a l'aide j'ai attrapé un virus!!!!

Question

Bonjour, 


j'utilise depuis peu windows 7 64 bits. 
depuis 2 jours internet exploreur rame un peu a s'ouvrir. 
ce matin je surf tranquilement et voila qu'il apparait un message d'erreur me disant que je suis infecté par divers virus et trojans. 
une fenetre windows s'ouvre et me donne divers liens de telechargements de logiciels  qui permettrait de reparer les degats.voyant que c'etait une fenetre windows je fait confiance et  telecharge le 1 er logiciel se nomant antispyware .donc je le telecharge il redemarre tout seul le pc et lance un scan . 
le resultat du scan est le suivant 48 fichiers restaurés,et 9  requierent un abonnement a 100€ pour etre restauré (l'arnaque quoi) mais si je n'axccepte pas l'abonnement et que je ferme la fenetre je tombe sur un ecran noir et je suis bloqué.j'ai essayé en mode sans echec mais ke scan redemare. 
que puis je faire?merci d'avance pour votre aide.
Configuration: Windows XP / Internet Explorer 7.0

Malekal_morte- · Accepted Answer

OK.

Bon bha OTL.
Tjrs à transférer... vu que tu peux pas télécharger.

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Clique sur le bouton Quick Scan.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.

Malekal_morte- · Answer

Salut,

C'est quoi le nom du faux antispyware ?


Désactive les logiciels de protection (Antivirus, Antispywares) puis :

Télécharge Combofix sUBs : [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]combofix.exe[/url] et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.

Eventuellement, installe la console de récupération comme cela est conseillé

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.

Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

lili500 · Answer

bon comme par magie tout est rentré dans l'ordre , croit tu que je devrais faire la manip?le virus a pas disparu tout seul?

lili500 · Answer

je le fais quand meme mais j'ai pas eu besoin du clique droit otl et utiliser administrateur.j'ai copier collé et j'ai cliqué sur analyse.le scan est en cour a toute a l'heure

Malekal_morte- · Answer

Je peux pas répondre vu que j'ai pas de rapport.
T'as peut-être juste changé de session et l'infection est pas active sur celle-ci.

Fais OTL.

lili500 · Answer

voici pour otl car je n'ai pas reussi avec le logiciel que tu preconise

OTL logfile created on: 05/10/2010 13:17:03 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\PC DE NATHALIE\Documents\Downloads\Programs
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,85 Gb Total Space | 244,31 Gb Free Space | 82,03% Space Free | Partition Type: NTFS
Drive D: | 297,93 Gb Total Space | 289,12 Gb Free Space | 97,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 465,70 Gb Total Space | 409,37 Gb Free Space | 87,90% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PCDENATHALIE
Current User Name: PC DE NATHALIE
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========/color
 
PRC - [2010/10/05 13:15:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\PC DE NATHALIE\Documents\Downloads\Programs\OTL.exe
PRC - [2010/10/01 23:01:04 | 000,129,024 | ---- | M] () -- C:\Users\PC DE NATHALIE\AppData\Roaming\SysWin\lsass.exe
PRC - [2010/10/01 10:18:33 | 001,812,992 | ---- | M] (DreamStudio) -- D:\DreamMail4\DM2005.exe
PRC - [2010/09/22 16:30:16 | 002,391,718 | ---- | M] () -- C:\Program Files (x86)\Search Advisor\adgui.exe
PRC - [2010/09/18 18:31:06 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
PRC - [2010/07/21 14:59:48 | 001,962,840 | ---- | M] (Secure Digital Services Limited) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
PRC - [2010/05/26 15:03:07 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/03/26 10:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009/10/28 11:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/10/02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/02 14:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/09/30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/19 09:53:32 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 09:53:30 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/08/12 12:30:42 | 006,203,296 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/01/23 11:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/01/13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========/color
 
MOD - [2010/10/05 13:15:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\PC DE NATHALIE\Documents\Downloads\Programs\OTL.exe
MOD - [2010/10/01 23:11:47 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dllt3tkwj2v132.dll
MOD - [2010/10/01 23:11:42 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dllpqp3jw1dgl32.dll
MOD - [2010/10/01 23:10:57 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dll
MOD - [2010/10/01 23:10:52 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dll
MOD - [2010/10/01 23:10:08 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dll
MOD - [2010/10/01 23:10:03 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dll
MOD - [2010/10/01 23:09:18 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll
MOD - [2010/10/01 23:09:13 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll
MOD - [2010/10/01 23:08:29 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dll
MOD - [2010/10/01 23:08:24 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll
MOD - [2010/10/01 23:07:37 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\connect32.dll
MOD - [2010/10/01 23:07:34 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\comctl3232.dll
MOD - [2010/10/01 23:06:48 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level93232.dll
MOD - [2010/10/01 23:06:45 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\C_IS202232.dll
MOD - [2010/10/01 23:05:58 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dciman3232.dll
MOD - [2010/10/01 23:05:55 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\D3DX9_4232.dll
MOD - [2010/10/01 23:05:20 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\BOOTVID32.dll
MOD - [2010/10/01 23:05:06 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\aticalcl32.dll
MOD - [2010/10/01 23:04:42 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cryptbase32.dll
MOD - [2010/10/01 23:04:16 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\azroleui32.dll
MOD - [2010/10/01 23:04:10 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dllwt8c309q3y4732.dll
MOD - [2010/10/01 23:03:20 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dll
MOD - [2010/10/01 23:02:35 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll0vwo9kp58vq0132.dll
MOD - [2010/10/01 23:02:31 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll
MOD - [2010/10/01 23:01:43 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll
MOD - [2010/10/01 23:01:41 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dll
MOD - [2010/10/01 23:00:54 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll
MOD - [2010/10/01 23:00:51 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dll
MOD - [2010/10/01 23:00:01 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dllb9ai4ho408r232.dll
MOD - [2010/10/01 23:00:01 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dll
MOD - [2010/10/01 23:00:00 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-032.dll
MOD - [2010/10/01 22:59:09 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dll
MOD - [2010/10/01 22:59:08 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dll
MOD - [2010/10/01 22:59:07 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dfscli32.dll
MOD - [2010/10/01 22:58:17 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll
MOD - [2010/10/01 22:58:17 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dmrc32.dll
MOD - [2010/10/01 22:58:16 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dmloader32.dll
MOD - [2010/10/01 22:57:26 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dll
MOD - [2010/10/01 22:57:26 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dll
MOD - [2010/10/01 22:57:23 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dot3ui32.dll
MOD - [2010/10/01 22:56:35 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dsuiext32.dll
MOD - [2010/10/01 22:56:32 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\DShowRdpFilter32.dll
MOD - [2010/10/01 22:56:28 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\drmv2clt32.dll
MOD - [2010/10/01 22:55:57 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\framedyn32.dll
MOD - [2010/10/01 22:55:42 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\EBLib32.dll
MOD - [2010/10/01 22:54:52 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\fdSSDP32.dll
MOD - [2009/07/14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/01/23 11:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========/color
 
SRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:/b - [2010/04/15 09:45:10 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:[b]64bit:/b - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:[b]64bit:/b - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:/b - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:[b]64bit:/b - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:/b - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:[b]64bit:/b - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:/b - [2009/11/10 13:54:54 | 000,824,688 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:[b]64bit:/b - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:[b]64bit:/b - [2009/11/05 10:19:12 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:[b]64bit:/b - [2009/09/28 14:46:02 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:[b]64bit:/b - [2009/09/08 23:56:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:/b - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:[b]64bit:/b - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2010/07/28 23:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/27 20:12:14 | 000,252,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/10/15 17:49:56 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009/10/06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/10/02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/09/30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/01/23 11:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========/color
 
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,529,000 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,441,072 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,283,232 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,094,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:[b]64bit:/b - [2010/08/24 14:57:38 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:/b - [2009/11/05 23:15:40 | 000,291,328 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:/b - [2009/10/26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:/b - [2009/10/15 20:11:26 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:/b - [2009/10/02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:/b - [2009/10/02 13:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\driverstl8192se.sys -- (rtl8192se)
DRV:[b]64bit:/b - [2009/09/22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:/b - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:/b - [2009/09/09 00:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:/b - [2009/07/30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:[b]64bit:/b - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers	dcmdpst.sys -- (tdcmdpst)
DRV:[b]64bit:/b - [2009/07/24 15:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers	os_sps64.sys -- (tos_sps64)
DRV:[b]64bit:/b - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:[b]64bit:/b - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:/b - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:/b - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:/b - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:/b - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:/b - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:/b - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:[b]64bit:/b - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:[b]64bit:/b - [2009/06/10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:/b - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem
tfs.mof -- (Ntfs)
DRV:[b]64bit:/b - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:/b - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:/b - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:/b - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:/b - [2009/05/20 18:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV - [2009/09/22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========/color
 
 
[color=#E56717]========== Internet Explorer ==========/color
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = BB 74 2B 00 BF 22 B7 47 8E 87 56 F9 07 0F 60 D8  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/09/18 18:03:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\offerboxffx@offerbox.com: C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com [2010/09/21 22:22:30 | 000,000,000 | ---D | M]
 
[2010/09/21 21:58:49 | 000,000,000 | ---D | M] -- C:\Users\PC DE NATHALIE\AppData\Roaming\mozilla\Extensions
[2010/09/21 21:58:49 | 000,000,000 | ---D | M] -- C:\Users\PC DE NATHALIE\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:/b - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL ()
O2:[b]64bit:/b - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100930153137.dll (McAfee, Inc.)
O2:[b]64bit:/b - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
O2 - BHO: (no name) - {002B74BB-22BF-47B7-8E87-56F9070F60D8} - C:\Windows\SysWOW64\credssp32.dll (Inprise Corporation)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100930153137.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (54d6000e) - {CFB4473F-968D-3762-3E02-DDC7C75640EF} - C:\Windows\SysWOW64\comctl3232.dll (Inprise Corporation)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O3:[b]64bit:/b - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:[b]64bit:/b - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:/b - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:[b]64bit:/b - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:[b]64bit:/b - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:/b - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IP Network] C:\Program Files (x86)\InstallPedia\lnetworker.exe ()
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [RTHDBPL] C:\Users\PC DE NATHALIE\AppData\Roaming\SysWin\lsass.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Search Advisor] C:\Program Files (x86)\Search Advisor\adgui.exe ()
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - Startup: C:\Users\PC DE NATHALIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DreamMail.lnk = D:\DreamMail4\DM2005.exe (DreamStudio)
O4 - Startup: C:\Users\PC DE NATHALIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\PC DE NATHALIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\PC DE NATHALIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:[b]64bit:/b - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:/b - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:[b]64bit:/b - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:[b]64bit:/b - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:/b - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:/b - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:/b - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:/b - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
O18:[b]64bit:/b - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
O18:[b]64bit:/b - Protocol\Filter	ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\fdSSDP32.dll) - C:\Windows\SysWOW64\fdSSDP32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\EBLib32.dll) - C:\Windows\SysWOW64\EBLib32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\framedyn32.dll) - C:\Windows\SysWOW64\framedyn32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\drmv2clt32.dll) - C:\Windows\SysWOW64\drmv2clt32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\DShowRdpFilter32.dll) - C:\Windows\SysWOW64\DShowRdpFilter32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dsuiext32.dll) - C:\Windows\SysWOW64\dsuiext32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dot3ui32.dll) - C:\Windows\SysWOW64\dot3ui32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dll) - C:\Windows\SysWOW64\dpnlobby32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dmloader32.dll) - C:\Windows\SysWOW64\dmloader32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dmrc32.dll) - C:\Windows\SysWOW64\dmrc32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dfscli32.dll) - C:\Windows\SysWOW64\dfscli32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dll) - C:\Windows\SysWOW64\dhcpcore632.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-032.dll) - C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-032.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dllb9ai4ho408r232.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dllb9ai4ho408r232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dll) - C:\Windows\SysWOW64\d3d10level932.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll0vwo9kp58vq0132.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll0vwo9kp58vq0132.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dllwt8c309q3y4732.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dllwt8c309q3y4732.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\azroleui32.dll) - C:\Windows\SysWOW64\azroleui32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cryptbase32.dll) - C:\Windows\SysWOW64\cryptbase32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\aticalcl32.dll) - C:\Windows\SysWOW64\aticalcl32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\BOOTVID32.dll) - C:\Windows\SysWOW64\BOOTVID32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\D3DX9_4232.dll) - C:\Windows\SysWOW64\D3DX9_4232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\dciman3232.dll) - C:\Windows\SysWOW64\dciman3232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\C_IS202232.dll) - C:\Windows\SysWOW64\C_IS202232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level93232.dll) - C:\Windows\SysWOW64\d3d10level93232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\comctl3232.dll) - C:\Windows\SysWOW64\comctl3232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\connect32.dll) - C:\Windows\SysWOW64\connect32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dllpqp3jw1dgl32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dllpqp3jw1dgl32.dll (Inprise Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dllt3tkwj2v132.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dllt3tkwj2v132.dll (Inprise Corporation)
O20:[b]64bit:/b - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:/b - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:/b - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:/b - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:/b - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:/b - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
 
 
SafeBootMin:[b]64bit:/b AppMgmt - Service
SafeBootMin:[b]64bit:/b Base - Driver Group
SafeBootMin:[b]64bit:/b Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:/b Boot file system - Driver Group
SafeBootMin:[b]64bit:/b File system - Driver Group
SafeBootMin:[b]64bit:/b Filter - Driver Group
SafeBootMin:[b]64bit:/b HelpSvc - Service
SafeBootMin:[b]64bit:/b mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin:[b]64bit:/b MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin:[b]64bit:/b PCI Configuration - Driver Group
SafeBootMin:[b]64bit:/b PEVSystemStart - Service
SafeBootMin:[b]64bit:/b PNP Filter - Driver Group
SafeBootMin:[b]64bit:/b Primary disk - Driver Group
SafeBootMin:[b]64bit:/b procexp90.Sys - Driver
SafeBootMin:[b]64bit:/b sacsvr - Service
SafeBootMin:[b]64bit:/b SCSI Class - Driver Group
SafeBootMin:[b]64bit:/b System Bus Extender - Driver Group
SafeBootMin:[b]64bit:/b vmms - Service
SafeBootMin:[b]64bit:/b WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:/b AppMgmt - Service
SafeBootNet:[b]64bit:/b Base - Driver Group
SafeBootNet:[b]64bit:/b Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:/b Boot file system - Driver Group
SafeBootNet:[b]64bit:/b File system - Driver Group
SafeBootNet:[b]64bit:/b Filter - Driver Group
SafeBootNet:[b]64bit:/b HelpSvc - Service
SafeBootNet:[b]64bit:/b McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:/b mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:/b MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:/b Messenger - Service
SafeBootNet:[b]64bit:/b mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:/b mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:/b mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:/b mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:/b mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:/b mfevtp - C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:/b NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:/b NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:/b NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:/b Network - Driver Group
SafeBootNet:[b]64bit:/b NetworkProvider - Driver Group
SafeBootNet:[b]64bit:/b PCI Configuration - Driver Group
SafeBootNet:[b]64bit:/b PEVSystemStart - Service
SafeBootNet:[b]64bit:/b PNP Filter - Driver Group
SafeBootNet:[b]64bit:/b PNP_TDI - Driver Group
SafeBootNet:[b]64bit:/b Primary disk - Driver Group
SafeBootNet:[b]64bit:/b procexp90.Sys - Driver
SafeBootNet:[b]64bit:/b rdsessmgr - Service
SafeBootNet:[b]64bit:/b sacsvr - Service
SafeBootNet:[b]64bit:/b SCSI Class - Driver Group
SafeBootNet:[b]64bit:/b Streams Drivers - Driver Group
SafeBootNet:[b]64bit:/b System Bus Extender - Driver Group
SafeBootNet:[b]64bit:/b TDI - Driver Group
SafeBootNet:[b]64bit:/b vmms - Service
SafeBootNet:[b]64bit:/b WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:/b WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:/b {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:/b {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:/b {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:/b {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:/b {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:[b]64bit:/b {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:/b {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32	hemeui.dll
ActiveX:[b]64bit:/b {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:/b {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:/b {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:/b {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:/b {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:/b {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:/b {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:/b {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:/b {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:/b {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:/b {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:/b {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:/b {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:/b {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:/b {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:/b {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:/b {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:/b >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:/b >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:/b >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - 
ActiveX:[b]64bit:/b >{FE399E78-3452-4968-880D-2F8D8EDCC25F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32	hemeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-44455354

lili500 · Answer

et voici pour l'autre. pense tu que je sois sorti d'affaire? OTL Extras logfile created on: 05/10/2010 13:17:03 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\PC DE NATHALIE\Documents\Downloads\Programs 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,85 Gb Total Space | 244,31 Gb Free Space | 82,03% Space Free | Partition Type: NTFS Drive D: | 297,93 Gb Total Space | 289,12 Gb Free Space | 97,04% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 465,70 Gb Total Space | 409,37 Gb Free Space | 87,90% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PCDENATHALIE Current User Name: PC DE NATHALIE Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .bat [@ = batfile] -- Reg Error: Key error. File not found .cmd [@ = cmdfile] -- Reg Error: Key error. File not found .com [@ = comfile] -- Reg Error: Key error. File not found .exe [@ = exefile] -- Reg Error: Key error. File not found .pif [@ = piffile] -- Reg Error: Key error. File not found .vbs [@ = VBSFile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor "{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C260A1C3-EB49-F99A-38BA-B59C020D4609}" = ATI Catalyst Install Manager "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{E27CF425-D27B-6ED6-D281-D8B26A404E67}" = ccc-utility64 "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board "{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00763F56-1FE5-DA9F-A43E-53F5D46D6E7E}" = CCC Help Dutch "{02F2BA99-3AFA-F0E6-969B-E6443A469967}" = Catalyst Control Center InstallProxy "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{084144E0-8719-9E07-49F9-D728A7533B32}" = CCC Help Russian "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{0CB58D13-A9CB-7599-DE28-D17205A3D381}" = Catalyst Control Center Graphics Previews Common "{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{14555947-6F14-421F-8F61-6489E0FDFAE5}" = Toshiba TEMPRO "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM) "{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox "{1901B979-96F2-3330-D875-4803F233CF47}" = CCC Help Finnish "{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist "{1C84AB70-7851-D03E-14B0-2CE969DD6CBA}" = Photo Service - powered by myphotobook "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10 "{2404C7F8-65CC-9408-F08E-73996B998A7D}" = Catalyst Control Center Graphics Light "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 "{290CD70B-6E45-7381-CDC4-45E582F49C60}" = Catalyst Control Center Graphics Previews Vista "{2FFDADDF-5107-5CB7-1E9C-66E881680F25}" = CCC Help Turkish "{320F5494-8DB9-10CD-6122-05299B9A4DAD}" = Catalyst Control Center Graphics Full New "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM) "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{39987616-5DF2-CDFA-761C-75E66743CE80}" = CCC Help Portuguese "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3BCF8458-04BA-EBB7-3EDD-BFD188230DBE}" = CCC Help Czech "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{45D6FC55-A7CA-1EEA-C038-70998C3D190A}" = CCC Help Spanish "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{46D0CFB0-D3F7-6D32-8FBF-2F848F7ECA79}" = CCC Help Italian "{4D76C6A4-A8AC-B6FF-C334-E6CBB7471C44}" = Catalyst Control Center Core Implementation "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "{53173451-0DDE-97E9-B6FE-1D068DBF2AF8}" = CCC Help Chinese Standard "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application "{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{67753C59-3BB3-7CBB-7B10-F47CE982082F}" = CCC Help German "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6ABF4A27-C269-88EB-1CA8-5A1D78A2FF08}" = ccc-core-static "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{723166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Search Advisor "{729166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Quick Web Player "{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker "{767F1CF5-6140-BCF3-549E-69B273099EC9}" = CCC Help Polish "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM) "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10 "{7C4F9145-AEDA-55D4-3F5F-BCA89EA300E2}" = CCC Help Swedish "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D3D00A7-F448-D3A3-BC79-CD603AEBC2F5}" = CCC Help Danish "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9817543D-592D-CDA9-B8E5-E7BB8DA63F45}" = CCC Help Chinese Traditional "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10 "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM) "{9DA30596-3A38-06B3-5EA2-8AF4B4FE27F2}" = CCC Help Hungarian "{A0A61E1A-47BA-DD0F-8B31-2BA14B059258}" = CCC Help Japanese "{A2690E7C-D909-4AE6-7C84-F1AC267A9020}" = Catalyst Control Center Graphics Full Existing "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A35391E7-4D75-FD08-CBE4-0A9DFB944294}" = CCC Help Korean "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station "{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B2E581DB-C4DD-432C-AC84-ED761AC056BC}" = OpenOffice.org 3.1 "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility "{B5ACFC20-FA4B-3448-431E-D0107C55E435}" = CCC Help English "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{D05CD952-F58E-D2AC-D6EA-4178331A356C}" = CCC Help Thai "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D408ADFE-DC5B-CA9A-4131-E4D870B07354}" = CCC Help Norwegian "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM) "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E8B28B89-FF29-9092-19BC-B2B6779FFA9F}" = Catalyst Control Center Localization All "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM) "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F7776077-24D8-A51B-1580-46BB742EE0BC}" = CCC Help Greek "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F92DCCC1-0371-916E-78A3-BF9788D39152}" = CCC Help French "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "DreamMail 4.6" = DreamMail 4.6 "eMule" = eMule "eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook "Free DVD Video Burner_is1" = Free DVD Video Burner version 2.4 "Freemake Video Converter_is1" = Freemake Video Converter version 1.1.11 "FrostWire" = FrostWire 4.18.4 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Mot de passe responsable "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder "InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility "InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher "InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board "InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "Internet Download Manager" = Internet Download Manager "LimeWire" = LimeWire 5.5.14 "MSC" = McAfee Internet Security "OfferBox" = OfferBox "PhotoMail" = PhotoMail Maker "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.5 "WildTangent toshiba Master Uninstall" = Jeux WildTangent "WinLiveSuite_Wave3" = Installation Windows Live "WinX Video Converter_is1" = WinX Video Converter 4.5.4 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 18/09/2010 09:25:33 | Computer Name = PCDENATHALIE | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l'extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. . Error - 18/09/2010 09:25:33 | Computer Name = PCDENATHALIE | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l'extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. . Error - 18/09/2010 09:25:33 | Computer Name = PCDENATHALIE | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l'extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. . Error - 18/09/2010 09:25:34 | Computer Name = PCDENATHALIE | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l'extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. . Error - 19/09/2010 04:18:35 | Computer Name = PCDENATHALIE | Source = McLogEvent | ID = 5051 Description = Un thread du processus C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe a mis plus de 90000 ms à effectuer une requête. Le processus va se terminer. ID du thread : 4140 (0x102c) Adresse du thread : 0x0000000076ED070A Message du thread : Build VSCORE.14.0.0.430 / 5301.4018 Object being scanned = \Device\HarddiskVolume2\Windows\WinSxS\Temp\PendingRenames\786c80aa7b57cb01790200006c0a680e.WatAdminSvc.exe by C:\Windows\servicing\TrustedInstaller.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0) Error - 21/09/2010 03:10:43 | Computer Name = PCDENATHALIE | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante iexplore.exe, version : 8.0.7600.16385, horodatage : 0x4a5bc69e Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d'exception : 0xc0000005 Décalage d'erreur : 0x00000040 ID du processus défaillant : 0x1998 Heure de début de l'application défaillante : 0x01cb59551be21b7b Chemin d'accès de l'application défaillante : C:\Program Files (x86)\Internet Explorer\iexplore.exe Chemin d'accès du module défaillant: unknown ID de rapport : 58c7d14c-c54f-11df-ae2d-705ab6bf687f Error - 21/09/2010 04:26:32 | Computer Name = PCDENATHALIE | Source = SideBySide | ID = 16842832 Description = La création du contexte d'activation a échoué pour « C:\Users\PC DE NATHALIE\Documents\Downloads\Programs\SoftonicDownloader43961.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Error - 23/09/2010 16:15:15 | Computer Name = PCDENATHALIE | Source = Google Update | ID = 20 Description = Error - 24/09/2010 03:19:35 | Computer Name = PCDENATHALIE | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante iexplore.exe, version : 8.0.7600.16385, horodatage : 0x4a5bc69e Nom du module défaillant : OfferBoxBHO.dll, version : 2.1.2613.41, horodatage : 0x4c46ef2a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00007da1 ID du processus défaillant : 0x1798 Heure de début de l'application défaillante : 0x01cb5bb8d54e5ffd Chemin d'accès de l'application défaillante : C:\Program Files (x86)\Internet Explorer\iexplore.exe Chemin d'accès du module défaillant: C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll ID de rapport : 15297b73-c7ac-11df-af08-705ab6bf687f Error - 26/09/2010 13:42:30 | Computer Name = PCDENATHALIE | Source = Windows Backup | ID = 4103 Description = [ System Events ] Error - 27/09/2010 07:34:46 | Computer Name = PCDENATHALIE | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l'attente de la connexion du service Notebook Performance Tuning Service (TEMPRO). Error - 27/09/2010 11:20:18 | Computer Name = PCDENATHALIE | Source = Ntfs | ID = 262199 Description = La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l'utilitaire chkdsk sur le volume WINDOWS. Error - 27/09/2010 14:32:49 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10016 Description = Error - 27/09/2010 14:32:50 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10016 Description = Error - 27/09/2010 14:32:51 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10016 Description = Error - 27/09/2010 14:32:53 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10016 Description = Error - 27/09/2010 14:32:54 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10016 Description = Error - 27/09/2010 14:32:56 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10016 Description = Error - 30/09/2010 09:33:42 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10010 Description = Error - 30/09/2010 09:36:00 | Computer Name = PCDENATHALIE | Source = DCOM | ID = 10010 Description = < End of report >

Malekal_morte- · Answer

Tu voudrais pas envoyer les rapports sur cijoint comme c'est demandé, car là c'est top pas lisible à lire \o

Malekal_morte- · Answer

Le PC est complètement infecté....
Je te réponds ce soir, je dois partir :)

lili500 · Answer

bon j'ai travaillé un peu en t'on absence.
j'ai appliqué norton power eraser il m'a detecté des fichiers infectés et les a supprimé sauf un je crois.je ne peux pas t'envoyer le rapport j'ai essayé mais trop lourd.

lili500 · Answer

ensuite j'ai appliqué ad remhttp://www.cijoint.fr/cjlink.php?file=cj201010/cijDyhchWA.txtover voici le rapport ;

Malekal_morte- · Answer

Bon. 

Déjà sauvegarde tes documents importants car le PC est bien infecté, on est pas à l'abri d'un plantage. 

Ensuite tu lis bien ce qui est écrit et tu suis calmement la procédure pour ne pas faire de boulette. 
  

Relance OTL. 
o sous Peronnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat: 

:OTL 
PRC - [2010/10/01 23:01:04 | 000,129,024 | ---- | M] () -- C:\Users\PC DE NATHALIE\AppData\Roaming\SysWin\lsass.exe 
MOD - [2010/10/01 23:11:47 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dllt3tkwj2v132.dll 
MOD - [2010/10/01 23:11:42 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dllpqp3jw1dgl32.dll 
MOD - [2010/10/01 23:10:57 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dll 
MOD - [2010/10/01 23:10:52 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dll 
MOD - [2010/10/01 23:10:08 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dll 
MOD - [2010/10/01 23:10:03 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dll 
MOD - [2010/10/01 23:09:18 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll 
MOD - [2010/10/01 23:09:13 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll 
MOD - [2010/10/01 23:08:29 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cmicryptinstall32.dll 
MOD - [2010/10/01 23:08:24 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\CertPolEng32.dll 
MOD - [2010/10/01 23:07:37 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\connect32.dll 
MOD - [2010/10/01 23:07:34 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\comctl3232.dll 
MOD - [2010/10/01 23:06:48 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level93232.dll 
MOD - [2010/10/01 23:06:45 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\C_IS202232.dll 
MOD - [2010/10/01 23:05:58 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dciman3232.dll 
MOD - [2010/10/01 23:05:55 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\D3DX9_4232.dll 
MOD - [2010/10/01 23:05:20 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\BOOTVID32.dll 
MOD - [2010/10/01 23:05:06 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\aticalcl32.dll 
MOD - [2010/10/01 23:04:42 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\cryptbase32.dll 
MOD - [2010/10/01 23:04:16 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\azroleui32.dll 
MOD - [2010/10/01 23:04:10 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dllwt8c309q3y4732.dll 
MOD - [2010/10/01 23:03:20 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dll 
MOD - [2010/10/01 23:02:35 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll0vwo9kp58vq0132.dll 
MOD - [2010/10/01 23:02:31 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll 
MOD - [2010/10/01 23:01:43 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll 
MOD - [2010/10/01 23:01:41 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dll 
MOD - [2010/10/01 23:00:54 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll 
MOD - [2010/10/01 23:00:51 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\d3d10level932.dll 
MOD - [2010/10/01 23:00:01 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dllb9ai4ho408r232.dll 
MOD - [2010/10/01 23:00:01 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dll 
MOD - [2010/10/01 23:00:00 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-032.dll 
MOD - [2010/10/01 22:59:09 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dhcpcore632.dll 
MOD - [2010/10/01 22:59:08 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dll 
MOD - [2010/10/01 22:59:07 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dfscli32.dll 
MOD - [2010/10/01 22:58:17 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll 
MOD - [2010/10/01 22:58:17 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dmrc32.dll 
MOD - [2010/10/01 22:58:16 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dmloader32.dll 
MOD - [2010/10/01 22:57:26 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dll 
MOD - [2010/10/01 22:57:26 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dpnlobby32.dll 
MOD - [2010/10/01 22:57:23 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dot3ui32.dll 
MOD - [2010/10/01 22:56:35 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\dsuiext32.dll 
MOD - [2010/10/01 22:56:32 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\DShowRdpFilter32.dll 
MOD - [2010/10/01 22:56:28 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\drmv2clt32.dll 
MOD - [2010/10/01 22:55:57 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\framedyn32.dll 
MOD - [2010/10/01 22:55:42 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\EBLib32.dll 
MOD - [2010/10/01 22:54:52 | 000,211,968 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWOW64\fdSSDP32.dll 
O2 - BHO: (no name) - {002B74BB-22BF-47B7-8E87-56F9070F60D8} - C:\Windows\SysWOW64\credssp32.dll (Inprise Corporation) 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. 
O2 - BHO: (54d6000e) - {CFB4473F-968D-3762-3E02-DDC7C75640EF} - C:\Windows\SysWOW64\comctl3232.dll (Inprise Corporation) 
O4 - HKLM..\Run: [IP Network] C:\Program Files (x86)\InstallPedia\lnetworker.exe () 
O4 - HKLM..\Run: [RTHDBPL] C:\Users\PC DE NATHALIE\AppData\Roaming\SysWin\lsass.exe () 
O20 - AppInit_DLLs: (C:\Windows\system32\fdSSDP32.dll) - C:\Windows\SysWOW64\fdSSDP32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\EBLib32.dll) - C:\Windows\SysWOW64\EBLib32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\framedyn32.dll) - C:\Windows\SysWOW64\framedyn32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\drmv2clt32.dll) - C:\Windows\SysWOW64\drmv2clt32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\DShowRdpFilter32.dll) - C:\Windows\SysWOW64\DShowRdpFilter32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dsuiext32.dll) - C:\Windows\SysWOW64\dsuiext32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dot3ui32.dll) - C:\Windows\SysWOW64\dot3ui32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dll) - C:\Windows\SysWOW64\dpnlobby32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dmloader32.dll) - C:\Windows\SysWOW64\dmloader32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dmrc32.dll) - C:\Windows\SysWOW64\dmrc32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dfscli32.dll) - C:\Windows\SysWOW64\dfscli32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dll) - C:\Windows\SysWOW64\dhcpcore632.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-032.dll) - C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-032.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dllb9ai4ho408r232.dll) - C:\Windows\SysWOW64\dpnlobby32.dllch94uoma32.dllk9gnvmm5qcc32.dll1cqawb4qh8ht32.dllb9ai4ho408r232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dll) - C:\Windows\SysWOW64\d3d10level932.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll0vwo9kp58vq0132.dll) - C:\Windows\SysWOW64\dhcpcore632.dllvkjj3efn532.dlltzbznzf5n5ux32.dll72ro832.dll0vwo9kp58vq0132.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dllwt8c309q3y4732.dll) - C:\Windows\SysWOW64\d3d10level932.dlljjtrt32.dlll4ll4gzd32.dll6e02oo7rrq81lm732.dllwt8c309q3y4732.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\azroleui32.dll) - C:\Windows\SysWOW64\azroleui32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\cryptbase32.dll) - C:\Windows\SysWOW64\cryptbase32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\aticalcl32.dll) - C:\Windows\SysWOW64\aticalcl32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\BOOTVID32.dll) - C:\Windows\SysWOW64\BOOTVID32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\D3DX9_4232.dll) - C:\Windows\SysWOW64\D3DX9_4232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\dciman3232.dll) - C:\Windows\SysWOW64\dciman3232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\C_IS202232.dll) - C:\Windows\SysWOW64\C_IS202232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\d3d10level93232.dll) - C:\Windows\SysWOW64\d3d10level93232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\comctl3232.dll) - C:\Windows\SysWOW64\comctl3232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\connect32.dll) - C:\Windows\SysWOW64\connect32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dllpqp3jw1dgl32.dll) - C:\Windows\SysWOW64\CertPolEng32.dll1s4ywwwymy232.dll0jlcto2wu32.dllfj9d1ea32.dllpqp3jw1dgl32.dll (Inprise Corporation) 
O20 - AppInit_DLLs: (C:\Windows\system32\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dllt3tkwj2v132.dll) - C:\Windows\SysWOW64\cmicryptinstall32.dlllnjprf0gy4a9gx32.dll0ghrfwhdj9132.dlltsoa932.dllt3tkwj2v132.dll (Inprise Corporation) 
[2010/10/05 10:49:48 | 000,000,201 | ---- | M] () -- C:\Users\PC DE NATHALIE\AppData\Roaming\srsf.bat 
[2010/10/05 10:49:28 | 000,650,240 | ---- | M] () -- C:\Users\PC DE NATHALIE\AppData\Roaming\hotfix.exe 
[2010/10/01 11:50:56 | 000,099,384 | ---- | M] () -- C:\Users\PC DE NATHALIE\AppData\Roaming\inst.exe 
[2010/10/01 23:01:07 | 000,000,000 | -HSD | M] -- C:\Users\PC DE NATHALIE\AppData\Roaming\SysWin 

* redemarre le pc sous windows et poste le rapport ici  


Fais un scan Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 
Enregistre le rapport et poste le ici.


Relance un scan OTL comme la première fois : https://forums.commentcamarche.net/forum/affich-19390403-a-l-aide-j-ai-attrape-un-virus#7 
Envoie sur cijoint et donne les liens. 

Les hommes réunissent tous les erreurs de leur vie et créent un monstre qu'il appelle destin.

lili500 · Answer

bon apres j'ai fait malwarbyte's antimalwares ils me trouve 25 fichier infecté mais j'arrive pas a nettoyer voici le rapport : http://www.cijoint.fr/cjlink.php?file=cj201010/cijakwc0Co.txt

Malekal_morte- · Answer

Ad-Remover sert à rien..

Arrete de t'éparpiller.... suis la procédure que je t'ai donnée.

lili500 · Answer

ok mais j'avais pas vue que tu m'avait donné une marche a suivre.

lili500 · Answer

voici le rapport pres nettoyage:Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05/10/2010 19:04:52
mbam-log-2010-10-05 (19-04-52).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 119603
Temps écoulé: 5 minute(s), 6 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

lili500 · Answer

voici les rapports

http://www.cijoint.fr/cjlink.php?file=cj201010/cijg9LUvZk.txt

http://www.cijoint.fr/cjlink.php?file=cj201010/cijgec3iM6.txt

alors?

Malekal_morte- · Answer

Manque le rapport OTL de suppression, j'ai pas l'impression que tu as fait cette partie là.

lili500 · Answer

je refait une analyse

lili500 · Answer

le voici je crois: Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context! Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context! Error: Unable to interpret <%APPDATA%\*. > in the current context! Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context! Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context! Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context! Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context! Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles > in the current context! Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context! Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context! OTL by OldTimer - Version 3.2.14.1 log created on 10052010_200213

Malekal_morte- · Answer

c'pas bon, relis la procédure à faire.

lili500 · Answer

bon et bien je comprend pas j'ai fait exactement comme la 1 ere fois
je recommence encore une fois

lili500 · Answer

voila c'est fais et cette fois je n'ai qu'http://www.cijoint.fr/cjlink.php?file=cj201010/cij8JREGa7.txtun rapport le voici :

lili500 · Answer

bon cette fois c'est kla bonne voici le bon rapport 'enfin je crois

http://www.cijoint.fr/cjlink.php?file=cj201010/cijqmgLgoV.txt

Malekal_morte- · Answer

yep.

La suite... Malwarebyte.
T'as fait un scan avec... sauf qu'il est pas à jour... tu le mets à jour et tu refais un scan avec et poste le rapport ici (voir lien d'aide donné).

Ensuite refais un scan OTL pour voir ce qu'il reste.

lili500 · Answer

quesqu'y n'est pas a jour le logiciel ?mais comment trouver un logiciel plus recent?

Malekal_morte- · Answer

La base de définition virale de Malwarebyte qui n'est pas à jour, voir lien d'aide : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

lili500 · Answer

voici les differents rapports malwar : Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4748

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05/10/2010 22:32:35
mbam-log-2010-10-05 (22-32-35).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 140227
Temps écoulé: 2 minute(s), 41 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\PC DE NATHALIE\AppData\Roaming\B73D.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\AuthFWWizFwk32.dll.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\capiprovider32.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\comctl3232.dll.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\d3d10_132.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\d3dim70032.dll.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\System32\DDORes32.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
  



avant il y avait aussi
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4748

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05/10/2010 22:32:08
mbam-log-2010-10-05 (22-32-08) dernier malwar

Type d'examen: Examen rapide
Elément(s) analysé(s): 140227
Temps écoulé: 2 minute(s), 41 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\PC DE NATHALIE\AppData\Roaming\B73D.tmp (Trojan.Tracur) -> No action taken.
C:\Windows\System32\AuthFWWizFwk32.dll.exe (Trojan.Tracur) -> No action taken.
C:\Windows\System32\capiprovider32.dll (Trojan.Tracur) -> No action taken.
C:\Windows\System32\comctl3232.dll.exe (Trojan.Tracur) -> No action taken.
C:\Windows\System32\d3d10_132.dll (Trojan.Tracur) -> No action taken.
C:\Windows\System32\d3dim70032.dll.exe (Trojan.Tracur) -> No action taken.
C:\Windows\System32\DDORes32.dll (Trojan.Tracur) -> No action taken.

lili500 · Answer

voici le rapport otl sans rien de copier coller dans personnalisation : http://www.cijoint.fr/cjlink.php?file=cj201010/cijUz5ejVV.txt

lili500 · Answer

et voici le rapport avec le copier coller que tu ma donné en premier : http://www.cijoint.fr/cjlink.php?file=cj201010/cijNSCz9d6.txt

lili500 · Answer

et encore ca si besoin Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context! Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context! Error: Unable to interpret <%APPDATA%\*. > in the current context! Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context! Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context! Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context! Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context! Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles > in the current context! Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context! Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context! OTL by OldTimer - Version 3.2.14.1 log created on 10052010_225328

lili500 · Answer

up

Malekal_morte- · Answer

Ca a l'air pas trop mal, comment se comporte le PC ?

lili500 · Answer

merci pour ta reponse.et bien le pc se comporte plutot bien malgres l'apparition de pub chose que je n'avais pas avant.de plus a chaque fois que je me connecte je suis tout le temps en mode "travail hors connection" ce n'etait pas comme cela avant.
pourrai tu m'indiquer un logiciel qui me protegera des roques et egalement un bon anti virus en effet le mien arrive a expiration et je souhaiterai en changer pour un gratuit de preference.
autre petit service pourrai tu analyser mon rapport hiijackthis car apparemment c'est pas top voici le lien  et un grand merci pour ton aide et ta patience.merci merci merci

http://www.cijoint.fr/cjlink.php?file=cj201010/cij6d5VqqC.odt

lili500 · Answer

up

lili500 · Answer

up

lili500 · Answer

up up

Malekal_morte- · Answer

Ton "travailler hors connexion" c'est parce que tu as une fenêtre qui s'ouvre quand tu lances Internet Explorer ?

Malekal_morte- · Answer

tu sais que up à tout bout de champs ne fera pas répondre plus vite? :)

Le rapport HijackThis est OK comme je t'ai dit plus haut.

Pour la connexion, bha faut voir quel type c'est... filaire/wifi etc.
Peut-être que la connexion est longue à s'établir.... faudrait voir si quand tu lances ton navigateur WEB... tu as bien la connexion (icone double écran en bas à droite à côté de l'horloge) qui est présente et qui clignote.

Éventuellement, vas dans le panneau de conf / Option Internet.
Dans l'onglet Connexion, assure que toi qu'en haut à gauche "ne jamais établir la connexion" soit cochée.

lili500 · Answer

merci pour ta reponse.
les petits up up up etait là pour te faciliter la visualisation de mes reponses  (avec la quantité de message pas facile de si retrouver) alors desolé si cela ta agacé mais c'etait par gentillesse.
bon cool mon pc est guerie.
alors merci pour tout et a bientot

Malekal_morte- · Answer

Tes pubs doivent venir de ce logiciel OfferBox : [2010/09/21 22:22:29 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\AppData\Roaming\OfferBox
[2010/09/21 22:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OfferBox

C'est un logiciel installé par un autre (genre de sponsors) qui ouvrent des fenêtres de publicités.
Ca se désinstalle Offerbox.

Sinon pour les questions de sécurité c'est bien de se poser qu'elle logiciel "par dessus" faut mettre mais quand je vois ça :

[2010/09/21 22:13:05 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010/09/21 22:12:29 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\AppData\Local\eMule
[2010/09/21 22:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eMule
[2010/09/21 21:58:58 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\Documents\LimeWire
[2010/09/21 21:58:49 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\AppData\Roaming\Mozilla
[2010/09/21 21:58:22 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\AppData\Roaming\LimeWire
[2010/09/21 21:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LimeWire
[2010/09/21 11:10:58 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\AppData\Roaming\uTorrent
[2010/09/21 10:03:41 | 000,000,000 | ---D | C] -- C:\Users\PC DE NATHALIE\AppData\Roaming\BitTorrent

P2Pland le PC...
LimeWire c'est une poubelle à virus.

Le fond du problème c'est ce que tu télécharges et exécutes sur le PC plus qq autres recettes basiques à suivre.

Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html

 

Fonctionnement malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

lili500 · Answer

bon pour le logiciel offerbox j'trouve pas trace dans mes fichiers je n'arrive donc pas a le desinstaller.
pour le "p2pland" j'ai tout desinstallé en n'aillant jamais j'ai bien dit jamais utiliser aucun d'entre eux (libre a toi de ma croire) car je l'avoue je n'ai jamais reussi a me connecter a leurs serveurs .donc je suis sur que le virus que j'ai choppé ne viens pas de cela.
en tout cas merci pour toute ses info j'en prend bonne note, et bonne soirée.

Malekal_morte- · Answer

@lili500 : Pas de prb et bonne soirée :)

A l'aide j'ai attrapé un virus!!!!

43 réponses

Votre réponse

Discussions similaires

Newsletters