Sujet Précédent Sujet Suivant

Windows n'ouvre pas,antivirus et programme =

Fermé
pasdebol - 22 janv. 2011 à 19:56
Smart91 Messages postés 29096 Date d'inscription dimanche 15 juillet 2007 Statut Contributeur sécurité Dernière intervention 5 avril 2014 - 6 févr. 2011 à 12:47
Bonjour, alors voila,mon ordinateur est, je pense, infecté par un truc trés lourd, voila les symptômes :) :
-je ne pouvais plus ouvrir mes application, précisément mon antivirus et tous le reste.
-Puis trés vite windows 7 ne répondit plus ,impossible de l'ouvrir.

Je l'ouvre donc en mode sans echec] avec réseau et commence a fouiller sur le net.je trouve une SALOPERIE ya pas d'autres mots) qui se nomme BAGLE, je telecharge un logiciel recommandé " malwarebytes", probleme rien de détecté ,je prend alors plus conséquent "Combofyx", toujours rien.

PITIE AIDEZ MOI ... HO, Je précise que je suis sur un netbook MERCI D AVANCE A TOUTES LES REPONSSES



A voir également:

52 réponses

Précédent
Réponse 41 / 52
pasdebol
5 févr. 2011 à 18:51
THE RAPPORT:

Rapport de ZHPDiag v1.27.1505 par Nicolas Coolman, Update du 21/01/2011
Run by NOE at 05/02/2011 18:01:34
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

---\\ System Information
Windows 7 Starter Edition, 32-bit (Build 7600)
Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1014 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 69 GB (69%) free of 100 GB

---\\ Logged in mode
Computer Name: NOE-PC
User Name: NOE
All Users Names: NOE, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=%USERPROFILE%\AppData\Roaming
%LocalAppData%=%USERPROFILE%\AppData\Local
%StartMenu%=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 69 Go of 100 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 86 Go of 118 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK


---\\ Recherche particulière de fichiers génériques
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 06:45:39.) -- C:\Windows\Explorer.exe [2614272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\System32\drivers\ntfs.sys [1210432]


---\\ Processus lancés
[MD5.25FB74EABCE5EC7836BA3CFB3C58449A] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384]
[MD5.6F44F5C0BC6B210FE5F5A1C8D899AD0A] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\windows\system32\WLANExt.exe [77312]
[MD5.C4FB2613D3C75364BB159B9C23A00E7A] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\AsusService.exe [219136]
[MD5.8FCF8E276B5755DB87C8B015CAD1BC41] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [652576]
[MD5.E6ED4F02B5A151BB44DE383B365C2117] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [209768]
[MD5.0A70F4022EC2E14C159EFC4F69AA2477] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464]
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840]
[MD5.05D2B0D0F1DB139970D4AF18C679429D] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [483688]
[MD5.9C879E1C3B27085FB46EFECCD7120D51] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe [193408]
[MD5.61A86809B62769643892BC0812B204AA] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [821664]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904]
[MD5.ABF1DD9EE48F545B40B7C05C117B410A] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304]
[MD5.B1B0F24CFA5B42096180CF96E5DB7627] - (.Pas de propriétaire - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [414384]
[MD5.CD19A1BB24584BC99889BC7E214671CC] - (.ASUSTeK Computer Inc. - Asus Eee PC Hotkey Service.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1241520]
[MD5.710AB764FEAC87B4EB4BE3A6A5480BD0] - (.ASUSTeK Computer Inc. - HotkeyMon.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328]
[MD5.5806F3B00FE486DFE1ADD77CF3857845] - (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [412600]
[MD5.360600AE01D1ABDD1FCEF8AFA32AF96D] - (.ASUS - CapsAndNumKeyNotify.) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe [445344]
[MD5.137472D6EE72C4741853E2C68C8A035B] - (.AsusTek Computer Inc. - Asus EeePC LiveUpdate for Bios, Driver, Sof.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [976872]
[MD5.285FBAB6FACA1E3166FB352C34AAC762] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848]
[MD5.DC8F297AC5D203AB8D3B70709740F29C] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592]
[MD5.D165F0D7BDCDE31BE4B1E2149E92AC2A] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552]
[MD5.D23F38BCED2DEBEFD554DFF31A4DA6A3] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8546848]
[MD5.41E7042F32E30363FCE1ABCCF630DDA4] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952]
[MD5.D36DA0A5C531353C5FF5E29242649257] - (.Boingo Wireless, Inc. - Boingo Wi-Fi.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe [365936]
[MD5.203C3380A744CA5B9B1A9CAEB57F7D57] - (.Microsoft Corporation - WMI Provider Host.) -- C:\windows\system32\wbem\wmiprvse.exe [254976]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.7B878518590E826F1F3A5B1D61D405F8] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3396624]
[MD5.AB2ED3B09C356001259AA6FD9AA2AC72] - (.syncables, LLC - Syncables.) -- C:\Program Files\syncables\syncables desktop\syncables.exe [370480]
[MD5.B70D113573D600BE1E45EFCE44F3F45B] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [828704]
[MD5.569E547273C25B019054A12A40400ECE] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11318784]
[MD5.4B723F33D7331F20E06F3A2FD76EC1D5] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11312128]
[MD5.2AA659E0814FC004A320775735C4AD54] - (.Microsoft Corporation - Microsoft Office Client Virtualization Hand.) -- C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe [3207072]
[MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] - (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000]
[MD5.F2C82BA7E80C6054D5D20F3FBD4CFD34] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe [77664]
[MD5.CFCE7E6564A227CCE970882C2CF207E1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [623616]


---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll (.not file.)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.51204.0.) -- C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll


---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] . (.ASUS - AsScrPro.) -- C:\windows\AsScrPro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [HotkeyMon] . (.ASUSTeK Computer Inc. - HotkeyMon.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] . (.ASUSTeK Computer Inc. - Asus Eee PC Hotkey Service.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] . (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] . (.AsusTek Computer Inc. - Asus EeePC LiveUpdate for Bios, Driver, Sof.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [CapsHook] . (.ASUS - CapsAndNumKeyNotify.) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] . (.Pas de propriétaire - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKLM\..\Run: [ASUSWebStorage] . (.eCareme - Asus WebStorage DashBoard.) -- C:\Program Files\ASUS\ASUS WebStorage\2.2.32.76\ASUSWSDashBoard.exe
O4 - HKLM\..\Run: [GraphicsSwitch] C:\Program Files\Asus\GraphicsSwitch\GraphicsSwitch.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [OOBESetup] . (.ASUSTeK Computer Inc. - OOBERegBackup Application.) -- C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [Boingo Wi-Fi] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk
O4 - HKLM\..\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files\ASUS\APRP\APRP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (.not file.)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKCU\..\Run: [Syncables] . (.syncables, LLC - Syncables.) -- C:\Program Files\syncables\syncables desktop\Syncables.exe
O4 - HKUS\S-1-5-21-419310801-2180166599-1534113207-1000\..\Run: [Syncables] . (.syncables, LLC - Syncables.) -- C:\Program Files\syncables\syncables desktop\Syncables.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (.Broadcom Corporation..) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\Users\NOE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk . (.Pas de propriétaire.) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\Findykill.lnk . (.Pas de propriétaire.) -- C:\Users\NOE\Downloads\Setup.exe
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\Microsoft PowerPoint Viewer .lnk . (.Pas de propriétaire.) -- C:\windows\Installer\{95140000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\Musique - Raccourci.lnk . (.Pas de propriétaire.) -- C:\Users\NOE\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\MySyncFolder.lnk . (.Pas de propriétaire.) -- C:\Users\NOE\Documents\Asus WebStorage\MySyncFolder
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\YouCam(Webcam).lnk . (.CyberLink Corp..) -- C:\Program Files\CyberLink\YouCam\YouCam.exe
O4 - Global Startup: C:\Documents And Settings\NOE\Desktop\ZHPDiag2 - Raccourci.lnk . (.Nicolas Coolman.) -- C:\Users\NOE\Downloads\ZHPDiag2.exe
O4 - Global Startup: C:\Users\NOE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\NOE\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\NOE\Desktop\Findykill.lnk . (.Pas de propriétaire.) -- C:\Users\NOE\Downloads\Setup.exe
O4 - Global Startup: C:\Users\NOE\Desktop\Microsoft PowerPoint Viewer .lnk . (.Pas de propriétaire.) -- C:\windows\Installer\{95140000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
O4 - Global Startup: C:\Users\NOE\Desktop\Musique - Raccourci.lnk . (.Pas de propriétaire.) -- C:\Users\NOE\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
O4 - Global Startup: C:\Users\NOE\Desktop\MySyncFolder.lnk . (.Pas de propriétaire.) -- C:\Users\NOE\Documents\Asus WebStorage\MySyncFolder
O4 - Global Startup: C:\Users\NOE\Desktop\YouCam(Webcam).lnk . (.CyberLink Corp..) -- C:\Program Files\CyberLink\YouCam\YouCam.exe
O4 - Global Startup: C:\Users\NOE\Desktop\ZHPDiag2 - Raccourci.lnk . (.Nicolas Coolman.) -- C:\Users\NOE\Downloads\ZHPDiag2.exe
O4 - Global Startup: C:\Users\NOE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\NOE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\NOE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\NOE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\windows\system32\webcheck.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AsusService) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\AsusService.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\windows\Tasks\GoogleUpdateTaskMachineUA.job


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\windows\system32\drivers\afd.sys
O41 - Driver: (AsUpIO) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\drivers\AsUpIO.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {859D40CF-8491-44AD-8FA8-7389CB418C64}
O42 - Logiciel: ASUS VIBE - (.Ecareme, Inc..) [HKLM] -- ASUS VIBE
O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage
O42 - Logiciel: ASUSUpdate for Eee PC - (.ASUSTeK Computer Inc..) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Barre d'outils Bing - (.Microsoft Corporation.) [HKLM] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81}
O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM] -- {65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}
O42 - Logiciel: Boingo Wi-Fi - (.Boingo Wireless, Inc..) [HKLM] -- {7E49ED48-B67E-4A27-839D-EE08590A96BB}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: Broadcom Wireless Network Adapter - (.AzureWave.) [HKLM] -- {4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}
O42 - Logiciel: CapsHook - (.AsusTek Computer.) [HKLM] -- {4B5092B6-F231-4D18-83BC-2618B729CA45}
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ETDWare PS/2-x86 7.0.5.11_WHQL - (.ELAN Microelectronics Corp..) [HKLM] -- Elantech
O42 - Logiciel: Eee Docking 3.8.1 - (.ASUSTek Computer Inc..) [HKLM] -- Eee Docking_is1
O42 - Logiciel: EeeSplendid - (.ASUS.) [HKLM] -- {6333FC29-BFE5-4024-AC78-958A1A7555D1}
O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}
O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- {17780F99-A9DF-450B-81B3-6781B20A17A8}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Game Park Console - (.Oberon Media, Inc..) [HKLM] -- {D44AA979-47C2-4BC0-A860-09A54224EA44}_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hidden and Dangerous Deluxe - (.Pas de propriétaire.) [HKLM] -- Hidden and Dangerous Deluxe
O42 - Logiciel: Hotkey Service - (.AsusTek Computer.) [HKLM] -- {71C0E38E-09F2-4386-9977-404D4F6640CD}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LiveUpdate - (.AsusTek Computer Inc..) [HKLM] -- {38E5A3B1-ADF1-47E0-8024-76310A30EB36}
O42 - Logiciel: LocaleMe - (.ASUS.) [HKLM] -- {F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] -- {95140000-0070-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM] -- {90140011-0066-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.Click2Run
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006D-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint Viewer - (.Microsoft Corporation.) [HKLM] -- {95140000-00AF-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: OOBERegBackup - (.ASUSTeK Computer Inc..) [HKLM] -- OOBERegBackup_is1
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919C-B8B1A52E6080}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SRS Premium Sound Control Panel - (.SRS Labs, Inc..) [HKLM] -- {E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
O42 - Logiciel: ScreenSaverPatch - (.ASUSTeK Computer Inc..) [HKLM] -- ScreenSaverPatch_is1
O42 - Logiciel: Super Hybrid Engine - (.AsusTek Computer.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E}
O42 - Logiciel: Super Mario Bros Classic - (.Pas de propriétaire.) [HKLM] -- Super Mario Bros Classic
O42 - Logiciel: VLC media player 1.1.1 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: ebi.BookReader3J - (.eBOOK Initiative Japan Co., Ltd..) [HKLM] -- {F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {881F5DE8-9367-4B81-A325-E91BBC6472F9}
O42 - Logiciel: syncables desktop SE - (.syncables.) [HKLM] -- {300A98D6-8DA2-45FF-9314-A6861D76A535}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASUS]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EBI]
[HKCU\Software\ECAREME]
[HKCU\Software\Elantech]
[HKCU\Software\GoBoingo]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jetico]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Sysinternals]
[HKCU\Software\Wget]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\syncables]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AsusTek Computer]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\AzureWave]
[HKLM\Software\Broadcom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\CyberLink]
[HKLM\Software\EBI]
[HKLM\Software\ECAREME]
[HKLM\Software\GEAR Software]
[HKLM\Software\GoBoingo]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Hudson]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Jetico]
[HKLM\Software\LimeWire]
[HKLM\Software\Lonely Cat Games]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Policies]
[HKLM\Software\Ralink]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Swearware]
[HKLM\Software\VideoLAN]
[HKLM\Software\Widcomm]
[HKLM\Software\mozilla.org]
[HKLM\Software\syncables]


---\\ Contenu des dossiers ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/02/2011 - 16:16:32 ----D- C:\Program Files\Ad-Remover
O43 - CFD: 09/08/2010 - 14:14:48 ----D- C:\Program Files\Adobe
O43 - CFD: 30/12/2010 - 22:09:38 ----D- C:\Program Files\Alwil Software
O43 - CFD: 28/12/2010 - 13:36:20 ----D- C:\Program Files\ASUS
O43 - CFD: 09/08/2010 - 14:06:12 ----D- C:\Program Files\Atheros
O43 - CFD: 02/01/2011 - 01:24:14 ----D- C:\Program Files\Bing Bar Installer
O43 - CFD: 28/12/2010 - 13:38:20 ----D- C:\Program Files\Boingo
O43 - CFD: 01/01/2011 - 17:43:44 ----D- C:\Program Files\Bonjour
O43 - CFD: 22/01/2011 - 19:11:54 ----D- C:\Program Files\Common Files
O43 - CFD: 28/12/2010 - 13:38:10 ----D- C:\Program Files\CyberLink
O43 - CFD: 09/01/2011 - 03:18:52 ----D- C:\Program Files\DVD Maker
O43 - CFD: 09/08/2010 - 14:10:50 ----D- C:\Program Files\EBI
O43 - CFD: 09/08/2010 - 14:15:46 ----D- C:\Program Files\EeePC
O43 - CFD: 29/12/2010 - 04:13:30 ----D- C:\Program Files\Elantech
O43 - CFD: 30/12/2010 - 22:10:42 ----D- C:\Program Files\Google
O43 - CFD: 28/12/2010 - 13:38:12 --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 09/08/2010 - 14:03:30 ----D- C:\Program Files\Intel
O43 - CFD: 09/01/2011 - 03:18:52 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 30/12/2010 - 22:20:22 ----D- C:\Program Files\Java
O43 - CFD: 30/12/2010 - 22:22:36 ----D- C:\Program Files\JRE
O43 - CFD: 05/02/2011 - 17:36:38 ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 28/12/2010 - 13:41:26 ----D- C:\Program Files\Microsoft
O43 - CFD: 22/01/2011 - 03:03:20 ----D- C:\Program Files\Microsoft Application Virtualization Client
O43 - CFD: 14/07/2009 - 05:52:32 ----D- C:\Program Files\Microsoft Games
O43 - CFD: 16/01/2011 - 14:14:48 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 01/01/2011 - 14:43:00 ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 28/12/2010 - 13:42:24 ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 31/12/2010 - 10:06:10 ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 30/12/2010 - 22:16:58 ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 14/07/2009 - 05:52:32 ----D- C:\Program Files\MSBuild
O43 - CFD: 10/01/2011 - 19:41:56 ----D- C:\Program Files\MSECache
O43 - CFD: 02/01/2011 - 01:23:50 ----D- C:\Program Files\MSN Toolbar
O43 - CFD: 09/08/2010 - 15:07:40 ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 30/12/2010 - 22:22:34 ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 01/01/2011 - 17:46:00 ----D- C:\Program Files\QuickTime
O43 - CFD: 09/08/2010 - 14:06:42 ----D- C:\Program Files\Ralink
O43 - CFD: 28/12/2010 - 13:32:16 ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 05:52:32 ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 28/12/2010 - 13:38:30 ----D- C:\Program Files\SRS Labs
O43 - CFD: 30/12/2010 - 22:53:26 ----D- C:\Program Files\Super Mario Bros Classic
O43 - CFD: 09/08/2010 - 14:22:04 ----D- C:\Program Files\syncables
O43 - CFD: 30/12/2010 - 22:48:42 ----D- C:\Program Files\Take2
O43 - CFD: 28/12/2010 - 13:33:04 --H-D- C:\Program Files\Temp
O43 - CFD: 14/07/2009 - 05:53:24 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 01/01/2011 - 21:58:30 ----D- C:\Program Files\VideoLAN
O43 - CFD: 28/12/2010 - 13:33:18 ----D- C:\Program Files\WIDCOMM
O43 - CFD: 09/01/2011 - 03:18:50 ----D- C:\Program Files\Windows Defender
O43 - CFD: 02/01/2011 - 01:27:04 ----D- C:\Program Files\Windows Live
O43 - CFD: 09/01/2011 - 03:18:52 ----D- C:\Program Files\Windows Mail
O43 - CFD: 09/01/2011 - 03:18:52 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - 05:52:32 ----D- C:\Program Files\Windows NT
O43 - CFD: 09/01/2011 - 03:18:52 ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 05:52:34 ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 09/01/2011 - 03:18:52 ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 05/02/2011 - 18:01:46 ----D- C:\Program Files\ZHPDiag
O43 - CFD: 09/08/2010 - 14:14:10 ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 09/08/2010 - 14:11:16 ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 23/01/2011 - 14:56:00 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 18/01/2011 - 19:34:36 ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 28/12/2010 - 13:32:08 ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 30/12/2010 - 22:21:00 ----D- C:\Program Files\Common Files\Java
O43 - CFD: 23/01/2011 - 11:10:32 ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 09/08/2010 - 14:13:14 ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 09/01/2011 - 03:18:50 ----D- C:\Program Files\Common Files\System
O43 - CFD: 28/12/2010 - 13:38:50 ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 28/12/2010 - 17:27:42 --H-D- C:\ProgramData\.Syncables
O43 - CFD: 09/08/2010 - 14:14:40 ----D- C:\ProgramData\Adobe
O43 - CFD: 23/01/2011 - 11:10:18 ----D- C:\ProgramData\Alwil Software
O43 - CFD: 01/01/2011 - 17:43:12 ----D- C:\ProgramData\Apple
O43 - CFD: 23/01/2011 - 14:55:48 ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Application Data
O43 - CFD: 09/08/2010 - 14:06:02 ----D- C:\ProgramData\Atheros
O43 - CFD: 09/08/2010 - 14:07:10 ----D- C:\ProgramData\AzureWave
O43 - CFD: 28/12/2010 - 16:44:02 ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Documents
O43 - CFD: 09/08/2010 - 14:10:58 ----D- C:\ProgramData\EBI
O43 - CFD: 23/01/2011 - 12:36:22 ----D- C:\ProgramData\eMule
O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Favorites
O43 - CFD: 28/12/2010 - 13:38:18 ----D- C:\ProgramData\GoBoingo
O43 - CFD: 23/01/2011 - 14:55:48 ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 22/01/2011 - 22:58:58 -S--D- C:\ProgramData\Microsoft
O43 - CFD: 09/08/2010 - 14:13:18 ----D- C:\ProgramData\OberonGameConsole
O43 - CFD: 09/08/2010 - 14:06:42 ----D- C:\ProgramData\Ralink Driver
O43 - CFD: 09/08/2010 - 14:10:58 ----D- C:\ProgramData\RSMR
O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 30/12/2010 - 22:21:02 ----D- C:\ProgramData\Sun
O43 - CFD: 30/01/2011 - 16:54:18 ---AD- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Templates
O43 - CFD: 22/01/2011 - 03:34:38 ----D- C:\ProgramData\VirtualizedApplications
O43 - CFD: 09/08/2010 - 14:54:22 ----D- C:\Users\NOE\AppData\Roaming\Adobe
O43 - CFD: 01/01/2011 - 17:51:38 ----D- C:\Users\NOE\AppData\Roaming\Apple Computer
O43 - CFD: 28/12/2010 - 17:28:04 ----D- C:\Users\NOE\AppData\Roaming\ASUS WebStorage
O43 - CFD: 28/12/2010 - 19:20:32 ----D- C:\Users\NOE\AppData\Roaming\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
O43 - CFD: 14/07/2009 - 05:54:14 ----D- C:\Users\NOE\AppData\Roaming\Identities
O43 - CFD: 09/08/2010 - 14:03:16 ----D- C:\Users\NOE\AppData\Roaming\InstallShield
O43 - CFD: 10/01/2011 - 20:16:48 ----D- C:\Users\NOE\AppData\Roaming\LimeWire
O43 - CFD: 09/08/2010 - 14:11:10 ----D- C:\Users\NOE\AppData\Roaming\Macromedia
O43 - CFD: 22/01/2011 - 12:59:00 ----D- C:\Users\NOE\AppData\Roaming\Malwarebytes
O43 - CFD: 23/01/2011 - 14:55:52 -S--D- C:\Users\NOE\AppData\Roaming\Microsoft
O43 - CFD: 30/12/2010 - 22:17:30 ----D- C:\Users\NOE\AppData\Roaming\Mozilla
O43 - CFD: 30/12/2010 - 22:26:14 ----D- C:\Users\NOE\AppData\Roaming\OpenOffice.org
O43 - CFD: 03/02/2011 - 23:37:30 ----D- C:\Users\NOE\AppData\Roaming\SoftGrid Client
O43 - CFD: 18/01/2011 - 19:36:54 ----D- C:\Users\NOE\AppData\Roaming\TP
O43 - CFD: 18/01/2011 - 19:18:38 ----D- C:\Users\NOE\AppData\Roaming\U3
O43 - CFD: 19/01/2011 - 22:27:10 ----D- C:\Users\NOE\AppData\Roaming\vlc


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000088EE1200] - 05/02/2011 - 17:23:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\WindowsUpdate.log [512640]
O44 - LFC:[MD5.76C27CD7902494A8338AC12AE1C618D0] - 05/02/2011 - 16:34:59 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9696]
O44 - LFC:[MD5.76C27CD7902494A8338AC12AE1C618D0] - 05/02/2011 - 16:34:59 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9696]
O44 - LFC:[MD5.A48D8C80F99A5473D174152BE48B05B5] - 05/02/2011 - 16:27:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\setupact.log [952]
O44 - LFC:[MD5.AA971B5D461A255116227EDB54DA07ED] - 05/02/2011 - 16:27:26 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\bootstat.dat [67584]
O44 - LFC:[MD5.E31B418372A4459C1344825930353485] - 05/02/2011 - 16:18:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [5661]
O44 - LFC:[MD5.1DB8AFAC8725BA11B97867900A4F3579] - 23/01/2011 - 17:56:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\PerfStringBackup.INI [1551212]
O44 - LFC:[MD5.08A35FF563BF02F2E61C69198E8B04D0] - 23/01/2011 - 17:56:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfc009.dat [106574]
O44 - LFC:[MD5.D5FFB69679B3265B6C6AA2932DD21D8E] - 23/01/2011 - 17:56:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfc00C.dat [130940]
O44 - LFC:[MD5.7BAC363D77A80D8BCE7650947C9DFD54] - 23/01/2011 - 17:56:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfh009.dat [616452]
O44 - LFC:[MD5.42001529AF5B02A1225BB7A2ABE7416C] - 23/01/2011 - 17:56:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfh00C.dat [704924]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/01/2011 - 12:19:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\setuperr.log [0]
O44 - LFC:[MD5.CA424E51F6910A33C6237BF99CA1C290] - 23/01/2011 - 12:19:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\ntbtlog.txt [2472]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 23/01/2011 - 11:18:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\config.nt [2577]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/01/2011 - 20:09:11 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/01/2011 - 20:09:11 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.5358E0B160B528C523591A9E18A6ACA9] - 22/01/2011 - 19:19:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [21880]
O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 22/01/2011 - 19:06:02 ---A- . (.NirSoft - NirCmd.) -- C:\windows\NIRCMD.exe [31232]
O44 - LFC:[MD5.9DAA7218961710008D7385B01BD3F386] - 22/01/2011 - 19:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\MBR.exe [89088]
O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 22/01/2011 - 19:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\PEV.exe [256512]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 22/01/2011 - 19:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 22/01/2011 - 19:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 22/01/2011 - 19:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\zip.exe [68096]
O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 22/01/2011 - 19:06:02 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\windows\SWREG.exe [161792]
O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 22/01/2011 - 19:06:02 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\windows\SWSC.exe [136704]
O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 22/01/2011 - 19:05:11 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\windows\SWXCACLS.exe [212480]
O44 - LFC:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 22/01/2011 - 12:58:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.9B5CC6C481BDD00A963829B892623247] - 22/01/2011 - 12:58:47 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.056DF2FE735BD07F16E13AEE8C39DDFF] - 16/01/2011 - 14:56:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\FNTCACHE.DAT [281472]
O44 - LFC:[MD5.50F6C017223B985398D4B68107338ECB] - 13/01/2011 - 09:47:35 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\windows\avastSS.scr [38848]
O44 - LFC:[MD5.2818237D7004CB68AE6CEBDCBD05186E] - 13/01/2011 - 09:47:32 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\windows\System32\aswBoot.exe [188216]
O44 - LFC:[MD5.B93A553C9B0F14263C8F016A44C3258C] - 13/01/2011 - 09:41:16 ---A- . (.AVAST Software - avast! self protection module.) -- C:\windows\System32\drivers\aswSP.sys [294608]
O44 - LFC:[MD5.1408421505257846EB336FEEEF33352D] - 13/01/2011 - 09:40:16 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\windows\System32\drivers\aswTdi.sys [47440]
O44 - LFC:[MD5.B6E8C5874377A42756C282FAC2E20836] - 13/01/2011 - 09:37:30 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\windows\System32\drivers\aswRdr.sys [23632]
O44 - LFC:[MD5.317F85FB68A3BE507E9CCEDE5E6D9EE0] - 13/01/2011 - 09:37:19 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\windows\System32\drivers\aswMonFlt.sys [51280]
O44 - LFC:[MD5.CBA53C5E29AE0A0CE76F9A2BE3A40D9E] - 13/01/2011 - 09:37:09 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\windows\System32\drivers\aswFsBlk.sys [17744]


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\windows\System32\msv1_0.dll


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\system3
0
Réponse 42 / 52
Utilisateur anonyme
5 févr. 2011 à 19:01
https://forums.commentcamarche.net/forum/affich-20618024-windows-n-ouvre-pas-antivirus-et-programme?page=2#49
0
Réponse 43 / 52
pasdebol
5 févr. 2011 à 19:05
OUAI, sauf que mon ordit marche trés bien ( normalement)
0
Réponse 44 / 52
Smart91 Messages postés 29096 Date d'inscription dimanche 15 juillet 2007 Statut Contributeur sécurité Dernière intervention 5 avril 2014 2 327
5 févr. 2011 à 19:07
OK mikaresol. On peut essayer. Cela ne coûte rien

@Pasdebol

Relance FindyKill:
- Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectés sans les ouvrir
- Double clic sur le raccourci FindyKill sur ton bureau
- Au menu principal, choisis l'option 2 (Suppression)
- Ensuite poste le rapport FindyKill.txt


* Note : le rapport FindyKill.txt est sauvegardé à la racine du disque
* Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide

Smart
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 52
pasdebol
5 févr. 2011 à 19:19
Je flipe un peu la parceque aprés le demarage ya un ecran noire avec deux ligne rouge et verte, ça sa vas, mais ce qui m'inquiéte c que j'ai vue défiler les mot Avast, OpenOffice,Powerpoint, il n'est pas entrain de tous bazarder :$
0
Réponse 46 / 52
Utilisateur anonyme
5 févr. 2011 à 19:30
il n'est pas entrain de tous bazarder :$


==> Si , y"a de grandes chances ....Saches tout d"abord que bagle a infecté ton AV
(c'est son but)

==> Il te faudra réinstaller un AV ensuite !!!
0
Réponse 47 / 52
pasdebol
5 févr. 2011 à 19:43
C'est quoi AV ?
0
Réponse 48 / 52
Utilisateur anonyme
5 févr. 2011 à 19:53
AV = Antivirus .... (Bagle a du le virer) mais je pense que Smart va revenir afin de poursuivre avec toi !

a+++
0
Réponse 49 / 52
pasdebol
5 févr. 2011 à 20:00
MERCI vous etes trop bon, l'ecran est tous noir avec une petite barre d'outil, mais bon ça A evolé.
0
Réponse 50 / 52
Utilisateur anonyme
5 févr. 2011 à 20:04
Poste le rapport dès que tu l'auras....

* Note : le rapport FindyKill.txt est sauvegardé a la racine du disque: c:\Findykill.txt
0
Réponse 51 / 52
pasdebol
5 févr. 2011 à 20:44
############################## | FindyKill V5.052 |

# User : NOE (Administrateurs) # NOE-PC
# Update on 23/10/2010 by El Desaparecido
# Start at: 19:14:45 | 05/02/2011
# Website : http://www.teamxscript.org/
# Contact : eldesaparecido@teamxscript.org

# Intel(R) Atom(TM) CPU N550 @ 1.50GHz
# Microsoft Windows 7 Édition Starter (6.1.7600 32-bit) #
# Internet Explorer 8.0.7600.16385
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 100 Go (69,49 Go free) # NTFS
# D:\ # Disque fixe local # 117,87 Go (86,3 Go free) # NTFS
# E:\ # Disque amovible # 7,45 Go (7,44 Go free) [USB DISK] # FAT32
# Q:\ # Disque fixe local

################## | Eléments infectieux |


################## | CRC32 ... |
0
Réponse 52 / 52
Smart91 Messages postés 29096 Date d'inscription dimanche 15 juillet 2007 Statut Contributeur sécurité Dernière intervention 5 avril 2014 2 327
6 févr. 2011 à 12:47
Le rapport n'est pas complet. Il se trouve à la racine du disque C:
==> c:\Findykill.txt

Peux-tu le reposter

Smart
0