J'ai un problème avec Form1

Résolu
Shoujo -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

J'aurais besoin de votre aide. J'ai lu pas mal de sujet sur Form1, et j'ai cru comprendre qu'il fallait une analyse personnalisée pour chaque cas .. Et sachant que je suis tout sauf douée en informatique, j'aurais besoin d'un coup de pouce.
Form1 est sur mon pc depuis maintenant bien trois mois, le soucis étant qu'au départ je ne me suis pas posée de question, Form1 étant apparu après que le frère de ma copine me reformate le pc, j'ai pensé que c'était un truc qu'il avait laissé volontairement.
Mais sachant que ce programme me bloque pas mal de trucs, je n'peux rien installer sachant qu'il est en "cours d'installation", bref, si vous pouviez m'aider à virer ce truc de mon pc, ça serait sympa !

Merci à vous.

Pour info, mon pc n'est pas non plus tout jeune, il en a subit des mauvais traitements ! (Virus en tout genre, plus de son .. mais maintenant tout va bien mis à part ce Form1 à la noix ..).

Ah oui, et bonne année à tous et à toutes :)

11 réponses

  1. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour

    Télécharge ZHPDiag ( de Nicolas coolman ).
    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


    (outil de diagnostic)


    Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

    Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

    Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

    Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

    Rend toi sur Cjoint : http://www.cijoint.fr/

    Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

    Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

    Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

    1
    1. muligan Messages postés 117 Statut Membre 8
       
      bonjour, j'ai un problème également avec form1.
      voici mon scan
      merci d'avance pour votre aide.

      Rapport de ZHPDiag v1.27.1492 par Nicolas Coolman, Update du 12/01/2011
      Run by seb at 13/01/2011 14:42:20
      Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
      Contact : nicolascoolman@yahoo.fr

      ---\\ Web Browser
      MSIE: Internet Explorer v8.0.7600.16385

      ---\\ System Information
      Windows 7 Ultimate Edition, 64-bit (Build 7600)
      Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
      Operating System: 64 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 4087 MB (64% free)
      System Restore: Activé (Enable)
      System drive C: has 168 GB (36%) free of 466 GB

      ---\\ Logged in mode
      Computer Name: SEB-PC
      User Name: seb
      All Users Names: seb, HomeGroupUser$, Guest, ASPNET, Administrator,
      Unselected Option: O1,O45,O61,O62,O65,O66,O82
      Logged in as Administrator

      ---\\ Environnement Variables
      %AppData%=%USERPROFILE%\AppData\Roaming
      %LocalAppData%=%USERPROFILE%\AppData\Local
      %StartMenu%=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu

      ---\\ DOS/Devices
      C:\ Hard drive, Flash drive, Thumb drive (Free 168 Go of 466 Go)
      D:\ Hard drive, Flash drive, Thumb drive (Free 150 Go of 466 Go)
      E:\ CD-ROM drive (Not Inserted)
      F:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
      G:\ Hard drive, Flash drive, Thumb drive (Free 931 Go of 932 Go)
      H:\ CD-ROM drive (Not Inserted)
      J:\ CD-ROM drive (Not Inserted)


      ---\\ Security Center & Tools Informations
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK


      ---\\ Recherche particulière de fichiers génériques
      [MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
      [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]


      ---\\ Processus lancés
      [MD5.F34E7705751BB413283434697BF8E55D] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696]
      [MD5.FBAA7A56D573BE55A65AD5B8C17ECA03] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247144]
      [MD5.3DD25048297A24AB4B3BFC17ABA5D0DB] - (.Valve Corporation - Steam.) -- C:\Program Files (x86)\games\fps\call of duty\COD BO\steam.exe [1242448]
      [MD5.48D53A10A43DD40676750C661EE50F5F] - (.Pas de propriétaire - HIDRec Application.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [155648]
      [MD5.C10AF076A36327332EC00D92C9E15212] - (.AVerMedia TECHNOLOGIES, Inc. - AVerQuick.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [651264]
      [MD5.6C1B31F5C16E03153F0037AC6C451FFD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2838912]
      [MD5.D449C2456FCFC8DDA896F1DD27D0A476] - (.Secunia - Secunia PSI.) -- C:\Program Files (x86)\Secunia\PSI\psi.exe [911920]
      [MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]
      [MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856]
      [MD5.0384EAF7D8A7804E399FF5AB0B553560] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [623104]


      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
      P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
      P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll


      ---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll


      ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
      F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


      ---\\ Browser Helper Objects de navigateur (O2)
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
      O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL


      ---\\ Applications démarrées par registre & par dossier (O4)
      O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
      O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
      O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
      O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
      O4 - HKCU\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe
      O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\games\fps\call of duty\COD BO\Steam.exe
      O4 - HKLM\..\Wow6432Node\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
      O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
      O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
      O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
      O4 - HKUS\S-1-5-21-3550691182-3597123867-1758792804-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
      O4 - HKUS\S-1-5-21-3550691182-3597123867-1758792804-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
      O4 - HKUS\S-1-5-21-3550691182-3597123867-1758792804-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
      O4 - HKUS\S-1-5-21-3550691182-3597123867-1758792804-1000\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe
      O4 - HKUS\S-1-5-21-3550691182-3597123867-1758792804-1000\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\games\fps\call of duty\COD BO\Steam.exe
      O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
      O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
      O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
      O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk . (.AVerMedia TECHNOLOGIES, Inc..) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe


      ---\\ Autres liens utilisateurs (O4)
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\AIDA32.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\AIDA32 - Personal System Information\aida32.exe
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\ccleaner.exe
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\games - Raccourci.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\games
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\Integrator.exe
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\HD Tune.lnk . (.EFD Software.) -- C:\Program Files (x86)\HD Tune\HDTune.exe
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
      O4 - Global Startup: C:\Documents And Settings\seb\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk . (.Secunia.) -- C:\Program Files (x86)\Secunia\PSI\psi.exe
      O4 - Global Startup: C:\Users\seb\Desktop\AIDA32.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\AIDA32 - Personal System Information\aida32.exe
      O4 - Global Startup: C:\Users\seb\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\ccleaner.exe
      O4 - Global Startup: C:\Users\seb\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
      O4 - Global Startup: C:\Users\seb\Desktop\games - Raccourci.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\games
      O4 - Global Startup: C:\Users\seb\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\Integrator.exe
      O4 - Global Startup: C:\Users\seb\Desktop\HD Tune.lnk . (.EFD Software.) -- C:\Program Files (x86)\HD Tune\HDTune.exe
      O4 - Global Startup: C:\Users\seb\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
      O4 - Global Startup: C:\Users\seb\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Easy DVD Shrink.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\EasyDVDShrink\DVDShrink.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
      O4 - Global Startup: C:\Users\seb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


      ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
      O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.exe
      O8 - Extra context menu item: Se&nd to OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll


      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll
      O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll


      ---\\ Winsock hijacker (Layered Service Provider) (O10)
      O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
      O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
      O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
      O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
      O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
      O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
      O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
      O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL


      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{A38CE3BC-9813-49EA-9DA8-0412F6572D2D}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{A38CE3BC-9813-49EA-9DA8-0412F6572D2D}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS2\Services\Tcpip\..\{A38CE3BC-9813-49EA-9DA8-0412F6572D2D}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1


      ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
      O23 - Service: (AVerRemote) . (.AVerMedia - AVerRemote MFC Application.) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
      O23 - Service: (AVerScheduleService) . (.Pas de propriétaire - ScheduleService Module.) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
      O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: (hasplms) - Clé orpheline
      O23 - Service: (KMService) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\srvany.exe
      O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      O23 - Service: (nvsvc) - Clé orpheline
      O23 - Service: (PnkBstrA) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: (PnkBstrB) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrB.exe
      O23 - Service: (SnugTV Service) - Clé orpheline
      O23 - Service: (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe


      ---\\ Enumération Active Desktop & MHTML Editor (O24)
      O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


      ---\\ Tâches planifiées en automatique (O39)
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter.job
      [MD5.45AD8AA455CA1535C57CC3DD71A60A7A] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\initialize.exe
      [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      [MD5.95B44F3CCAC43A47649C1F1BC84ED517] [APT] [Scheduled Update for Ask Toolbar] (.Pas de propriétaire.) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe
      [MD5.D449C2456FCFC8DDA896F1DD27D0A476] [APT] [Secunia PSI Logon Task] (.Secunia.) -- C:\Program Files (x86)\Secunia\PSI\psi.exe
      [MD5.00000000000000000000000000000000] [APT] [SLOW-PCfighter] (.Pas de propriétaire.) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe (.not file.)
      [MD5.00000000000000000000000000000000] [APT] [{7A20C1B9-D26C-4BD9-9A8B-28002D47355A}] (.Pas de propriétaire.) -- C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe (.not file.)
      [MD5.00000000000000000000000000000000] [APT] [{8351B4D8-3406-4F15-A78A-D04317AA3FAF}] (.Pas de propriétaire.) -- C:\Program Files (x86)\Call of Duty Dawnville Demo\CoDSP.exe (.not file.)
      [MD5.00000000000000000000000000000000] [APT] [{84C3E5F0-5657-4555-B013-67C59AD0A0B6}] (.Pas de propriétaire.) -- C:\Program Files (x86)\Call of Duty Dawnville Demo\CoDSP.exe (.not file.)
      [MD5.00000000000000000000000000000000] [APT] [{B0B55758-6985-4B72-BDBF-B3F04FE65DD0}] (.Pas de propriétaire.) -- C:\Program Files (x86)\Call of Duty Dawnville Demo\CoDSP.exe (.not file.)
      [MD5.0DDA3C5BCD3563384D27EEB6DF0B91B0] [APT] [{B660E019-F4D6-49F3-A053-754A09ED4030}] (.Acresso Software Inc..) -- C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe


      ---\\ Pilotes lancés au démarrage (O41)
      O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
      O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
      O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
      O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
      O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
      O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
      O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
      O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
      O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
      O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
      O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
      O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
      O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
      O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
      O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
      O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
      O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
      O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
      O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
      O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys


      ---\\ Logiciels installés (O42)
      O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM] -- {CACF8330-7FDD-42BD-8D51-54EDB3DC86FC}
      O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- InstallShield Uninstall Information
      InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
      sc11-FR_FTV_MAIN
      O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
      O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
      O42 - Logiciel: Microsoft Office Office 64-bit Components 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}
      O42 - Logiciel: Microsoft Office Shared 64-bit MUI (English) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-0409-1000-0000000FF1CE}
      O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-040C-1000-0000000FF1CE}
      O42 - Logiciel: Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0116-0409-1000-0000000FF1CE}
      O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
      O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
      O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
      O42 - Logiciel: NVIDIA Pilote 3D Vision 260.99 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
      O42 - Logiciel: NVIDIA Pilote audio HD : 1.1.9.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
      O42 - Logiciel: NVIDIA Pilote graphique 260.99 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
      O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
      O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
      O42 - Logiciel: Unreal Tournament 3 - (.Epic Games.) [HKCU] -- InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
      O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
      O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}

      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\ALWIL Software]
      [HKCU\Software\AVerMedia TECHNOLOGIES, Inc.]
      [HKCU\Software\AVerMedia TV Applications]
      [HKCU\Software\Adobe]
      [HKCU\Software\AppDataLow\AskToolbarInfo]
      [HKCU\Software\AppDataLow\Software\AskToolbar]
      [HKCU\Software\AppDataLow\Software\Microsoft]
      [HKCU\Software\AppDataLow\Software\ShopperReports3]
      [HKCU\Software\AppDataLow\Software]
      [HKCU\Software\AppDataLow]
      [HKCU\Software\Ask.com]
      [HKCU\Software\BitTorrent]
      [HKCU\Software\BlueRippleSound]
      [HKCU\Software\Borland]
      [HKCU\Software\Classes]
      [HKCU\Software\Clients]
      [HKCU\Software\Cygnus Solutions]
      [HKCU\Software\DSS]
      [HKCU\Software\DT Soft]
      [HKCU\Software\DVD Shrink]
      [HKCU\Software\Electronic Arts]
      [HKCU\Software\Futuremark]
      [HKCU\Software\GameSpy]
      [HKCU\Software\GlarySoft]
      [HKCU\Software\Google]
      [HKCU\Software\Greentube]
      [HKCU\Software\Hewlett-Packard]
      [HKCU\Software\IGA]
      [HKCU\Software\IM Providers]
      [HKCU\Software\JAM Software]
      [HKCU\Software\JavaSoft]
      [HKCU\Software\Lavalys]
      [HKCU\Software\Local AppWizard-Generated Applications]
      [HKCU\Software\Macromedia]
      [HKCU\Software\MozillaPlugins]
      [HKCU\Software\NVIDIA Corporation]
      [HKCU\Software\Nero]
      [HKCU\Software\Netscape]
      [HKCU\Software\ODBC]
      [HKCU\Software\Orange]
      [HKCU\Software\Piriform]
      [HKCU\Software\Poikosoft]
      [HKCU\Software\Policies]
      [HKCU\Software\Protect Software GmbH]
      [HKCU\Software\Realtek]
      [HKCU\Software\SecuROM]
      [HKCU\Software\Secunia]
      [HKCU\Software\ShopperReports3]
      [HKCU\Software\TomTom]
      [HKCU\Software\Trolltech]
      [HKCU\Software\Ubisoft]
      [HKCU\Software\Unlimited Possibilities]
      [HKCU\Software\VB and VBA Program Settings]
      [HKCU\Software\Valve]
      [HKCU\Software\WinRAR SFX]
      [HKCU\Software\WinRAR]
      [HKCU\Software\Wow6432Node]
      [HKCU\Software\cybelsoft]
      [HKCU\Software\eMule]
      [HKCU\Software\etoro]
      [HKLM\Software\<company>]
      [HKLM\Software\AGEIA Technologies]
      [HKLM\Software\ATI Technologies]
      [HKLM\Software\Aladdin Knowledge Systems]
      [HKLM\Software\Audible]
      [HKLM\Software\BrowserChoice]
      [HKLM\Software\Classes]
      [HKLM\Software\Clients]
      [HKLM\Software\Common Toolkit Suite]
      [HKLM\Software\EA GAMES]
      [HKLM\Software\Intel]
      [HKLM\Software\Khronos]
      [HKLM\Software\MozillaPlugins]
      [HKLM\Software\NVIDIA Corporation]
      [HKLM\Software\ODBC]
      [HKLM\Software\Piriform]
      [HKLM\Software\Policies]
      [HKLM\Software\Realtek]
      [HKLM\Software\RegisteredApplications]
      [HKLM\Software\SRS Labs]
      [HKLM\Software\Sonic]
      [HKLM\Software\Waves Audio]
      [HKLM\Software\Wow6432Node]
      [HKLM\Software\cybelsoft]


      ---\\ Contenu des dossiers ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 09/09/2009 - 19:49:04 ----D- C:\Program Files\Alwil Software
      O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files\DVD Maker
      O43 - CFD: 23/10/2010 - 13:48:12 ----D- C:\Program Files\Easy CD-DA Extractor 12
      O43 - CFD: 23/07/2010 - 13:35:36 ----D- C:\Program Files\EVEREST Ultimate Edition
      O43 - CFD: 16/12/2010 - 14:02:34 ----D- C:\Program Files\Internet Explorer
      O43 - CFD: 12/01/2011 - 00:48:52 ----D- C:\Program Files\ma-config.com
      O43 - CFD: 14/07/2009 - 08:46:54 ----D- C:\Program Files\Microsoft Games
      O43 - CFD: 03/10/2010 - 09:46:58 ----D- C:\Program Files\Microsoft Office
      O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild
      O43 - CFD: 09/11/2010 - 21:12:06 ----D- C:\Program Files\NVIDIA Corporation
      O43 - CFD: 08/09/2009 - 23:23:22 ----D- C:\Program Files\Realtek
      O43 - CFD: 27/12/2010 - 18:24:46 ----D- C:\Program Files\Recuva
      O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies
      O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information
      O43 - CFD: 11/07/2010 - 14:55:58 ----D- C:\Program Files\Windows Defender
      O43 - CFD: 11/07/2010 - 14:55:58 ----D- C:\Program Files\Windows Journal
      O43 - CFD: 16/12/2010 - 14:02:34 ----D- C:\Program Files\Windows Mail
      O43 - CFD: 13/10/2010 - 02:20:56 ----D- C:\Program Files\Windows Media Player
      O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows NT
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files\Windows Photo Viewer
      O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files\Windows Sidebar
      O43 - CFD: 29/10/2010 - 21:57:54 ----D- C:\Program Files\Common Files\Microsoft Shared
      O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
      O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files\Common Files\System
      O43 - CFD: 08/10/2010 - 13:25:26 ----D- C:\ProgramData\Adobe
      O43 - CFD: 09/09/2009 - 19:49:04 ----D- C:\ProgramData\Alwil Software
      O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data
      O43 - CFD: 07/08/2010 - 10:40:52 ----D- C:\ProgramData\AVerSetup
      O43 - CFD: 07/08/2010 - 10:40:52 ----D- C:\ProgramData\AVerTempFolder
      O43 - CFD: 05/08/2010 - 20:40:10 ----D- C:\ProgramData\AVerTV
      O43 - CFD: 18/11/2010 - 21:19:04 ----D- C:\ProgramData\Codemasters
      O43 - CFD: 15/07/2010 - 19:35:56 ----D- C:\ProgramData\DAEMON Tools Lite
      O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop
      O43 - CFD: 26/12/2010 - 15:15:22 ----D- C:\ProgramData\DivX
      O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents
      O43 - CFD: 22/10/2010 - 23:09:52 -SH-D- C:\ProgramData\DSS
      O43 - CFD: 13/12/2010 - 16:44:46 ----D- C:\ProgramData\DVD Shrink
      O43 - CFD: 21/11/2010 - 20:48:10 ----D- C:\ProgramData\EA Core
      O43 - CFD: 23/10/2010 - 13:48:14 ----D- C:\ProgramData\Easy CD-DA Extractor
      O43 - CFD: 21/11/2010 - 20:48:10 ----D- C:\ProgramData\Electronic Arts
      O43 - CFD: 23/08/2010 - 15:45:10 ----D- C:\ProgramData\eMule
      O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites
      O43 - CFD: 24/12/2010 - 09:38:00 ----D- C:\ProgramData\Fighters
      O43 - CFD: 20/08/2010 - 21:07:10 ----D- C:\ProgramData\Futuremark
      O43 - CFD: 03/01/2011 - 23:09:10 ----D- C:\ProgramData\InstallShield
      O43 - CFD: 26/12/2010 - 17:59:58 ----D- C:\ProgramData\ma-config.com
      O43 - CFD: 09/09/2010 - 19:31:20 ----D- C:\ProgramData\Media Center Programs
      O43 - CFD: 15/11/2010 - 22:56:28 -S--D- C:\ProgramData\Microsoft
      O43 - CFD: 12/01/2011 - 10:26:18 ----D- C:\ProgramData\Microsoft Help
      O43 - CFD: 12/07/2010 - 19:42:28 ----D- C:\ProgramData\Nero
      O43 - CFD: 13/01/2011 - 13:18:08 ----D- C:\ProgramData\NVIDIA
      O43 - CFD: 09/09/2009 - 19:47:08 ----D- C:\ProgramData\NVIDIA Corporation
      O43 - CFD: 13/12/2010 - 10:33:26 ----D- C:\ProgramData\PC Drivers HeadQuarters
      O43 - CFD: 21/11/2010 - 13:11:54 ----D- C:\ProgramData\Solidshield
      O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu
      O43 - CFD: 23/10/2010 - 13:49:50 ---AD- C:\ProgramData\TEMP
      O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates
      O43 - CFD: 09/12/2010 - 12:45:26 ----D- C:\ProgramData\Test Drive Unlimited
      O43 - CFD: 15/08/2010 - 14:07:06 ----D- C:\ProgramData\Trymedia
      O43 - CFD: 10/10/2010 - 15:21:28 ----D- C:\ProgramData\Ubisoft
      O43 - CFD: 24/08/2010 - 19:40:10 ----D- C:\Users\seb\AppData\Roaming\Adobe
      O43 - CFD: 13/12/2010 - 16:43:48 ----D- C:\Users\seb\AppData\Roaming\BackTalk
      O43 - CFD: 18/12/2010 - 09:40:50 ----D- C:\Users\seb\AppData\Roaming\Bioshock
      O43 - CFD: 15/07/2010 - 19:43:40 ----D- C:\Users\seb\AppData\Roaming\DAEMON Tools Lite
      O43 - CFD: 26/12/2010 - 01:15:38 ----D- C:\Users\seb\AppData\Roaming\DivX
      O43 - CFD: 29/12/2010 - 22:32:20 ----D- C:\Users\seb\AppData\Roaming\GlarySoft
      O43 - CFD: 08/09/2009 - 23:17:26 ----D- C:\Users\seb\AppData\Roaming\Identities
      O43 - CFD: 08/09/2009 - 23:24:32 ----D- C:\Users\seb\AppData\Roaming\InstallShield
      O43 - CFD: 30/12/2010 - 09:29:28 ----D- C:\Users\seb\AppData\Roaming\InstallShield Installation Information
      O43 - CFD: 29/12/2010 - 23:38:32 ----D- C:\Users\seb\AppData\Roaming\JAM Software
      O43 - CFD: 26/12/2010 - 00:17:42 ----D- C:\Users\seb\AppData\Roaming\Local
      O43 - CFD: 20/08/2010 - 20:42:50 ----D- C:\Users\seb\AppData\Roaming\Macromedia
      O43 - CFD: 14/07/2009 - 08:45:16 ----D- C:\Users\seb\AppData\Roaming\Media Center Programs
      O43 - CFD: 26/12/2010 - 01:15:38 ----D- C:\Users\seb\AppData\Roaming\Media Player Classic
      O43 - CFD: 13/12/2010 - 10:37:16 -S--D- C:\Users\seb\AppData\Roaming\Microsoft
      O43 - CFD: 11/07/2010 - 15:23:26 ----D- C:\Users\seb\AppData\Roaming\Mozilla
      O43 - CFD: 12/07/2010 - 19:52:12 ----D- C:\Users\seb\AppData\Roaming\Nero
      O43 - CFD: 08/09/2009 - 23:27:04 ----D- C:\Users\seb\AppData\Roaming\NVIDIA
      O43 - CFD: 06/12/2010 - 14:00:56 ----D- C:\Users\seb\AppData\Roaming\ProtectDISC
      O43 - CFD: 13/07/2010 - 21:14:42 R-H-D- C:\Users\seb\AppData\Roaming\SecuROM
      O43 - CFD: 23/08/2010 - 17:47:02 ----D- C:\Users\seb\AppData\Roaming\ShopperReports3
      O43 - CFD: 02/08/2010 - 11:56:48 ----D- C:\Users\seb\AppData\Roaming\Sierra
      O43 - CFD: 22/10/2010 - 23:43:58 ----D- C:\Users\seb\AppData\Roaming\smc
      O43 - CFD: 02/01/2011 - 14:04:48 ----D- C:\Users\seb\AppData\Roaming\TomTom
      O43 - CFD: 06/08/2010 - 20:15:30 ----D- C:\Users\seb\AppData\Roaming\Ubisoft
      O43 - CFD: 10/01/2011 - 15:49:34 ----D- C:\Users\seb\AppData\Roaming\uTorrent
      O43 - CFD: 29/12/2010 - 22:16:08 ----D- C:\Users\seb\AppData\Roaming\vlc
      O43 - CFD: 04/08/2010 - 20:29:12 ----D- C:\Users\seb\AppData\Roaming\WinRAR
      O43 - CFD: 06/12/2010 - 14:46:02 ----D- C:\Users\seb\AppData\Roaming\Winter Sports 2011
      O43 - CFD: 08/10/2010 - 13:25:26 ----D- C:\Program Files (x86)\Adobe
      O43 - CFD: 22/07/2010 - 19:16:28 ----D- C:\Program Files (x86)\AIDA32 - Personal System Information
      O43 - CFD: 23/08/2010 - 15:50:50 ----D- C:\Program Files (x86)\Ask.com
      O43 - CFD: 05/08/2010 - 20:38:02 ----D- C:\Program Files (x86)\AVerMedia
      O43 - CFD: 25/10/2010 - 18:51:34 ----D- C:\Program Files (x86)\Bing Bar Installer
      O43 - CFD: 18/11/2010 - 21:15:40 ----D- C:\Program Files (x86)\BRS
      O43 - CFD: 23/07/2010 - 13:45:02 ----D- C:\Program Files (x86)\CCleaner
      O43 - CFD: 08/01/2011 - 23:58:46 ----D- C:\Program Files (x86)\Common Files
      O43 - CFD: 15/07/2010 - 19:36:44 ----D- C:\Program Files (x86)\DAEMON Tools Lite
      O43 - CFD: 28/08/2010 - 12:38:46 ----D- C:\Program Files (x86)\DVD Shrink
      O43 - CFD: 16/07/2010 - 12:12:34 ----D- C:\Program Files (x86)\EasyDVDShrink
      O43 - CFD: 23/08/2010 - 15:44:52 ----D- C:\Program Files (x86)\eMule
      O43 - CFD: 07/08/2010 - 13:39:16 ----D- C:\Program Files (x86)\Futuremark
      O43 - CFD: 25/12/2010 - 23:53:46 ----D- C:\Program Files (x86)\games
      O43 - CFD: 25/12/2010 - 03:40:48 ----D- C:\Program Files (x86)\Glary Utilities
      O43 - CFD: 18/12/2010 - 08:41:38 ----D- C:\Program Files (x86)\Google
      O43 - CFD: 21/12/2010 - 22:04:00 ----D- C:\Program Files (x86)\HD Tune
      O43 - CFD: 03/01/2011 - 23:12:20 --H-D- C:\Program Files (x86)\InstallShield Installation Information
      O43 - CFD: 08/09/2009 - 23:24:32 ----D- C:\Program Files (x86)\Intel
      O43 - CFD: 16/12/2010 - 14:02:34 ----D- C:\Program Files (x86)\Internet Explorer
      O43 - CFD: 29/12/2010 - 23:38:28 ----D- C:\Program Files (x86)\JAM Software
      O43 - CFD: 26/12/2010 - 18:21:46 ----D- C:\Program Files (x86)\K-Lite Codec Pack
      O43 - CFD: 08/09/2009 - 23:23:52 ----D- C:\Program Files (x86)\Marvell
      O43 - CFD: 23/08/2010 - 12:47:20 ----D- C:\Program Files (x86)\Microsoft
      O43 - CFD: 03/10/2010 - 09:46:44 ----D- C:\Program Files (x86)\Microsoft Analysis Services
      O43 - CFD: 19/11/2010 - 19:16:52 ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
      O43 - CFD: 03/10/2010 - 09:48:40 ----D- C:\Program Files (x86)\Microsoft Office
      O43 - CFD: 18/12/2010 - 07:48:12 ----D- C:\Program Files (x86)\Microsoft Silverlight
      O43 - CFD: 29/10/2010 - 21:40:44 ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      O43 - CFD: 03/10/2010 - 09:48:40 ----D- C:\Program Files (x86)\Microsoft Sync Framework
      O43 - CFD: 03/10/2010 - 09:48:52 ----D- C:\Program Files (x86)\Microsoft Synchronization Services
      O43 - CFD: 03/10/2010 - 09:47:26 ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
      O43 - CFD: 03/10/2010 - 09:48:40 ----D- C:\Program Files (x86)\Microsoft.NET
      O43 - CFD: 29/12/2010 - 21:53:38 ----D- C:\Program Files (x86)\Mozilla Firefox
      O43 - CFD: 03/10/2010 - 09:49:04 ----D- C:\Program Files (x86)\MSBuild
      O43 - CFD: 25/10/2010 - 18:51:26 ----D- C:\Program Files (x86)\MSN Toolbar
      O43 - CFD: 07/08/2010 - 10:26:20 ----D- C:\Program Files (x86)\MSXML 4.0
      O43 - CFD: 12/07/2010 - 19:43:38 ----D- C:\Program Files (x86)\Nero
      O43 - CFD: 09/11/2010 - 21:13:32 ----D- C:\Program Files (x86)\NVIDIA Corporation
      O43 - CFD: 18/11/2010 - 21:15:36 ----D- C:\Program Files (x86)\OpenAL
      O43 - CFD: 06/12/2010 - 14:01:04 ----D- C:\Program Files (x86)\ProtectDisc Driver Installer
      O43 - CFD: 08/09/2009 - 23:23:18 ----D- C:\Program Files (x86)\Realtek
      O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies
      O43 - CFD: 29/10/2010 - 19:15:42 ----D- C:\Program Files (x86)\Secret Maryo Chronicles
      O43 - CFD: 29/12/2010 - 10:57:16 ----D- C:\Program Files (x86)\Secunia
      O43 - CFD: 23/08/2010 - 17:47:02 ----D- C:\Program Files (x86)\ShopperReports3
      O43 - CFD: 19/12/2010 - 22:58:46 ----D- C:\Program Files (x86)\SuperCopier2
      O43 - CFD: 08/09/2009 - 23:23:32 --H-D- C:\Program Files (x86)\Temp
      O43 - CFD: 01/01/2011 - 23:29:20 ----D- C:\Program Files (x86)\TomTom HOME
      O43 - CFD: 02/01/2011 - 14:03:18 ----D- C:\Program Files (x86)\TomTom HOME 2
      O43 - CFD: 02/01/2011 - 14:03:24 ----D- C:\Program Files (x86)\TomTom International B.V
      O43 - CFD: 07/09/2010 - 20:42:12 ----D- C:\Program Files (x86)\Ubisoft
      O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information
      O43 - CFD: 14/12/2010 - 12:40:16 ----D- C:\Program Files (x86)\uTorrent
      O43 - CFD: 29/12/2010 - 22:14:30 ----D- C:\Program Files (x86)\VideoLAN
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files (x86)\Windows Defender
      O43 - CFD: 29/10/2010 - 21:59:28 ----D- C:\Program Files (x86)\Windows Live
      O43 - CFD: 16/12/2010 - 14:02:34 ----D- C:\Program Files (x86)\Windows Mail
      O43 - CFD: 13/10/2010 - 02:20:56 ----D- C:\Program Files (x86)\Windows Media Player
      O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files (x86)\Windows Photo Viewer
      O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files (x86)\Windows Sidebar
      O43 - CFD: 04/08/2010 - 20:28:38 ----D- C:\Program Files (x86)\WinRAR
      O43 - CFD: 03/08/2010 - 18:07:20 ----D- C:\Program Files (x86)\X-pack
      O43 - CFD: 13/01/2011 - 14:42:24 ----D- C:\Program Files (x86)\ZHPDiag
      O43 - CFD: 29/10/2010 - 21:57:54 ----D- C:\Program Files\Common Files\Microsoft Shared
      O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
      O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
      O43 - CFD: 11/07/2010 - 14:56:00 ----D- C:\Program Files\Common Files\System


      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.AEF092BEA070EDCD0FFBF9DDA21D5F1F] - 13/01/2011 - 13:25:12 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [17360]
      O44 - LFC:[MD5.AEF092BEA070EDCD0FFBF9DDA21D5F1F] - 13/01/2011 - 13:25:12 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [17360]
      O44 - LFC:[MD5.15B41711E9D5AB81D19F625C76D1E3A9] - 13/01/2011 - 13:25:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1578180]
      O44 - LFC:[MD5.C6A1965E216CFF9E864DAFED14BBEA3D] - 13/01/2011 - 13:25:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [110216]
      O44 - LFC:[MD5.0FB1A5C2519E26C8754B090348F0D6D0] - 13/01/2011 - 13:25:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [134930]
      O44 - LFC:[MD5.651170684DD45F7C25E873A648574C00] - 13/01/2011 - 13:25:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [624578]
      O44 - LFC:[MD5.B24AEDA162DDDF477DA27195FC4CB670] - 13/01/2011 - 13:25:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [712214]
      O44 - LFC:[MD5.07000000000000000000000078EE1800] - 13/01/2011 - 13:21:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1501617]
      O44 - LFC:[MD5.1C03FFC4DFF6BE5C00DA7D3EEF9A2264] - 13/01/2011 - 13:17:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [45981]
      O44 - LFC:[MD5.B74FE0BB99290E015A516A87F501C964] - 13/01/2011 - 13:17:43 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
      O44 - LFC:[MD5.D7C95851B2A5A7987B1A33D33F5203FE] - 08/01/2011 - 23:57:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\DirectX.log [477774]
      O44 - LFC:[MD5.61DD07DC6955572AD9F7421632FDC704] - 07/01/2011 - 19:46:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [277055097]
      O44 - LFC:[MD5.BF6AA8F4D0B50C2C6C0D827F042D9E69] - 16/12/2010 - 14:03:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [418472]


      ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
      O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL


      ---\\ Déni du service (Local Security Authority) (LSA) (O48)
      O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
      O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
      O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll


      ---\\ MountPoints2 Shell Key (MPSK) (O51)
      O51 - MPSK:{0a758f9c-9040-11df-998b-001fbc08ffb7}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\SETUP.exe (.not file.)
      O51 - MPSK:{854478e1-9cc4-11de-b3ed-806e6f6e6963}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\SETUP.exe (.not file.)
      O51 - MPSK:{ecf30d00-9fc8-11df-9f23-001fbc08ffb7}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- J:\setup.exe (.not file.)


      ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
      O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
      O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm


      ---\\ Microsoft Control Security Providers (MCSP) (O54)
      O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
      O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll


      ---\\ Microsoft Windows Policies System (MWPS) (O55)
      O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
      O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
      O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
      O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0


      ---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
      O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
      O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
      O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0


      ---\\ Liste des Drivers Système (SDL) (O58)
      O58 - SDL:[MD5.A3769020F7E8A70FD3E824C050F33306] - 24/02/2010 - 11:20:40 ---A- . (.Protect Software GmbH - ProtectDisc x64/x86 Hybrid Driver.) -- C:\Windows\system32\drivers\acedrv11.sys [191616]
      O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]
      O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]
      O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]
      O58 - SDL:[MD5.89CD44C10D9B4D87725FF07F18A5702F] - 26/08/2009 - 06:48:44 ---A- . (.Aladdin Knowledge Systems Ltd. - Aladdin Knowledge Systems Data Filter Driver.) -- C:\Windows\system32\drivers\aksdf.sys [71040]
      O58 - SDL:[MD5.BA0B6FD78AE88D39B9D3D984F295A137] - 08/01/2009 - 10:55:04 ---A- . (.Aladdin Knowledge Systems Ltd. - Ancillary Function Driver.) -- C:\Windows\system32\drivers\aksfridge.sys [129280]
      O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
      O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576]
      O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]
      O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752]
      O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
      O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]
      O58 - SDL:[MD5.B76182F203E0BD5EB6A5F6538F0FAEE4] - 07/09/2010 - 15:47:10 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20048]
      O58 - SDL:[MD5.A88E9544EDDA1CE83825DD22D6A8B5F9] - 07/09/2010 - 15:47:33 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [61008]
      O58 - SDL:[MD5.CFAD2FB33B22E7039C9DC233BAACBF8B] - 07/09/2010 - 15:47:49 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [28752]
      O58 - SDL:[MD5.594365E887F4A5AD3970870B352EB887] - 07/09/2010 - 15:52:09 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [121936]
      O58 - SDL:[MD5.4BA0A0E1D36F88F536180FFE5EFD8B7C] - 07/09/2010 - 15:52:29 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [51280]
      O58 - SDL:[MD5.D37F00A992A9E099B7A4136FD55B9180] - 16/03/2010 - 11:19:40 ---A- . (.AVerMedia TECHNOLOGIES, Inc. - AVerMdeia AF35 BDA Driver.) -- C:\Windows\system32\drivers\AVerAF35.sys [677632]
      O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]
      O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
      O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
      O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]
      O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
      O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
      O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
      O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]
      O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]
      O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]
      O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]
      O58 - SDL:[MD5.78FAD9117E4527F2CA82259DA10F40BD] - 13/03/2009 - 10:55:38 ---A- . (.Aladdin Knowledge Systems Ltd. - Hardlock Device Driver for Windows x64.) -- C:\Windows\system32\drivers\hardlock.sys [318464]
      O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]
      O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]
      O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688]
      O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]
      O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]
      O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]
      O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]
      O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]
      O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]
      O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]
      O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]
      O58 - SDL:[MD5.ED9380F201C8126425C09BED96DBE1E5] - 07/09/2010 - 21:08:55 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [155752]
      O58 - SDL:[MD5.BBE872A814B00798C2D568D46C42A71B] - 22/10/2010 - 07:23:15 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 260.99.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12432616]
      O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056]
      O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488]
      O58 - SDL:[MD5.4BF345A5B6FD5DF9189654809C364E9D] - 05/08/2010 - 16:41:19 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver (AMD64).) -- C:\Windows\system32\drivers\PCAMp50a64.sys [46648]
      O58 - SDL:[MD5.1195CD5F5740F4E0459FF2F12C3B1688] - 05/08/2010 - 16:41:19 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\Windows\system32\drivers\PCASp50a64.sys [45624]
      O58 - SDL:[MD5.3C726075A01C05B2D35C7334FB638BE3] - 28/05/2010 - 12:04:52 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys [17456]
      O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]
      O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]
      O58 - SDL:[MD5.D8BCE8176CB1084C6F5830C019D47166] - 06/07/2009 - 16:19:02 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1824672]
      O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
      O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]
      O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]
      O58 - SDL:[MD5.36000000000000000000000078EE1800] - 15/07/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544]
      O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]
      O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]
      O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]
      O58 - SDL:[MD5.6AFFD75C6807B3DD3AB018E27B88EF95] - 15/06/2009 - 10:10:00 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk62x64.sys [393216]
      O58 - SDL:[MD5.B979979AB8027F7F53FB16EC4229B7DB] - 10/09/1999 - 11:06:00 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\SysWOW64\drivers\ASPI32.SYS [25244]
      O58 - SDL:[MD5.59DCD600DBC998C4CCAEBAC1B98C7805] - 29/04/2005 - 04:08:46 R---- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\AVerIO.sys [3456]


      ---\\ File Associations Shell Spawning (O67)
      O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
      O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
      O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
      O67 - Shel
      0
  2. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour muligan

    le sujet semble abandonné par son initiateur on reste donc ici

    le rapport est trop long pour passer

    Rend toi sur Cjoint : http://www.cijoint.fr/

    Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

    Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

    Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

    si problème avec ci joint , passer par là https://www.cjoint.com/
    0
  3. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    vu

    1)

    Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
    http://www.teamxscript.org/adremoverTelechargement.html

    /!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

    Désactive provisoirement et seulement le temps de l'utilisation de ADremover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    - Double-clique sur l'icône Ad-remover située sur ton Bureau.
    - Sur la page, clique sur le bouton « NETTOYER »
    - Confirme lancement du scan
    - Laisse travailler l'outil.
    - Poste le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    ________________

    2)

    Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)

    https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

    . Enregistres le sur le bureau
    . Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
    . Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
    . Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
    . Une fois la mise à jour terminé
    . Rend-toi dans l'onglet, Recherche
    . Sélectionnes Exécuter un examen complet (examen assez long)
    . Cliques sur Rechercher
    . Le scan démarre.
    . A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    . Cliques sur Ok pour poursuivre.
    . Si des malwares ont été détectés, clique sur Afficher les résultats
    . Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    . Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    . Rends toi dans l'onglet rapport/log
    . Tu cliques dessus pour l'afficher, une fois affiché
    . Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
    . Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
    . tu cliques droit dans le cadre de la reponse et coller

    Si tu as besoin d'aide regarde ces tutoriels :
    Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

    _________________

    3)

    fais un nouveau rapport ZHPdiag

    Rend toi sur Cjoint : http://www.cijoint.fr/

    Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

    Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

    Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

    si problème avec ci joint , passer par là https://www.cjoint.com/

    0
    1. muligan Messages postés 117 Statut Membre 8
       
      1er rapport

      ======= REPORT FROM AD-REMOVER 2.0.0.2,D | ONLY XP/VISTA/7 =======

      Updated by TeamXscript on 12/01/11 at 19:00
      Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
      website: http://www.teamxscript.org

      C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 17:37:47 on 13/01/2011, Normal boot

      Microsoft Windows 7 Ultimate (X64)
      seb@SEB-PC ( )

      ============== ACTION(S) ==============


      Folder deleted: C:\Program Files (x86)\Mozilla FireFox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
      Folder deleted: C:\Program Files (x86)\Ask.com
      Folder deleted: C:\Users\seb\AppData\LocalLow\AskToolbar
      Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
      Folder deleted: C:\Users\seb\AppData\Roaming\ShopperReports3
      Folder deleted: C:\Users\seb\AppData\LocalLow\ShopperReports3
      Folder deleted: C:\Program Files (x86)\ShopperReports3
      Folder deleted: C:\ProgramData\Trymedia

      (!) -- Temporary files deleted.


      -- File opened: C:\Users\seb\AppData\Roaming\Mozilla\FireFox\Profiles\qsnou3u3.default\Prefs.js --
      Line deleted:
      Line deleted:
      Line deleted: user_pref("extensions.asktb.cbid", "UG");
      Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
      Line deleted: user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
      Line deleted: user_pref("extensions.asktb.first-launch-url", "hxxp://socialclub.rockstargames.com/profile/register...
      Line deleted: user_pref("extensions.asktb.fresh-install", false);
      Line deleted: user_pref("extensions.asktb.l", "dis");
      Line deleted: user_pref("extensions.asktb.last-config-req", "1282576945048");
      Line deleted: user_pref("extensions.asktb.locale", "fr_FR");
      Line deleted: user_pref("extensions.asktb.o", "15158");
      Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
      Line deleted: user_pref("extensions.asktb.qsrc", "2871");
      Line deleted: user_pref("extensions.asktb.r", "5");
      Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);
      -- File closed --


      Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
      Key deleted: HKLM\Software\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
      Key deleted: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
      Key deleted: HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
      Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
      Key deleted: HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
      Key deleted: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
      Key deleted: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
      Key deleted: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
      Key deleted: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
      Key deleted: HKLM\Software\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
      Key deleted: HKLM\Software\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
      Key deleted: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
      Key deleted: HKLM\Software\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
      Key deleted: HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
      Key deleted: HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      Key deleted: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
      Key deleted: HKLM\Software\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
      Key deleted: HKLM\Software\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
      Key deleted: HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
      Key deleted: HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}
      Key deleted: HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}
      Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Key deleted: HKLM\Software\Classes\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB}
      Key deleted: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
      Key deleted: HKLM\Software\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
      Key deleted: HKLM\Software\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
      Key deleted: HKLM\Software\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
      Key deleted: HKLM\Software\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
      Key deleted: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
      Key deleted: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
      Key deleted: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
      Key deleted: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
      Key deleted: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
      Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
      Key deleted: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
      Key deleted: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
      Key deleted: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
      Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
      Key deleted: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
      Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
      Key deleted: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
      Key deleted: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
      Key deleted: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
      Key deleted: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
      Key deleted: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
      Key deleted: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
      Key deleted: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
      Key deleted: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
      Key deleted: HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
      Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
      Key deleted: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
      Key deleted: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
      Key deleted: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
      Key deleted: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
      Key deleted: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
      Key deleted: HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
      Key deleted: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
      Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
      Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
      Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter
      Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
      Key deleted: HKLM\Software\Classes\ShopperReports.CntntDic
      Key deleted: HKLM\Software\Classes\ShopperReports.CntntDic.1
      Key deleted: HKLM\Software\Classes\ShopperReports.CntntDisp
      Key deleted: HKLM\Software\Classes\ShopperReports.CntntDisp.1
      Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr
      Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr.1
      Key deleted: HKLM\Software\Classes\ShopperReports.HbAx
      Key deleted: HKLM\Software\Classes\ShopperReports.HbAx.1
      Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru
      Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru.1
      Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand
      Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
      Key deleted: HKLM\Software\Classes\ShopperReports.IEButton
      Key deleted: HKLM\Software\Classes\ShopperReports.IEButton.1
      Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA
      Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA.1
      Key deleted: HKLM\Software\Classes\ShopperReports.KOPFF
      Key deleted: HKLM\Software\Classes\ShopperReports.KOPFF.1
      Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
      Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
      Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
      Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
      Key deleted: HKLM\Software\Classes\ShopperReports.ReportData
      Key deleted: HKLM\Software\Classes\ShopperReports.ReportData.1
      Key deleted: HKLM\Software\Classes\ShopperReports.Reporter
      Key deleted: HKLM\Software\Classes\ShopperReports.Reporter.1
      Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl
      Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
      Key deleted: HKLM\Software\Classes\ShopperReports.Scopes
      Key deleted: HKLM\Software\Classes\ShopperReports.Scopes.1
      Key deleted: HKLM\Software\Classes\ShopperReports.Stock
      Key deleted: HKLM\Software\Classes\ShopperReports.Stock.1
      Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
      Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
      Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
      Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
      Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
      Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
      Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
      Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
      Key deleted: HKLM\Software\Classes\AppID\BRNstIE.DLL
      Key deleted: HKLM\Software\Classes\AppID\CmndFF.DLL
      Key deleted: HKLM\Software\Classes\AppID\mozillaps.dll
      Key deleted: HKLM\Software\Classes\AppID\Pltfrm.DLL
      Key deleted: HKLM\Software\ShopperReports3
      Key deleted: HKCU\Software\Ask.com
      Key deleted: HKCU\Software\ShopperReports3
      Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
      Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar
      Key deleted: HKCU\Software\AppDataLow\Software\ShopperReports3
      Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
      Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
      Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
      Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
      Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
      Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
      Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
      Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
      Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}

      Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.489.0
      Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790576B6765A5A3EAB90
      Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
      Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


      ============== ADDITIONNAL SCAN ==============

      ** Mozilla Firefox Version [3.6.13 (fr)] **

      -- C:\Users\seb\AppData\Roaming\Mozilla\FireFox\Profiles\qsnou3u3.default\Prefs.js --
      browser.download.lastDir, C:\\Users\\seb\\Desktop
      browser.startup.homepage_override.mstone, rv:1.9.2.13
      privacy.popups.showBrowserMessage, false

      ========================================

      ** Internet Explorer Version [8.0.7600.16385] **

      [HKCU\Software\Microsoft\Internet Explorer\Main]
      Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Do404Search: 0x01000000
      Enable Browser Extensions: yes
      Local Page: C:\Windows\system32\blank.htm
      Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
      Show_ToolBar: yes
      Start Page: hxxp://fr.msn.com/

      [HKLM\Software\Microsoft\Internet Explorer\Main]
      AutoHide: yes
      Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
      Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Delete_Temp_Files_On_Exit: yes
      Local Page: C:\Windows\SysWOW64\blank.htm
      Search bar: hxxp://search.msn.com/spbasic.htm
      Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Start Page: hxxp://fr.msn.com/

      [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
      Tabs: res://ieframe.dll/tabswelcome.htm
      Blank: res://mshtml.dll/blank.htm

      ========================================

      C:\Program Files (x86)\Ad-Remover\Quarantine: 43 File(s)
      C:\Program Files (x86)\Ad-Remover\Backup: 16 File(s)

      C:\Ad-Report-CLEAN[1].txt - 13/01/2011 (14187 Byte(s))

      End at: 17:38:45, 13/01/2011

      ============== E.O.F ==============






      2ieme rapport

      Malwarebytes' Anti-Malware 1.50.1.1100
      www.malwarebytes.org

      Version de la base de données: 5512

      Windows 6.1.7600
      Internet Explorer 8.0.7600.16385

      13/01/2011 18:38:08
      mbam-log-2011-01-13 (18-38-08).txt

      Type d'examen: Examen complet (C:\|D:\|F:\|G:\|)
      Elément(s) analysé(s): 433619
      Temps écoulé: 35 minute(s), 2 seconde(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 1
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 11

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows (Trojan.Downloader) -> Value: Windows -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      c:\Users\Public\public documents\windows movie player\player.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\brnstie.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\cmndff.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\cntntcntr.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\mozillaps.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\pltfrm.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\shopperreports.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\brnstff.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
      c:\program files (x86)\games\fps\medal of honor\Binaries\loader.dll (Riskware.Tool.CK) -> Quarantined and deleted successfully.
      c:\Users\seb\downloads\0x0008-gta4cr\launchgtaiv.exe (Risktool.Crack) -> Quarantined and deleted successfully.
      c:\Users\seb\downloads\gta iv - gran theft auto 4 - crack + serial keygen\gta keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.



      3ieme rapport
      https://www.cjoint.com/?0bntO5ljQMU
      0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. muligan Messages postés 117 Statut Membre 8
     
    muligan - 13 jan 2011 à 19:41
    1er rapport

    ======= REPORT FROM AD-REMOVER 2.0.0.2,D | ONLY XP/VISTA/7 =======

    Updated by TeamXscript on 12/01/11 at 19:00
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    website: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 17:37:47 on 13/01/2011, Normal boot

    Microsoft Windows 7 Ultimate (X64)
    seb@SEB-PC ( )

    ============== ACTION(S) ==============

    Folder deleted: C:\Program Files (x86)\Mozilla FireFox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
    Folder deleted: C:\Program Files (x86)\Ask.com
    Folder deleted: C:\Users\seb\AppData\LocalLow\AskToolbar
    Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
    Folder deleted: C:\Users\seb\AppData\Roaming\ShopperReports3
    Folder deleted: C:\Users\seb\AppData\LocalLow\ShopperReports3
    Folder deleted: C:\Program Files (x86)\ShopperReports3
    Folder deleted: C:\ProgramData\Trymedia

    (!) -- Temporary files deleted.

    -- File opened: C:\Users\seb\AppData\Roaming\Mozilla\FireFox\Profiles\qsnou3u3.default\Prefs.js --
    Line deleted:
    Line deleted:
    Line deleted: user_pref("extensions.asktb.cbid", "UG");
    Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
    Line deleted: user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
    Line deleted: user_pref("extensions.asktb.first-launch-url", "hxxp://socialclub.rockstargames.com/profile/register...
    Line deleted: user_pref("extensions.asktb.fresh-install", false);
    Line deleted: user_pref("extensions.asktb.l", "dis");
    Line deleted: user_pref("extensions.asktb.last-config-req", "1282576945048");
    Line deleted: user_pref("extensions.asktb.locale", "fr_FR");
    Line deleted: user_pref("extensions.asktb.o", "15158");
    Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Line deleted: user_pref("extensions.asktb.qsrc", "2871");
    Line deleted: user_pref("extensions.asktb.r", "5");
    Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);
    -- File closed --

    Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Key deleted: HKLM\Software\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
    Key deleted: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Key deleted: HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Key deleted: HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
    Key deleted: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
    Key deleted: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
    Key deleted: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
    Key deleted: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
    Key deleted: HKLM\Software\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
    Key deleted: HKLM\Software\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
    Key deleted: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
    Key deleted: HKLM\Software\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
    Key deleted: HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
    Key deleted: HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Key deleted: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Key deleted: HKLM\Software\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
    Key deleted: HKLM\Software\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
    Key deleted: HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
    Key deleted: HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}
    Key deleted: HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}
    Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key deleted: HKLM\Software\Classes\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB}
    Key deleted: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
    Key deleted: HKLM\Software\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
    Key deleted: HKLM\Software\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
    Key deleted: HKLM\Software\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
    Key deleted: HKLM\Software\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
    Key deleted: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
    Key deleted: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
    Key deleted: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
    Key deleted: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
    Key deleted: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
    Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key deleted: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key deleted: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
    Key deleted: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
    Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key deleted: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
    Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key deleted: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
    Key deleted: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
    Key deleted: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
    Key deleted: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
    Key deleted: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
    Key deleted: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
    Key deleted: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
    Key deleted: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
    Key deleted: HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
    Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Key deleted: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
    Key deleted: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
    Key deleted: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
    Key deleted: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
    Key deleted: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
    Key deleted: HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
    Key deleted: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
    Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
    Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
    Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter
    Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
    Key deleted: HKLM\Software\Classes\ShopperReports.CntntDic
    Key deleted: HKLM\Software\Classes\ShopperReports.CntntDic.1
    Key deleted: HKLM\Software\Classes\ShopperReports.CntntDisp
    Key deleted: HKLM\Software\Classes\ShopperReports.CntntDisp.1
    Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr
    Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr.1
    Key deleted: HKLM\Software\Classes\ShopperReports.HbAx
    Key deleted: HKLM\Software\Classes\ShopperReports.HbAx.1
    Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru
    Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru.1
    Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand
    Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
    Key deleted: HKLM\Software\Classes\ShopperReports.IEButton
    Key deleted: HKLM\Software\Classes\ShopperReports.IEButton.1
    Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA
    Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA.1
    Key deleted: HKLM\Software\Classes\ShopperReports.KOPFF
    Key deleted: HKLM\Software\Classes\ShopperReports.KOPFF.1
    Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
    Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
    Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
    Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
    Key deleted: HKLM\Software\Classes\ShopperReports.ReportData
    Key deleted: HKLM\Software\Classes\ShopperReports.ReportData.1
    Key deleted: HKLM\Software\Classes\ShopperReports.Reporter
    Key deleted: HKLM\Software\Classes\ShopperReports.Reporter.1
    Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl
    Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
    Key deleted: HKLM\Software\Classes\ShopperReports.Scopes
    Key deleted: HKLM\Software\Classes\ShopperReports.Scopes.1
    Key deleted: HKLM\Software\Classes\ShopperReports.Stock
    Key deleted: HKLM\Software\Classes\ShopperReports.Stock.1
    Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
    Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
    Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
    Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
    Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
    Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
    Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
    Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key deleted: HKLM\Software\Classes\AppID\BRNstIE.DLL
    Key deleted: HKLM\Software\Classes\AppID\CmndFF.DLL
    Key deleted: HKLM\Software\Classes\AppID\mozillaps.dll
    Key deleted: HKLM\Software\Classes\AppID\Pltfrm.DLL
    Key deleted: HKLM\Software\ShopperReports3
    Key deleted: HKCU\Software\Ask.com
    Key deleted: HKCU\Software\ShopperReports3
    Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
    Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar
    Key deleted: HKCU\Software\AppDataLow\Software\ShopperReports3
    Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
    Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
    Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
    Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}

    Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.489.0
    Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790576B6765A5A3EAB90
    Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
    Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

    ============== ADDITIONNAL SCAN ==============

    ** Mozilla Firefox Version [3.6.13 (fr)] **

    -- C:\Users\seb\AppData\Roaming\Mozilla\FireFox\Profiles\qsnou3u3.default\Prefs.js --
    browser.download.lastDir, C:\\Users\\seb\\Desktop
    browser.startup.homepage_override.mstone, rv:1.9.2.13
    privacy.popups.showBrowserMessage, false

    ========================================

    ** Internet Explorer Version [8.0.7600.16385] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\SysWOW64\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 43 File(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 16 File(s)

    C:\Ad-Report-CLEAN[1].txt - 13/01/2011 (14187 Byte(s))

    End at: 17:38:45, 13/01/2011

    ============== E.O.F ==============

    2ieme rapport

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 5512

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    13/01/2011 18:38:08
    mbam-log-2011-01-13 (18-38-08).txt

    Type d'examen: Examen complet (C:\|D:\|F:\|G:\|)
    Elément(s) analysé(s): 433619
    Temps écoulé: 35 minute(s), 2 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 11

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows (Trojan.Downloader) -> Value: Windows -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Users\Public\public documents\windows movie player\player.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\brnstie.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\cmndff.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\cntntcntr.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\mozillaps.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\pltfrm.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\shopperreports.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\shopperreports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\brnstff.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files (x86)\games\fps\medal of honor\Binaries\loader.dll (Riskware.Tool.CK) -> Quarantined and deleted successfully.
    c:\Users\seb\downloads\0x0008-gta4cr\launchgtaiv.exe (Risktool.Crack) -> Quarantined and deleted successfully.
    c:\Users\seb\downloads\gta iv - gran theft auto 4 - crack + serial keygen\gta keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

    3ieme rapport
    https://www.cjoint.com/?0bntO5ljQMU
    0
  6. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

    O23 - Service: (KMService) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\srvany.exe
    [MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (.Pas de propriétaire.) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) )
    O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Google) - https://www.google.fr/webhp?hl=fr&gws_rd=ssl{searchTerms}+&meta=
    SS - | Auto 18/04/2003 8192 | (KMService) . (.Pas de propriétaire.) - C:\Windows\system32\srvany.exe


    Puis Lance ZHPFix depuis le raccourci du bureau .

    * Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

    * Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

    Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

    Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ".

    Copie/Colle le rapport à l'écran dans ton prochain message

    le rapport se trouve dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport
    0
  7. muligan Messages postés 117 Statut Membre 8
     
    Rapport de ZHPFix 1.12.3237 par Nicolas Coolman, Update du 12/01/2011
    Fichier d'export Registre :
    Run by seb at 13/01/2011 20:17:59
    Windows 7 Ultimate Edition, 64-bit (Build 7600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
    Contact : nicolascoolman@yahoo.fr

    ========== Clé(s) du Registre ==========
    O23 - Service: (KMService) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\srvany.exe => Clé supprimée avec succès
    O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Google) - https://www.google.fr/webhp?hl=fr&gws_rd=ssl{searchTerms}+&meta= => Clé supprimée avec succès
    SS - | Auto 18/04/2003 8192 | (KMService) . (.Pas de propriétaire.) - C:\Windows\system32\srvany.exe => Clé absente

    ========== Fichier(s) ==========
    c:\windows\system32\srvany.exe => Supprimé et mis en quarantaine
    c:\program files (x86)\ask.com\updatetask.exe (.not file.) ) => Fichier absent

    ========== Tache planifiée ==========
    Task : Scheduled Update for Ask Toolbar => Tâche supprimée avec succès

    ========== Récapitulatif ==========
    3 : Clé(s) du Registre
    2 : Fichier(s)
    1 : Tache planifiée

    End of the scan
    0
  8. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok

    comment va le pc ?

    j'imagine que c'est avast qui a emit l'alerte, fais un scan avec voir ce qu'il en dit et poste son rapport stp (si il y en a un)

    CONTRIBUTEUR SECURITE

    Désinfection = diagnostic + traitement + finalisation
    "Restez" jusqu'au bout...merci
    0
    1. muligan Messages postés 117 Statut Membre 8
       
      le pc a l'air d'être mieux et je t'en remercie!!!!
      je l'ai redémarré et je n'ai plus le programme form1 donc je pense que c'est bon mais je vais lancer un scan avec avast
      ce n'es pas avast qui a émit l'alerte mais lorsque je jouais sur COD black ops pas moment le son se coupais totalement et il fallait que je redémarre le pc pour le récupérer
      et lorsque je n'avais plus de son mes vidéos était très lente comme si elle était au ralentit!!!
      je lance un scan approfondie et je te tiens au courant!!!
      ps :sais-tu comment ce virus a pu arriver????
      merci encore pour ton aide si rapide et efficace!!
      0
    2. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
       
      je lance un scan approfondie et je te tiens au courant!!!

      ok j'attends pour finaliser ton affaire
      0
    3. Shoujo
       
      Non je n'ai pas abandonné mon sujet, je n'ai juste pas eu le temps de retourner sur mon pc.
      J'vais donc maintenant faire ce que tu m'as suggéré :)
      0
    4. Shoujo
       
      Et voilà :)


      http://www.cijoint.fr/cjlink.php?file=cj201101/cijFYILPty.txt

      J'espère que tu vas pas t'embrouiller avec l'autre qui demande de l'aide ^^
      0
  9. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    ok

    @ Shoujo

    rends moi sur ce nouveau sujet où des consignes t'attendent

    https://forums.commentcamarche.net/forum/affich-20520567-mdg-pour-shoujo

    ____________

    @ muligan


    supprime les 3 premières lignes trouvées par avast

    puis pour finir

    1)

    Mets à jour Adobe Reader (désinstalle avant la version antérieure)
    https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html

    puis

    * Lancez Adobe Reader
    * Cliquez sur Edition --> Préférences --> JavaScript
    * Décochez "Activer Acrobat JavaScript"
    * Validez

    ....................

    2)
    IMPORTANT

    Purger les points de restauration système:

    Télécharge OneClick2RestorePoint

    http://www.multifa7.be/Laddy/OneClick2RP.exe

    Mirroirs si non accessible :
    http://batchdhelus.open-web.fr/Laddy/OneClick2RP.exe
    https://app.box.com/s/cqcsz5m0oz

    * Double clic sur OneClick2RP pour l'exécuter (Clic-droit choisir Executer en tant qu'administrateur sous Vista/Seven)
    * Clic sur le bouton "Purger", l'outil de nettoyage de windows va s'ouvrir
    * Choisis ton disque dur principal en général (C:\) ... Patiente pendant le scan...
    * </gras>Rends toi dans l'onglet "Autres options"</gras>
    * Dans la zone restauration système, clic sur le bouton nettoyer puis sur le bouton Supprimer.
    * Les points de restauration système seront purgés sauf le dernier créé.

    Ensuite avec le même outil
    Créer un nouveau point de restauration reconnaissable
    .................

    3)
    pour supprimer les outils de désinfection :

    télécharge Delfix de Xplode

    http://sd-1.archive-host.com/membres/up/17959594961240255/DelFix.exe

    choisis SUPPRESSION

    poste son rapport
    .............................................

    Recommandations pour l'avenir

    Tu es la meilleure protection pour ton pc que tout autre antivirus, si tu admets un minimum de rigueur dans son utilisation...Les virus sont vigilants et pénètrent ta machine par toutes les portes que tu laisseras ouvertes...
    - logiciels non à jour (windows, internet explorer, java, adobe reader etc)
    - installation de toolbar
    - fréquentation de sites piégés
    - P2P
    - Application de cracks
    - Supports usb

    Pour t'aider dans cette tâche, voici quelques pistes

    Pour naviguer sur internet plus en sécurité et à l'abri des publicités, je te conseille vivement d'installer et d'utiliser le navigateur firefox
    http://www.mozilla-europe.org/fr/firefox/

    Une fois que c'est fait, lances le et installe l'extension de sécurité adblock plus
    pour bloquer les publicités
    http://www.clubic.com/telecharger-fiche45912-adblock-plus.html

    ............................

    WOT - Extension pour ton navigateur internet :
    Voici une extension à télécharger qui te permettra, en faisant tes recherches sur google, de savoir si le site proposé lors de tes recherches est un site de confiance ou un site à éviter car il pourrait infecter ton PC :
    Pour Firefox : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/
    Pour internet explorer : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp

    ........................

    Pour éviter une infection toolbar, il faut tout lire attentivement lorsque tu installes un programme gratuit, et décocher tous les programmes additionnels qui sont proposés, en particulier les barres d'outils !

    ..........................

    Vaccines tes disques amovibles à l'aide de USBFix (de Chiquitine29 et C_XX)
    http://www.teamxscript.org/too/UsbFix.exe
    Au menu principal, choisis l'option 3 (Vaccination).
    ............................

    garder Malwarebytes et faire un examen de temps en temps ton PC, avec mise à jour avant chaque scan
    .......................

    Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
    https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

    * Lance-le.(clic droit "en tant qu'administrateur" pour Vista) Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
    * Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
    * Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse

    ..........................
    utilitaire pour défragmenter , utilises pour ce faire Defraggler https://www.clubic.com/telecharger-fiche44314-defraggler.html

    ........................
    A lire pour mieux comprendre l'environnement qui t'entoure
    http://assiste.com.free.fr/p/abc/a/zombies_et_botnets.html
    https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf

    http://www.libellules.ch/...

    0
    1. muligan Messages postés 117 Statut Membre 8
       
      merci pour ton aide c'est vraiment sympa!!
      également merci pour ces conseils que je vais essayer de suivre du mieux que je peux
      0
    2. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
       
      on ne se quitte qu'apres le rapport delfix

      (sourire)
      0
    3. muligan Messages postés 117 Statut Membre 8
       
      ########## DelFix - Nettoyeur d'outils de désinfection ##########
      #
      # DelFix v7.0 - Rapport créé le 14/01/2011 à 15:17
      # Mis à jour le 08/01/11 à 17h par Xplode
      # Système d'exploitation : Windows 7 Ultimate (64 bits) [version 6.1.7600]
      # Nom d'utilisateur : seb - SEB-PC (Administrateur)
      # Exécuté depuis : C:\Users\seb\Downloads\DelFix.exe
      # Option [Suppression]


      ~~~~~~ Dossier(s) ~~~~~~

      Supprimé : C:\Program Files (x86)\Ad-Remover
      Supprimé : C:\Program Files (x86)\ZHPDiag
      Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

      ~~~~~~ Fichier(s) ~~~~~~

      Supprimé : C:\Ad-Report-CLEAN[1].txt
      Supprimé : C:\ZHPExportRegistry-13-01-2011-20-17-59.txt
      Supprimé : C:\Users\seb\Desktop\AD-R.lnk
      Supprimé : C:\Users\seb\Desktop\ZHPDiag.txt
      Supprimé : C:\Users\seb\Desktop\ZHPDiag1.txt
      Supprimé : C:\Users\seb\Desktop\ZHPFixReport.txt
      Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk
      Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk
      Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
      Supprimé : C:\Users\seb\Downloads\ZHPDiag2.exe
      Supprimé : C:\Users\seb\Downloads\OneClick2RP.exe

      ~~~~~~ Registre ~~~~~~

      Clé Supprimée : HKCU\SOFTWARE\Ad-Remover
      Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
      Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

      ~~~~~~ Autre ~~~~~~


      ########## EOF - "C:\DelFixSuppr.txt" - [1493 octets] ##########


      ps: je n'arrive pas a supprimé les 3 premiers ligne du rapport d'avast!!!
      0
    4. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
       
      en fait ils sont en quarantaine et donc ca risque pas

      pour le reste c'est ok

      sauf soucis

      => résolu

      bonne continuation
      0
    5. muligan Messages postés 117 Statut Membre 8
       
      ok pas de soucis alors
      merci a toi!!
      0
  10. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    Télécharge :ATF Cleaner par Atribune
    http://www.atribune.org/ccount/click.php?id=1

    Double-clique (clic droit "en tant qu'administrateur" pour Vista) ATF-Cleaner.exe afin de lancer le programme.
    Sous l'onglet Main, choisis : Select All
    Clique sur le bouton Empty Selected
    Si tu utilises le navigateur Firefox :
    Clique Firefox au haut et choisis : Select All
    Clique le bouton Empty Selected a
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invité. Si tu utilises le navigateur Opera :
    Clique Opera au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invité.
    Clique Exit, du menu prinicipal, afin de fermer le programme.
    Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
    0
    1. muligan Messages postés 117 Statut Membre 8
       
      second problème résolu
      un grand merci!!!!
      0
    2. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
       
      (sourire)
      0