Impossible de lancer spybot

Résolu
STEPHANE1904 Messages postés 13 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,



Je rencontre depuis quelque temps un souci pour lancer malwarebyte j'ai été obligé de changer le nom de fichier.exe j'ai également installer spybot search and destroy et là l'installation se fait normalement sauf que le fichier exécutable spybotsd.exe est introuvable j'en pers mon latin

Si quelqu'un pourrai m'aider cela serait super merci d'avance

7 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt

    Télécharge OTL de OLDTimer ici :

    http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

    et enregistre le sur ton Bureau.

    Double clic sur OTL.exe pour le lancer.

    Coche les 2 cases Lop et Purity

    Coche la case devant "scan all users"

    Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    Pour me le transmettre clique sur ce lien :

    http://www.cijoint.fr/

    Clique sur Parcourir et cherche le fichier ci-dessus.

    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.
    2
  2. STEPHANE1904 Messages postés 13 Statut Membre
     
    bonsoir merci de vous occuper de mon cas ci-joint le lien demandé http://www.cijoint.fr/cjlink.php?file=cj201011/cij7fVvYL8.txt
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

    - Va dans démarrer puis panneau de configuration
    - Double Clique sur l'icône "Comptes d'utilisateurs"
    - Clique ensuite sur désactiver et valide.

    télécharge combofix (par sUBs) ici :

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    et enregistre le sur le bureau.

    déconnecte toi d'internet et ferme toutes tes applications.

    désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

    double-clique sur combofix.exe et suis les instructions

    à la fin, il va produire un rapport C:\ComboFix.txt

    réactive ton parefeu, ton antivirus, la garde de ton antispyware

    copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

    Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

    Tu as un tutoriel complet ici :

    https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
    0
  4. STEPHANE1904 Messages postés 13 Statut Membre
     
    Rebonsoir

    Ci dessous le rapport et encore merci de tonaide

    ComboFix 10-11-16.02 - STEPHANE 17/11/2010 0:29.2.2 - x86
    Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2046.841 [GMT 1:00]
    Lancé depuis: c:\users\STEPHANE\Desktop\ComboFix.exe
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    Une copie infectée de c:\windows\system32\drivers\iaStor.sys a été trouvée et désinfectée
    Copie restaurée à partir de - Kitty had a snack :p
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-16 au 2010-11-16 ))))))))))))))))))))))))))))))))))))
    .

    2010-11-16 23:41 . 2010-11-16 23:44 -------- d-----w- c:\users\STEPHANE\AppData\Local\temp
    2010-11-16 23:28 . 2010-11-16 23:28 -------- d-----w- c:\programdata\TOSHIBA Tempro
    2010-11-16 18:36 . 2010-11-16 18:37 -------- d-----w- c:\program files\SSD
    2010-11-16 17:57 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1D39E15F-E00E-4775-BD47-DF75BC296823}\mpengine.dll
    2010-11-15 17:43 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-11-15 17:43 . 2010-11-15 17:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-11-15 17:43 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-11-14 14:50 . 2010-11-14 14:50 -------- d-----w- c:\users\STEPHANE\AppData\Local\STARGAZE_IMAGE_CACHE
    2010-11-14 14:50 . 2010-11-14 14:50 -------- d-----w- c:\programdata\Alawar Stargaze
    2010-11-13 17:13 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2010-11-04 20:33 . 2010-11-15 20:01 -------- d-----w- c:\program files\Panda Security
    2010-11-03 20:43 . 2010-11-15 19:59 -------- d-----w- c:\programdata\Lavasoft
    2010-11-02 20:39 . 2010-11-02 21:36 -------- d-----w- c:\program files\Emsisoft Anti-Malware
    2010-10-27 17:26 . 2010-10-27 17:26 -------- d-----w- c:\programdata\Macrium
    2010-10-27 17:24 . 2010-10-27 17:24 -------- d-----w- c:\program files\Macrium
    2010-10-27 05:35 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-10-27 05:35 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-10-27 05:35 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-10-22 11:26 . 2010-11-15 19:59 -------- d-----w- c:\programdata\Iminent
    2010-10-22 11:25 . 2010-08-16 14:06 24576 ----a-w- c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com\components\Iminent.XPCOM.dll
    2010-10-22 11:20 . 2010-10-22 11:20 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-10-22 05:47 . 2010-10-22 05:47 -------- d-----w- c:\program files\Apple Software Update
    2010-10-20 21:13 . 2010-10-20 21:13 -------- d-----w- c:\users\STEPHANE\AppData\Roaming\HiYo
    2010-10-20 21:13 . 2010-10-20 21:13 -------- d-----w- c:\programdata\HiYo
    2010-10-20 21:13 . 2010-10-20 21:13 -------- d-----w- c:\program files\HiYo
    2010-10-20 20:17 . 2009-09-04 15:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
    2010-10-20 20:17 . 2009-09-04 15:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
    2010-10-20 20:17 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
    2010-10-20 20:17 . 2010-10-20 20:17 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\c26319811cb709307\MeshBetaRemover.exe
    2010-10-20 20:16 . 2010-10-20 20:16 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\b7bf19c11cb709305\DSETUP.dll
    2010-10-20 20:16 . 2010-10-20 20:16 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\b7bf19c11cb709305\DXSETUP.exe
    2010-10-20 20:16 . 2010-10-20 20:16 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\b7bf19c11cb709305\dsetup32.dll
    2010-10-20 20:16 . 2010-10-20 20:16 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\b5f815611cb709304\DSETUP.dll
    2010-10-20 20:16 . 2010-10-20 20:16 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\b5f815611cb709304\DXSETUP.exe
    2010-10-20 20:16 . 2010-10-20 20:16 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\b5f815611cb709304\dsetup32.dll
    2010-10-20 19:13 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
    2010-10-20 17:14 . 2010-10-22 07:20 -------- d-----w- c:\users\STEPHANE\AppData\Local\Windows Live

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-11-15 19:27 . 2010-01-26 20:48 691 ----a-w- c:\users\STEPHANE\AppData\Roaming\GetValue.vbs
    2010-11-15 19:27 . 2010-01-26 20:48 35 ----a-w- c:\users\STEPHANE\AppData\Roaming\SetValue.bat
    2010-10-19 09:41 . 2009-10-02 16:08 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-10-13 13:49 . 2010-10-13 13:49 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
    2010-09-28 12:03 . 2010-09-28 12:03 12256 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
    2010-09-28 12:03 . 2010-09-28 12:03 15328 ----a-w- c:\windows\system32\drivers\pssnap.sys
    2010-09-28 12:03 . 2010-09-28 12:03 44512 ----a-w- c:\windows\system32\drivers\psmounter.sys
    2010-09-13 13:56 . 2010-10-14 05:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2010-09-08 06:09 . 2010-09-08 06:08 19657194 ----a-w- C:\vlc-1.1.4-win32.exe
    2010-09-08 06:01 . 2010-10-14 05:56 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-08 05:57 . 2010-10-14 05:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-08 05:57 . 2010-10-14 05:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-09-08 05:56 . 2010-10-14 05:56 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-09-08 05:56 . 2010-10-14 05:56 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-09-08 05:04 . 2010-10-14 05:56 385024 ----a-w- c:\windows\system32\html.iec
    2010-09-08 04:26 . 2010-10-14 05:56 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-09-08 04:25 . 2010-10-14 05:56 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-09-07 15:12 . 2010-06-30 19:35 38848 ----a-w- c:\windows\avastSS.scr
    2010-09-07 15:11 . 2010-02-01 23:51 167592 ----a-w- c:\windows\system32\aswBoot.exe
    2010-09-07 14:52 . 2010-02-01 23:53 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2010-09-07 14:52 . 2010-02-01 23:53 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2010-09-07 14:47 . 2010-02-01 23:53 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2010-09-07 14:47 . 2010-02-01 23:53 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2010-09-07 14:47 . 2010-02-01 23:53 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2010-09-06 19:50 . 2010-09-06 19:50 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
    2010-09-06 16:20 . 2010-10-14 05:56 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2010-09-06 16:19 . 2010-10-14 05:56 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-09-06 13:45 . 2010-10-14 05:56 304128 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-09-06 13:45 . 2010-10-14 05:56 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-09-06 13:45 . 2010-10-14 05:56 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-08-31 15:46 . 2010-10-14 05:56 954752 ----a-w- c:\windows\system32\mfc40.dll
    2010-08-31 15:46 . 2010-10-14 05:56 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2010-08-31 15:44 . 2010-10-14 05:55 531968 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-31 13:27 . 2010-10-14 05:55 2038272 ----a-w- c:\windows\system32\win32k.sys
    2010-08-26 16:37 . 2010-10-14 05:56 157184 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-26 16:33 . 2010-10-27 05:35 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
    2010-08-26 16:33 . 2010-10-27 05:35 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
    2010-08-26 16:33 . 2010-10-27 05:35 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2010-08-26 16:33 . 2010-10-27 05:35 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
    2010-08-20 16:05 . 2010-10-14 05:55 867328 ----a-w- c:\windows\system32\wmpmde.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
    2007-07-31 14:33 1391640 ----a-w- c:\program files\speed-bit\tbspee.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}"= "c:\program files\speed-bit\tbspee.dll" [2007-07-31 1391640]

    [HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= "c:\program files\speed-bit\tbspee.dll" [2007-07-31 1391640]

    [HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
    @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
    [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
    2007-11-14 10:22 3186440 ----a-w- c:\program files\Protector Suite QL\farchns.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
    @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
    [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
    2007-11-14 10:22 3186440 ----a-w- c:\program files\Protector Suite QL\farchns.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2010-03-08 160328]
    "Google Update"="c:\users\STEPHANE\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-25 135664]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
    "AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-09-01 98304]
    "Glary Memory Optimizer"="c:\program files\Glary Utilities\memdefrag.exe" [2008-10-29 89600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
    "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-04-02 577536]
    "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
    "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
    "SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
    "StartupDelayer"="c:\program files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe" [2009-03-08 147456]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-06-13 4489216]
    "PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-11-14 49416]
    "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
    "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]
    "KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
    "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
    "IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2007-03-13 33048]
    "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2009-01-09 114688]
    "CardDetectorICON225"="c:\program files\CardDetector\ICON225\CardDetector.exe" [2007-11-13 278528]
    "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
    "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-01-19 1150976]
    "BEWINTERNET-FR-DMGP-V2SessionManager"="c:\program files\Orange\IEWInternet\SessionManager\SessionManager.exe" [2008-02-13 102400]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
    "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
    "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2010-10-20 238960]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
    "IMBooster"="c:\program files\Iminent\IMBooster\imbooster.exe" [2010-08-16 1631736]
    "Iminent.Notifier"="c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe" [2010-07-09 536056]

    c:\users\STEPHANE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    PrintKey 2000 Fr.lnk - c:\program files\PrintKey 2000 Fr\Printkey 2000 Fr.exe [2001-6-25 869888]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth Monitor.lnk - c:\program files\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2009-2-1 69632]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "DisableCAD"= 1 (0x1)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
    2007-11-14 10:07 96008 ----a-w- c:\windows\System32\psqlpwd.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hyperappel du Petit Larousse 2009.lnk]
    backup=c:\windows\pss\Hyperappel du Petit Larousse 2009.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^Users^STEPHANE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OUTLOOK - Raccourci.lnk]
    backup=c:\windows\pss\OUTLOOK - Raccourci.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^STEPHANE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Vista Rainbar.exe - Raccourci.lnk]
    backup=c:\windows\pss\Vista Rainbar.exe - Raccourci.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    2010-04-13 00:29 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMBooster]
    2010-08-16 14:07 1631736 ----a-w- c:\program files\Iminent\IMBooster\IMBooster.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
    2008-07-09 21:05 46368 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Neuf Media Center]
    2008-10-10 18:24 726336 ----a-w- c:\program files\SFR\Media Center\MediaCenter.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
    2007-02-19 14:00 571024 ----a-w- c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
    2010-08-27 11:14 1050072 ----a-w- c:\program files\Toshiba TEMPRO\TemproTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2924939454-3407247330-1690009250-1000]
    "EnableNotificationsRef"=dword:00000001

    R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate1c99cfb15083feb;Google Update Service (gupdate1c99cfb15083feb);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 133104]
    R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2010-08-27 124368]
    R3 avshws;YouUp Simulated Hardware;c:\windows\system32\DRIVERS\youup.sys [2009-02-13 57344]
    R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-10-13 23456]
    R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys [2007-11-13 95744]
    R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys [2007-11-13 51968]
    R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
    R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
    R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\AF8.tmp [x]
    R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
    R3 TpChoice;Touch Pad Detection Filter driver;c:\windows\system32\DRIVERS\TpChoice.sys [x]
    R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-02-26 639224]
    S0 CplIR;Embedded IR Driver;c:\windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
    S0 iaNvStor;Intel(R) Turbo Memory Technology NAND Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2007-03-10 210432]
    S0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\DRIVERS\pssnap.sys [2010-09-28 15328]
    S1 aswSP;aswSP; [x]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
    S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2008-09-12 233472]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2010-05-20 88176]
    S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2010-09-28 220128]
    S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2008-09-12 36512]
    S3 NETw5v32;Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows Vista 32 bits ;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-05-31 6638080]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - FSUSBEXDISK

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    .
    Contenu du dossier 'Tâches planifiées'

    2010-10-28 c:\windows\Tasks\Defraggler Volume C Task.job
    - c:\program files\Defraggler\df.exe [2009-10-01 18:28]

    2010-11-16 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files\Glary Utilities\initialize.exe [2008-11-26 16:58]

    2010-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 18:57]

    2010-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 18:57]

    2010-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2924939454-3407247330-1690009250-1000Core.job
    - c:\users\STEPHANE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-08 07:10]

    2010-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2924939454-3407247330-1690009250-1000UA.job
    - c:\users\STEPHANE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-08 07:10]
    .
    .
    ------- Examen supplémentaire -------
    .
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Barre RoboForm - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Enregistrer le formulaire - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    IE: Personnaliser le menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    IE: Remplir le formulaire - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    FF - ProfilePath - c:\users\STEPHANE\AppData\Roaming\Mozilla\Firefox\Profiles\8g6doruo.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
    FF - prefs.js: browser.search.selectedEngine - IMBooster4web-en Customized Web Search
    FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
    FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
    FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com\components\Iminent.XPCOM.dll
    FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll
    FF - component: c:\users\STEPHANE\AppData\Roaming\Mozilla\Firefox\Profiles\8g6doruo.default\extensions\{5f67de8f-699c-425b-9fde-e07a37d6b691}\components\FFExternalAlert.dll
    FF - component: c:\users\STEPHANE\AppData\Roaming\Mozilla\Firefox\Profiles\8g6doruo.default\extensions\{5f67de8f-699c-425b-9fde-e07a37d6b691}\components\RadioWMPCore.dll
    FF - component: c:\users\STEPHANE\AppData\Roaming\Mozilla\Firefox\Profiles\8g6doruo.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\Engine.dll
    FF - component: c:\users\STEPHANE\AppData\Roaming\Mozilla\Firefox\Profiles\8g6doruo.default\extensions\engine@conduit.com\components\FFExternalAlert.dll
    FF - component: c:\users\STEPHANE\AppData\Roaming\Mozilla\Firefox\Profiles\8g6doruo.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
    FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
    FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
    FF - plugin: c:\users\STEPHANE\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
    c:\program files\Mozilla Firefox\defaults\pref\all-iminent.js - pref("iminent.appInstanceUid", "5037fdc6-b7d1-4d33-a448-bbe4c50a0854");
    c:\program files\Mozilla Firefox\defaults\pref\all-iminent.js - pref("iminent.currentLcid", "1036");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .
    .
    ------- Associations de fichier -------
    .
    .txt=UltraEdit.txt
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
    BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    HKCU-RunOnce-.IMinentUpdate - c:\users\STEPHANE\AppData\Local\Temp\NotifierSetup.exe

    **************************************************************************
    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés:

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Services\MEMSWEEP2]
    "ImagePath"="\??\c:\windows\system32\AF8.tmp"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\S-1-5-21-2924939454-3407247330-1690009250-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5E0901A7-7527-81FD-186B-2F490EACB0D8}*]
    @Allowed: (Read) (RestrictedCode)
    "abcipnhjeiiknoflndimaagecpfmbhogaj"=hex:61,61,00,00
    "bbcipnhjeiiknoflndlmlofljicknakopacp"=hex:61,61,00,00

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
    "Licence0"="04F0D21-79D8-7A25-D702-433F"

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:0000003d

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'Explorer.exe'(1552)
    c:\program files\Iminent\IMBooster\Iminent.WinCore.dll
    c:\program files\RocketDock\RocketDock.dll
    c:\program files\Unlocker\UnlockerHook.dll
    c:\progra~1\mcafee\SITEAD~1\saHook.dll
    c:\program files\Protector Suite QL\farchns.dll
    c:\program files\Protector Suite QL\infql2.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\program files\Alwil Software\Avast5\AvastSvc.exe
    c:\windows\system32\WLANExt.exe
    c:\program files\Protector Suite QL\upeksvr.exe
    c:\windows\system32\conime.exe
    c:\windows\system32\agrsmsvc.exe
    c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
    c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
    c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\program files\CDBurnerXP\NMSAccessU.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\windows\RtHDVCpl.exe
    c:\program files\SFR\Logiciel de Synchronisation SFR\Logiciel de Synchronisation SFRTray.exe
    c:\program files\Protector Suite QL\psqltray.exe
    c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
    c:\program files\Synaptics\SynTP\SynTPHelper.exe
    c:\program files\Synaptics\SynTP\SynToshiba.exe
    c:\program files\Brother\ControlCenter3\brccMCtl.exe
    c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    c:\program files\Brother\Brmfcmon\BrMfimon.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\program files\Intel\WiFi\bin\EvtEng.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
    .
    **************************************************************************
    .
    Heure de fin: 2010-11-17 00:54:30 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-11-16 23:54

    Avant-CF: 53 448 773 632 octets libres
    Après-CF: 53 108 957 184 octets libres

    - - End Of File - - 8D758794D2E3051EC6719B14A0D434BD
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    mets à jour malwarebyte et colle un rapport avec

    spybot remarche?

    a plus
    0
  7. STEPHANE1904 Messages postés 13 Statut Membre
     
    Bonjour

    Pour spybot c'est ok je pense que le probléme est résolu j'ai vu passé un rookit hier soir combofix a été obligé de redémarrer une fois avant de chercher il m'a indiqué NT3 quelque chose comme cela ..

    Cela te parle (je me permets de te tutoyer)

    ci joint le rapport

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 5121

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18975

    17/11/2010 19:48:00
    mbam-log-2010-11-17 (19-48-00).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 164203
    Temps écoulé: 13 minute(s), 7 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  8. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok

    colle un rapport d'une analyse en ligne avec un des 4 premiers antivirus proposés ici: antivirus en ligne

    et dis nous quels sont tes problèmes actuels

    a plus
    0