699 366 400 octets libres

- - End Of File - - 457DA3B45F9BF8B33FC1D06E5B49D751
0
Réponse 33 / 69
Utilisateur anonyme
15 sept. 2010 à 20:26
Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

ou ici : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/


/!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »

. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

0
Réponse 34 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
16 sept. 2010 à 19:52
bonjour electricien 69 , au boulot toute la journée , avais lancer le scan mais l'ordi a redemarer pour une mise a jour , oblige de recommencer
0
Réponse 35 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
16 sept. 2010 à 21:52
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4621

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16/09/2010 21:51:34
mbam-log-2010-09-16 (21-51-34).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 224793
Temps écoulé: 1 heure(s), 1 minute(s), 8 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dl32 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1042\A0130379.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1042\A0130380.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1042\A0130381.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1042\A0130382.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1042\A0130383.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1042\A0130384.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1044\A0132399.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1044\A0132409.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A4539832-D56D-4095-A31B-F288B2AF0C4F}\RP1044\A0132410.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
0
Réponse 36 / 69
Utilisateur anonyme
17 sept. 2010 à 17:49
bonsoir,
relance MBAM, vide sa quarantaine.

repasse un autre zhpdiag, enregistre son rapport sur ton bureau, héberge le sur Cijoint, colle le lien sur ton prochain message :-)

0
Réponse 37 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
17 sept. 2010 à 20:29
http://www.cijoint.fr/cjlink.php?file=cj201009/cijaxxBJZE.txt
0
Réponse 38 / 69
Utilisateur anonyme
17 sept. 2010 à 21:10
DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est detecté a tort comme infection)

Télécharge ici :List_Kill'em et enregistre le sur ton bureau

http://sd-4.archive-host.com/

ou

http://www.archive-host.com

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur le raccourci sur ton bureau pour lancer l'installation

Laisse coché :

Executer List_Kill'em

une fois terminée , clic sur "terminer" et le programme se lancera seul

choisis le bouton TOOLS
puis le bouton KILLPROXY
poste le rapport
0
Réponse 39 / 69
steph0404 Messages postés 245 Date d'inscription jeudi 26 juillet 2007 Statut Membre Dernière intervention 3 août 2017 7
18 sept. 2010 à 20:15
¤¤¤¤¤¤¤¤¤¤ List'em by g3n-h@ckm@n 2.1.0.6 ¤¤¤¤¤¤¤¤¤¤

User : stephane doux (Administrateurs)
Update on 18/09/2010 by g3n-h@ckm@n ::::: 15.20
Start at: 18:27:22 | 18/09/2010

AMD Sempron(tm) Processor 2600+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886757 [ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 152,66 Go (76,72 Go free) | NTFS
H:\ -> Disque CD-ROM

Boot: Normal

¤¤¤¤¤¤ Processes ------- Memory(Ko) ------- Priority ------ Command ------- Signer


C:\WINDOWS\System32\smss.exe ---- 416 Ko ---- Normal ---- \SystemRoot\System32\smss.exe ----
C:\WINDOWS\system32\csrss.exe ---- 5500 Ko ---- Normal ---- C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ----
C:\WINDOWS\system32\winlogon.exe ---- 4240 Ko ---- High ---- winlogon.exe ----
C:\WINDOWS\system32\services.exe ---- 4204 Ko ---- Normal ---- C:\WINDOWS\system32\services.exe ----
C:\WINDOWS\system32\lsass.exe ---- 1884 Ko ---- Normal ---- C:\WINDOWS\system32\lsass.exe ----
C:\WINDOWS\system32\svchost.exe ---- 5316 Ko ---- Normal ---- C:\WINDOWS\system32\svchost -k DcomLaunch ----
C:\WINDOWS\system32\svchost.exe ---- 4516 Ko ---- Normal ---- C:\WINDOWS\system32\svchost -k rpcss ----
C:\WINDOWS\System32\svchost.exe ---- 38768 Ko ---- Normal ---- C:\WINDOWS\System32\svchost.exe -k netsvcs ----
C:\WINDOWS\system32\svchost.exe ---- 3428 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup ----
C:\WINDOWS\system32\svchost.exe ---- 4408 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k NetworkService ----
C:\WINDOWS\system32\svchost.exe ---- 6348 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k LocalService ----
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe ---- 40256 Ko ---- Normal ---- "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" ---- ALWIL Software
C:\WINDOWS\system32\spoolsv.exe ---- 7956 Ko ---- Normal ---- C:\WINDOWS\system32\spoolsv.exe ----
C:\WINDOWS\Explorer.EXE ---- 27552 Ko ---- Normal ---- C:\WINDOWS\Explorer.EXE ----
C:\Program Files\Logitech\QuickCam\Quickcam.exe ---- 11696 Ko ---- Normal ---- "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ---- Logitech Inc
C:\Program Files\Java\jre6\bin\jusched.exe ---- 5260 Ko ---- Normal ---- "C:\Program Files\Java\jre6\bin\jusched.exe" ---- Sun Microsystems, Inc.
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe ---- 4884 Ko ---- Normal ---- "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" ---- Adobe Systems Incorporated
C:\Program Files\QuickTime\QTTask.exe ---- 2608 Ko ---- Normal ---- "C:\Program Files\QuickTime\QTTask.exe" -atboottime ----
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe ---- 9672 Ko ---- Normal ---- "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" ---- Nero AG
C:\Program Files\Microsoft ActiveSync\wcescomm.exe ---- 5080 Ko ---- Normal ---- "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" ---- Microsoft Corporation
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe ---- 4288 Ko ---- Normal ---- "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe" ----
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe ---- 3500 Ko ---- Normal ---- "C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" ----
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ---- 628 Ko ---- Normal ---- "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ---- Google Inc
C:\WINDOWS\system32\ctfmon.exe ---- 3300 Ko ---- Normal ---- "C:\WINDOWS\system32\ctfmon.exe" ----
C:\WINDOWS\system32\svchost.exe ---- 3904 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k LocalService ----
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe ---- 3536 Ko ---- Normal ---- "C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe" -r ----
C:\PROGRA~1\MICROS~4\rapimgr.exe ---- 5252 Ko ---- Normal ---- C:\PROGRA~1\MICROS~4\rapimgr.exe -Embedding ---- Microsoft Corporation
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe ---- 4608 Ko ---- Normal ---- "C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe" -Embedding ---- Logitech Inc
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe ---- 2688 Ko ---- Normal ---- "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" ---- Apple Inc.
C:\Program Files\Bonjour\mDNSResponder.exe ---- 3696 Ko ---- Normal ---- "C:\Program Files\Bonjour\mDNSResponder.exe" ---- Apple Inc.
C:\WINDOWS\system32\FsUsbExService.Exe ---- 2712 Ko ---- Normal ---- C:\WINDOWS\system32\FsUsbExService.Exe ----
C:\Program Files\Java\jre6\bin\jqs.exe ---- 1380 Ko ---- Idle ---- "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" ---- Sun Microsystems, Inc.
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe ---- 2624 Ko ---- Normal ---- "C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe" ---- Logitech Inc
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe ---- 8616 Ko ---- Normal ---- "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" ---- Microsoft Corporation
C:\WINDOWS\system32\svchost.exe ---- 4708 Ko ---- Normal ---- C:\WINDOWS\system32\svchost.exe -k imgsvc ----
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe ---- 9364 Ko ---- Normal ---- "C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe" ---- Nero AG
C:\WINDOWS\System32\alg.exe ---- 3624 Ko ---- Normal ---- C:\WINDOWS\System32\alg.exe ----
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe ---- 14772 Ko ---- Normal ---- "C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding ---- Nero AG
C:\WINDOWS\System32\svchost.exe ---- 3484 Ko ---- Normal ---- C:\WINDOWS\System32\svchost.exe -k HTTPFilter ----
C:\WINDOWS\system32\wbem\wmiapsrv.exe ---- 4580 Ko ---- Normal ---- C:\WINDOWS\system32\wbem\wmiapsrv.exe ----
C:\Program Files\Java\jre6\bin\jucheck.exe ---- 7164 Ko ---- Normal ---- "C:\Program Files\Java\jre6\bin\jucheck.exe" -auto ---- Sun Microsystems, Inc.
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 34168 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 13492 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=extension --lang=fr --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3292.00F19C00.1057391158 /prefetch:3 --ignored=" --type=renderer " ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 8016 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Documents and Settings\stephane doux\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.38\npqslauncher.dll" --lang=fr --plugin-data-dir="C:\Documents and Settings\stephane doux\Local Settings\Application Data\Google\Chrome\User Data\Default" --channel=3292.0414F64C.1304711495 /prefetch:4 ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 32264 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3292.04633780.2012649177 /prefetch:3 ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 40560 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3292.045FEA80.1469888422 /prefetch:3 ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 26572 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3292.0646A300.1837661077 /prefetch:3 ---- Google Inc
C:\Program Files\ZHPDiag\ZHPDiag.exe ---- 2952 Ko ---- Normal ---- "C:\Program Files\ZHPDiag\ZHPDiag.exe" ----
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 21368 Ko ---- Below Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3292.064CA480.1819801705 /prefetch:3 ---- Google Inc
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 36232 Ko ---- Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files\Google\Chrome\Application\6.0.472.59\gcswf32.dll" --lang=fr --plugin-data-dir="C:\Documents and Settings\stephane doux\Local Settings\Application Data\Google\Chrome\User Data\Default" --channel=3292.04486E4C.617596950 /prefetch:4 ---- Google Inc
C:\WINDOWS\system32\rundll32.exe ---- 2304 Ko ---- Normal ---- "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\shell32.dll,Control_RunDLL "C:\WINDOWS\system32\wscui.cpl",Centre de sécurité ----
C:\Program Files\Alwil Software\Avast5\AvastUI.exe ---- 4864 Ko ---- Normal ---- "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" ---- ALWIL Software
C:\Program Files\Google\Chrome\Application\chrome.exe ---- 33684 Ko ---- Below Normal ---- "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_done/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3292.03E9A300.1544328477 /prefetch:3 ---- Google Inc
C:\WINDOWS\system32\cmd.exe ---- 2844 Ko ---- Normal ---- C:\WINDOWS\system32\cmd.exe /K List'em.bat ----
C:\WINDOWS\system32\wbem\wmiprvse.exe ---- 6892 Ko ---- Normal ---- C:\WINDOWS\system32\wbem\wmiprvse.exe ----
C:\Program Files\List_Kill'em\pv.exe ---- 2792 Ko ---- Normal ---- pv -o"%f ---- %m Ko ---- %p ---- %l ---- %s" ----


¤¤¤¤¤¤¤¤¤¤ Keys "Run" ¤¤¤¤¤¤¤¤¤¤

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
H/PC Connection Agent REG_SZ "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
SpriteService REG_SZ "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
AutoStartNPSAgent REG_SZ C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Synchronization Manager REG_EXPAND_SZ %SystemRoot%\system32\mobsync.exe /logon
LogitechQuickCamRibbon REG_SZ "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

¤¤¤¤¤¤¤¤¤¤ Other System Keys ¤¤¤¤¤¤¤¤¤¤

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 323 (0x143)
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDrives REG_DWORD 0 (0x0)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDriveTypeAutoRun REG_DWORD 323 (0x143)
NoDrives REG_DWORD 0 (0x0)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell REG_SZ Explorer.exe
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Azureus\Azureus.exe REG_SZ C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\eMule\eMule.exe REG_SZ C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus
C:\WINDOWS\system32\dpvsetup.exe REG_SZ C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe REG_SZ C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup
C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Microsoft ActiveSync\rapimgr.exe REG_SZ C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
C:\Program Files\Microsoft ActiveSync\wcescomm.exe REG_SZ C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe REG_SZ C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe REG_SZ C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe:*:Enabled:Sprite Backup PC Service
C:\Program Files\Shareaza\Shareaza.exe REG_SZ C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe REG_SZ C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server
C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe REG_SZ C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Microsoft ActiveSync\rapimgr.exe REG_SZ C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
C:\Program Files\Microsoft ActiveSync\wcescomm.exe REG_SZ C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe REG_SZ C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
C:\Program Files\MSN Messenger\livecall.exe REG_SZ C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

¤¤¤¤¤¤¤¤¤¤ ActivX | COM ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{166B1BCA-3F9C-11CF-8075-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{215B8138-A3CF-44C5-803F-8226143CFC0A}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D6F45B3-9043-443D-A792-115447494D24}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5ED80217-570B-4DA9-BF44-BE107C0EC166}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{80DD2229-B8E4-4C77-B72F-F22972D723EA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D4323BF2-006A-4440-A2F5-27E3E7AB25F8}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}]

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{CB58DED6-4AF3-4080-9DF1-DEE72075169F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\D27CDB6E-AE6D-11CF-96B8-444553540000]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{233C1507-6A77-46A4-9443-F871F945D258}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA851-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]

¤¤¤¤¤¤¤¤¤¤ BHO ¤¤¤¤¤¤¤¤¤¤

[<NO NAME> REG_SZ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

¤¤¤¤¤¤¤¤¤¤ DNS ¤¤¤¤¤¤¤¤¤¤

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7926326E-C2F3-4914-A942-C3CB97AE0D03}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7926326E-C2F3-4914-A942-C3CB97AE0D03}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{7926326E-C2F3-4914-A942-C3CB97AE0D03}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


¤¤¤¤¤¤¤¤¤¤ Internet Explorer ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Default_Search_URL REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Search Page REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

¤¤¤¤¤ Proxy Internet Explorer

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
ProxyHttp1.1 REG_DWORD 0 (0x0)
ProxyEnable REG_DWORD 0 (0x0)
ProxyServer REG_SZ http=localhost:7171


¤¤¤¤¤¤¤¤¤¤ Proxy Firefox ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ TaskCache ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ IFEO ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apitrap.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ASSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cleanup.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cqw32.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divxdec.ax]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DJSMAR00.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRMINST.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\enc98.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncodeDivXExt.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncryptPatchVer.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\front.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fullsoft.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GBROWSER.DLL]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmarq.ocx]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmm.ocx]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ishscan.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ISSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\javai.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm_g.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\main123w.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mngreg32.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msci_uno.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscoree.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorsvr.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorwks.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msjava.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mso.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NAVOPTRF.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NeVideoFX.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NPMLIC.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NSWSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\photohse.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PMSTE.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppw32hlp.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\printhse.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prwin8.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ps80.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\psdmt.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qfinder.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qpw.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\salwrap.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup32.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sevinst.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symlcnet.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\tcore_ebook.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TFDTCTT8.DLL]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ua80.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\udtapi.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ums.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vb40032.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbe6.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wpwin8.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xlmlEN.dll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xwsetup.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Your Image File Name Here without a path]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\_INSTPGM.EXE]

¤¤¤¤¤¤¤¤¤¤ File Protection ¤¤¤¤¤¤¤¤¤¤

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]
SFCDisable REG_DWORD 0 (0x0)

¤¤¤¤¤¤¤¤¤¤ Safemode ¤¤¤¤¤¤¤¤¤¤

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network : OK !!

¤¤¤¤¤¤¤¤¤¤ Atapi.sys ¤¤¤¤¤¤¤¤¤¤

[MD5.cdfe4411a69c224bd1d11b2da92dac51] - C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\ERDNT\cache\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[MD5.9f3a2f5aa6875c72bf062c712cfa2674] - C:\WINDOWS\system32\drivers\atapi.sys

¤¤¤¤¤ Reference

Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP1_32b : 95b858761a00e1d4f81f79a0da019aca
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 338c86357871c167a96ab976519bf59e
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C

¤¤¤¤¤¤¤¤¤¤ Explorer ¤¤¤¤¤¤¤¤¤¤

[MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\explorer.exe
[MD5.b795475444d6d57a572c14b9e1a29839] - C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[MD5.d0288319660edcfed07c7e74c4ea38a5] - C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[MD5.4c33e5b9a6197b6ed215f6cfba0a2daa] - C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\ERDNT\cache\explorer.exe
[MD5.f2317622d29f9ff0f88aeecd5f60f0dd] - C:\WINDOWS\ServicePackFiles\i386\explorer.exe

¤¤¤¤¤¤¤¤¤¤ Winlogon ¤¤¤¤¤¤¤¤¤¤

[MD5.d2de785aeab0bb8ca4c14a8a199dbe4e] - C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\ERDNT\cache\winlogon.exe
[MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[MD5.dd73d6b9f6b4cb630cf35b438b540174] - C:\WINDOWS\system32\winlogon.exe

¤¤¤¤¤¤¤¤¤¤ Drive ¤¤¤¤¤¤¤¤¤¤

Défragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
153 Go total, 76,73 Go libre (50%), 5% fragmenté (fragmentation du fichier 10%)

Il ne vous est pas nécessaire de défragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Mountpoints2 ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ Rogues Infections ¤¤¤¤¤¤¤¤¤¤


¤¤¤¤¤¤¤¤¤¤ Files/folders ¤¤¤¤¤¤¤¤¤¤

Present !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadD500.exe
Present !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadX800.exe
Present !! : C:\Program Files\Samsung\Samsung PC Studio 3\Update\util\UnZipTemp\OrgLoadZ510.exe
Present !! : C:\WINDOWS\002801_.tmp
Present !! : C:\WINDOWS\002809_.tmp
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET495.tmp
Present !! : C:\WINDOWS\SET8.tmp
Present !! : C:\WINDOWS\SlantAdj.dll
Present !! : C:\WINDOWS\System32\drivers\_004247_.tmp.dll
Present !! : C:\WINDOWS\System32\SET103F.tmp
Present !! : C:\WINDOWS\System32\SET1040.tmp
Present !! : C:\WINDOWS\System32\SET1045.tmp
Present !! : C:\WINDOWS\System32\SET104A.tmp
Present !! : C:\WINDOWS\System32\SET1058.tmp
Present !! : C:\WINDOWS\System32\SET1081.tmp
Present !! : C:\WINDOWS\System32\SET18E.tmp
Present !! : C:\WINDOWS\System32\SET18F.tmp
Present !! : C:\WINDOWS\System32\SET191.tmp
Present !! : C:\WINDOWS\System32\SET193.tmp
Present !! : C:\WINDOWS\System32\SET195.tmp
Present !! : C:\WINDOWS\System32\SET19C.tmp
Present !! : C:\WINDOWS\System32\SET19D.tmp
Present !! : C:\WINDOWS\System32\SET1A0.tmp
Present !! : C:\WINDOWS\System32\SET1AB.tmp
Present !! : C:\WINDOWS\System32\SET1AC.tmp
Present !! : C:\WINDOWS\System32\SET1AD.tmp
Present !! : C:\WINDOWS\System32\SET1AF.tmp
Present !! : C:\WINDOWS\System32\SET1B0.tmp
Present !! : C:\WINDOWS\System32\SET1B1.tmp
Present !! : C:\WINDOWS\System32\SET1B2.tmp
Present !! : C:\WINDOWS\System32\SET1B3.tmp
Present !! : C:\WINDOWS\System32\SET1B5.tmp
Present !! : C:\WINDOWS\System32\SET1B6.tmp
Present !! : C:\WINDOWS\System32\SET1B7.tmp
Present !! : C:\WINDOWS\System32\SET1BA.tmp
Present !! : C:\WINDOWS\System32\SET1C1.tmp
Present !! : C:\WINDOWS\System32\SET1C2.tmp
Present !! : C:\WINDOWS\System32\SET1C3.tmp
Present !! : C:\WINDOWS\System32\SET1C6.tmp
Present !! : C:\WINDOWS\System32\SET1C8.tmp
Present !! : C:\WINDOWS\System32\SET1CA.tmp
Present !! : C:\WINDOWS\System32\SET1CE.tmp
Present !! : C:\WINDOWS\System32\SET1D1.tmp
Present !! : C:\WINDOWS\System32\SET1D3.tmp
Present !! : C:\WINDOWS\System32\SET1D4.tmp
Present !! : C:\WINDOWS\System32\SET1D5.tmp
Present !! : C:\WINDOWS\System32\SET1D7.tmp
Present !! : C:\WINDOWS\System32\SET1DC.tmp
Present !! : C:\WINDOWS\System32\SET1DD.tmp
Present !! : C:\WINDOWS\System32\SET1DE.tmp
Present !! : C:\WINDOWS\System32\SET1DF.tmp
Present !! : C:\WINDOWS\System32\SET1E0.tmp
Present !! : C:\WINDOWS\System32\SET1E6.tmp
Present !! : C:\WINDOWS\System32\SET1EB.tmp
Present !! : C:\WINDOWS\System32\SET1EC.tmp
Present !! : C:\WINDOWS\System32\SET1EF.tmp
Present !! : C:\WINDOWS\System32\SET1F2.tmp
Present !! : C:\WINDOWS\System32\SET1F3.tmp
Present !! : C:\WINDOWS\System32\SET1FA.tmp
Present !! : C:\WINDOWS\System32\SET1FB.tmp
Present !! : C:\WINDOWS\System32\SET1FE.tmp
Present !! : C:\WINDOWS\System32\SET201.tmp
Present !! : C:\WINDOWS\System32\SET202.tmp
Present !! : C:\WINDOWS\System32\SET20B.tmp
Present !! : C:\WINDOWS\System32\SET20C.tmp
Present !! : C:\WINDOWS\System32\SET20F.tmp
Present !! : C:\WINDOWS\System32\SET211.tmp
Present !! : C:\WINDOWS\System32\SET212.tmp
Present !! : C:\WINDOWS\System32\SET213.tmp
Present !! : C:\WINDOWS\System32\SET214.tmp
Present !! : C:\WINDOWS\System32\SET215.tmp
Present !! : C:\WINDOWS\System32\SET225.tmp
Present !! : C:\WINDOWS\System32\SET22A.tmp
Present !! : C:\WINDOWS\System32\SET22C.tmp
Present !! : C:\WINDOWS\System32\SET22E.tmp
Present !! : C:\WINDOWS\System32\SET22F.tmp
Present !! : C:\WINDOWS\System32\SET230.tmp
Present !! : C:\WINDOWS\System32\SET233.tmp
Present !! : C:\WINDOWS\System32\SET234.tmp
Present !! : C:\WINDOWS\System32\SET238.tmp
Present !! : C:\WINDOWS\System32\SET239.tmp
Present !! : C:\WINDOWS\System32\SET23D.tmp
Present !! : C:\WINDOWS\System32\SET23E.tmp
Present !! : C:\WINDOWS\System32\SET244.tmp
Present !! : C:\WINDOWS\System32\SET245.tmp
Present !! : C:\WINDOWS\System32\SET246.tmp
Present !! : C:\WINDOWS\System32\SET24E.tmp
Present !! : C:\WINDOWS\System32\SET254.tmp
Present !! : C:\WINDOWS\System32\SET255.tmp
Present !! : C:\WINDOWS\System32\SET256.tmp
Present !! : C:\WINDOWS\System32\SET257.tmp
Present !! : C:\WINDOWS\System32\SET259.tmp
Present !! : C:\WINDOWS\System32\SET25F.tmp
Present !! : C:\WINDOWS\System32\SET26B.tmp
Present !! : C:\WINDOWS\System32\SET26D.tmp
Present !! : C:\WINDOWS\System32\SET26F.tmp
Present !! : C:\WINDOWS\System32\SET270.tmp
Present !! : C:\WINDOWS\System32\SET271.tmp
Present !! : C:\WINDOWS\System32\SET273.tmp
Present !! : C:\WINDOWS\System32\SET274.tmp
Present !! : C:\WINDOWS\System32\SET27C.tmp
Present !! : C:\WINDOWS\System32\SET27E.tmp
Present !! : C:\WINDOWS\System32\SET27F.tmp
Present !! : C:\WINDOWS\System32\SET282.tmp
Present !! : C:\WINDOWS\System32\SET284.tmp
Present !! : C:\WINDOWS\System32\SET287.tmp
Present !! : C:\WINDOWS\System32\SET296.tmp
Present !! : C:\WINDOWS\System32\SET298.tmp
Present !! : C:\WINDOWS\System32\SET299.tmp
Present !! : C:\WINDOWS\System32\SET29A.tmp
Present !! : C:\WINDOWS\System32\SET2A1.tmp
Present !! : C:\WINDOWS\System32\SET2A2.tmp
Present !! : C:\WINDOWS\System32\SET2A5.tmp
Present !! : C:\WINDOWS\System32\SET2A6.tmp
Present !! : C:\WINDOWS\System32\SET2A7.tmp
Present !! : C:\WINDOWS\System32\SET2A8.tmp
Present !! : C:\WINDOWS\System32\SET2A9.tmp
Present !! : C:\WINDOWS\System32\SET2AB.tmp
Present !! : C:\WINDOWS\System32\SET2AC.tmp
Present !! : C:\WINDOWS\System32\SET2AD.tmp
Present !! : C:\WINDOWS\System32\SET2AF.tmp
Present !! : C:\WINDOWS\System32\SET2B0.tmp
Present !! : C:\WINDOWS\System32\SET2B1.tmp
Present !! : C:\WINDOWS\System32\SET2B3.tmp
Present !! : C:\WINDOWS\System32\SET2B5.tmp
Present !! : C:\WINDOWS\System32\SET2B6.tmp
Present !! : C:\WINDOWS\System32\SET2BB.tmp
Present !! : C:\WINDOWS\System32\SET2BC.tmp
Present !! : C:\WINDOWS\System32\SET2BD.tmp
Present !! : C:\WINDOWS\System32\SET2C3.tmp
Present !! : C:\WINDOWS\System32\SET2C4.tmp
Present !! : C:\WINDOWS\System32\SET2C5.tmp
Present !! : C:\WINDOWS\System32\SET2C7.tmp
Present !! : C:\WINDOWS\System32\SET2CA.tmp
Present !! : C:\WINDOWS\System32\SET2CC.tmp
Present !! : C:\WINDOWS\System32\SET2CD.tmp
Present !! : C:\WINDOWS\System32\SET2D0.tmp
Present !! : C:\WINDOWS\System32\SET2D1.tmp
Present !! : C:\WINDOWS\System32\SET2D4.tmp
Present !! : C:\WINDOWS\System32\SET2D7.tmp
Present !! : C:\WINDOWS\System32\SET2D8.tmp
Present !! : C:\WINDOWS\System32\SET2DF.tmp
Present !! : C:\WINDOWS\System32\SET2E1.tmp
Present !! : C:\WINDOWS\System32\SET2E4.tmp
Present !! : C:\WINDOWS\System32\SET2EA.tmp
Present !! : C:\WINDOWS\System32\SET2EB.tmp
Present !! : C:\WINDOWS\System32\SET2EE.tmp
Present !! : C:\WINDOWS\System32\SET2EF.tmp
Present !! : C:\WINDOWS\System32\SET2F5.tmp
Present !! : C:\WINDOWS\System32\SET2F6.tmp
Present !! : C:\WINDOWS\System32\SET2F8.tmp
Present !! : C:\WINDOWS\System32\SET2F9.tmp
Present !! : C:\WINDOWS\System32\SET2FA.tmp
Present !! : C:\WINDOWS\System32\SET2FE.tmp
Present !! : C:\WINDOWS\System32\SET2FF.tmp
Present !! : C:\WINDOWS\System32\SET300.tmp
Present !! : C:\WINDOWS\System32\SET301.tmp
Present !! : C:\WINDOWS\System32\SET302.tmp
Present !! : C:\WINDOWS\System32\SET303.tmp
Present !! : C:\WINDOWS\System32\SET305.tmp
Present !! : C:\WINDOWS\System32\SET307.tmp
Present !! : C:\WINDOWS\System32\SET30A.tmp
Present !! : C:\WINDOWS\System32\SET312.tmp
Present !! : C:\WINDOWS\System32\SET314.tmp
Present !! : C:\WINDOWS\System32\SET316.tmp
Present !! : C:\WINDOWS\System32\SET317.tmp
Present !! : C:\WINDOWS\System32\SET318.tmp
Present !! : C:\WINDOWS\System32\SET31A.tmp
Present !! : C:\WINDOWS\System32\SET31C.tmp
Present !! : C:\WINDOWS\System32\SET321.tmp
Present !! : C:\WINDOWS\System32\SET323.tmp
Present !! : C:\WINDOWS\System32\SET324.tmp
Present !! : C:\WINDOWS\System32\SET32B.tmp
Present !! : C:\WINDOWS\System32\SET336.tmp
Present !! : C:\WINDOWS\System32\SET339.tmp
Present !! : C:\WINDOWS\System32\SET33A.tmp
Present !! : C:\WINDOWS\System32\SET33B.tmp
Present !! : C:\WINDOWS\System32\SET33F.tmp
Present !! : C:\WINDOWS\System32\SET347.tmp
Present !! : C:\WINDOWS\System32\SET34E.tmp
Present !! : C:\WINDOWS\System32\SET350.tmp
Present !! : C:\WINDOWS\System32\SET356.tmp
Present !! : C:\WINDOWS\System32\SET357.tmp
Present !! : C:\WINDOWS\System32\SET359.tmp
Present !! : C:\WINDOWS\System32\SET35A.tmp
Present !! : C:\WINDOWS\System32\SET35D.tmp
Present !! : C:\WINDOWS\System32\SET360.tmp
Present !! : C:\WINDOWS\System32\SET37.tmp
Present !! : C:\WINDOWS\System32\SET370.tmp
Present !! : C:\WINDOWS\System32\SET374.tmp
Present !! : C:\WINDOWS\System32\SET376.tmp
Present !! : C:\WINDOWS\System32\SET378.tmp
Present !! : C:\WINDOWS\System32\SET37C.tmp
Present !! : C:\WINDOWS\System32\SET37E.tmp
Present !! : C:\WINDOWS\System32\SET38.tmp
Present !! : C:\WINDOWS\System32\SET380.tmp
Present !! : C:\WINDOWS\System32\SET382.tmp
Present !! : C:\WINDOWS\System32\SET390.tmp
Present !! : C:\WINDOWS\System32\SET396.tmp
Present !! : C:\WINDOWS\System32\SET398.tmp
Present !! : C:\WINDOWS\System32\SET399.tmp
Present !! : C:\WINDOWS\System32\SET39F.tmp
Present !! : C:\WINDOWS\System32\SET3A3.tmp
Present !! : C:\WINDOWS\System32\SET3AD.tmp
Present !! : C:\WINDOWS\System32\SET3B.tmp
Present !! : C:\WINDOWS\System32\SET3B1.tmp
Present !! : C:\WINDOWS\System32\SET3B3.tmp
Present !! : C:\WINDOWS\System32\SET3B4.tmp
Present !! : C:\WINDOWS\System32\SET3B5.tmp
Present !! : C:\WINDOWS\System32\SET3C.tmp
Present !! : C:\WINDOWS\System32\SET3C1.tmp
Present !! : C:\WINDOWS\System32\SET3C6.tmp
Present !! : C:\WINDOWS\System32\SET3CD.tmp
Present !! : C:\WINDOWS\System32\SET3D.tmp
Present !! : C:\WINDOWS\System32\SET3D5.tmp
Present !! : C:\WINDOWS\System32\SET3E0.tmp
Present !! : C:\WINDOWS\System32\SET3E1.tmp
Present !! : C:\WINDOWS\System32\SET40.tmp
Present !! : C:\WINDOWS\System32\SET401.tmp
Present !! : C:\WINDOWS\System32\SET403.tmp
Present !! : C:\WINDOWS\System32\SET404.tmp
Present !! : C:\WINDOWS\System32\SET407.tmp
Present !! : C:\WINDOWS\System32\SET40C.tmp
Present !! : C:\WINDOWS\System32\SET40E.tmp
Present !! : C:\WINDOWS\System32\SET41.tmp
Present !! : C:\WINDOWS\System32\SET412.tmp
Present !! : C:\WINDOWS\System32\SET415.tmp
Present !! : C:\WINDOWS\System32\SET416.tmp
Present !! : C:\WINDOWS\System32\SET417.tmp
Present !! : C:\WINDOWS\System32\SET419.tmp
Present !! : C:\WINDOWS\System32\SET41A.tmp
Present !! : C:\WINDOWS\System32\SET41B.tmp
Present !! : C:\WINDOWS\System32\SET41C.tmp
Present !! : C:\WINDOWS\System32\SET41E.tmp
Present !! : C:\WINDOWS\System32\SET42.tmp
Present !! : C:\WINDOWS\System32\SET420.tmp
Present !! : C:\WINDOWS\System32\SET421.tmp
Present !! : C:\WINDOWS\System32\SET423.tmp
Present !! : C:\WINDOWS\System32\SET426.tmp
Present !! : C:\WINDOWS\System32\SET428.tmp
Present !! : C:\WINDOWS\System32\SET42D.tmp
Present !! : C:\WINDOWS\System32\SET42E.tmp
Present !! : C:\WINDOWS\System32\SET436.tmp
Present !! : C:\WINDOWS\System32\SET43C.tmp
Present !! : C:\WINDOWS\System32\SET441.tmp
Present !! : C:\WINDOWS\System32\SET444.tmp
Present !! : C:\WINDOWS\System32\SET447.tmp
Present !! : C:\WINDOWS\System32\SET449.tmp
Present !! : C:\WINDOWS\System32\SET44D.tmp
Present !! : C:\WINDOWS\System32\SET44F.tmp
Present !! : C:\WINDOWS\System32\SET450.tmp
Present !! : C:\WINDOWS\System32\SET454.tmp
Present !! : C:\WINDOWS\System32\SET455.tmp
Present !! : C:\WINDOWS\System32\SET459.tmp
Present !! : C:\WINDOWS\System32\SET45A.tmp
Present !! : C:\WINDOWS\System32\SET45D.tmp
Present !! : C:\WINDOWS\System32\SET45F.tmp
Present !! : C:\WINDOWS\System32\SET465.tmp
Present !! : C:\WINDOWS\System32\SET468.tmp
Present !! : C:\WINDOWS\System32\SET46C.tmp
Present !! : C:\WINDOWS\System32\SET46E.tmp
Present !! : C:\WINDOWS\System32\SET470.tmp
Present !! : C:\WINDOWS\System32\SETC69.tmp
Present !! : C:\WINDOWS\System32\SETC6B.tmp
Present !! : C:\WINDOWS\System32\SETC77.tmp
Present !! : C:\Documents and Settings\stephane doux\Application Data\Temporary
Present !! : C:\Documents and Settings\stephane doux\Local Settings\Temporary Internet Files\SuggestedSites.dat
Present !! : C:\Documents and Settings\stephane doux\results.txt

¤¤¤¤¤¤¤¤¤¤ Keys :

Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser : {0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer : NoDrives
Present !! : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer : NoDrives
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}
Present !! : HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\76DA9915C36F3D742951F63351CF5C97
Present !! : HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9B0B0584E80456A4FB98DA3973B1EB3F
Present !! : HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A89F1E0FE544529429C8BF82FE74CE39
Present !! : HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\C9667115F6A9CE340B31B63B680FF26F
Present !! : HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EFB70E89C3D6D354596520DE424F89D6
Present !! : HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F49A213B5069AC348994D03F81B56C19

FEATURE_BROWSER_EMULATION | svchost :
====================================


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 40 / 69
Utilisateur anonyme
18 sept. 2010 à 21:33
? Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :

? choisis l'Option Clean

ton PC va redemarrer,

laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

? colle le contenu dans ta reponse
0

Discussions similaires

adware.pokki
SuperFun -
SuperFun -

9 réponses
Adware.Elex.ShrtCln : impossible à retirer
jackloup -
jayc -

8 réponses
Comment supprimer pokki
cathykiki17 -
DianeA1 -

24 réponses
Win32:Adware-gen [Adw]
nico -
nico -

98 réponses
c'est quoi un tracking cookie?
Berivan -
Berivan -

45 réponses