Virus dans dossier wscsvc
Résolu/Fermé
faung
-
24 mars 2011 à 11:09
fuang Messages postés 40 Date d'inscription jeudi 24 mars 2011 Statut Membre Dernière intervention 7 juin 2011 - 31 mars 2011 à 07:14
fuang Messages postés 40 Date d'inscription jeudi 24 mars 2011 Statut Membre Dernière intervention 7 juin 2011 - 31 mars 2011 à 07:14
A voir également:
- Virus dans dossier wscsvc
- Dossier appdata - Guide
- Mettre un mot de passe sur un dossier - Guide
- Dossier rar - Guide
- Svchost.exe virus - Guide
- Youtu.be virus - Guide
39 réponses
voici le lien pour ZHP
http://pjjoint.malekal.com/files.php?id=1f669ff50151013
En ce qui concerne le rapport d'ad remover, je n'arrive pas a mettre sur le forum.
http://pjjoint.malekal.com/files.php?id=1f669ff50151013
En ce qui concerne le rapport d'ad remover, je n'arrive pas a mettre sur le forum.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
24 mars 2011 à 16:36
24 mars 2011 à 16:36
Merci.
Voici le rapport
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 14:11:24 le 24/03/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
Fuang@FUANG-HP (Hewlett-Packard HP G72 Notebook PC)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.15 (fr)] ****
Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
-- C:\Users\Fuang\AppData\Roaming\Mozilla\FireFox\Profiles\3svwot1t.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Fuang\\Downloads
Prefs.js - browser.startup.homepage, hxxp://www.google.ch
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15
Prefs.js - keyword.URL, hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
-- C:\Users\Savitty\AppData\Roaming\Mozilla\FireFox\Profiles\7a574qd3.default --
Prefs.js - browser.startup.homepage, hxxp://www.google.ch/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{B922D405-6D13-4A2B-AE89-08A030DA4402} (x)
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKCU_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
HKCU_ElevationPolicy\{849435DA-D57F-4755-8239-7F6A80660B3A} - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (Foxit Software)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 110 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 24/03/2011 13:25:20 (12531 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 24/03/2011 13:35:07 (4034 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 24/03/2011 14:11:29 (3961 Octet(s))
Fin à: 14:12:24, 24/03/2011
============== E.O.F ==============
Voici le rapport
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 14:11:24 le 24/03/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
Fuang@FUANG-HP (Hewlett-Packard HP G72 Notebook PC)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.15 (fr)] ****
Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
-- C:\Users\Fuang\AppData\Roaming\Mozilla\FireFox\Profiles\3svwot1t.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Fuang\\Downloads
Prefs.js - browser.startup.homepage, hxxp://www.google.ch
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15
Prefs.js - keyword.URL, hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
-- C:\Users\Savitty\AppData\Roaming\Mozilla\FireFox\Profiles\7a574qd3.default --
Prefs.js - browser.startup.homepage, hxxp://www.google.ch/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{B922D405-6D13-4A2B-AE89-08A030DA4402} (x)
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKCU_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
HKCU_ElevationPolicy\{849435DA-D57F-4755-8239-7F6A80660B3A} - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (Foxit Software)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 110 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 24/03/2011 13:25:20 (12531 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 24/03/2011 13:35:07 (4034 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 24/03/2011 14:11:29 (3961 Octet(s))
Fin à: 14:12:24, 24/03/2011
============== E.O.F ==============
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
24 mars 2011 à 17:28
24 mars 2011 à 17:28
Merci beaucoup. C'est super de trouver quelqu'un comme toi.
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
24 mars 2011 à 17:29
24 mars 2011 à 17:29
ok
en attente du rapport zhpfix
en attente du rapport zhpfix
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
24 mars 2011 à 21:47
24 mars 2011 à 21:47
Voici le rapport
Rapport de ZHPFix 1.12.3263 par Nicolas Coolman, Update du 22/03/2011
Fichier d'export Registre :
Run by Fuang at 24.03.2011 17:27:20
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe => Clé non supprimée
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings => Clé non supprimée
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280 => Clé non supprimée
HKCU\Software\AppDataLow\Software\uTorrentBar => Clé absente
O53 - SMSR:HKLM\...\startupreg\KUGHGZXAKT [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Users\Fuang\AppData\Local\Temp\Sk1.exe => Clé non supprimée
========== Valeur(s) du Registre ==========
R3 - URLSearchHook: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} Clé orpheline => Valeur absente
========== Fichier(s) ==========
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe => Supprimé et mis en quarantaine
c:\users\fuang\appdata\local\temp\sk1.exe => Supprimé et mis en quarantaine
========== Logiciel(s) ==========
O42 - Logiciel: pdfforge Toolbar v4.3 - (.Spigot, Inc..) [HKLM][64Bits] -- {A0B139A7-E8D5-49E8-A7BF-12421E652208} => Logiciel déjà supprimé
========== Récapitulatif ==========
5 : Clé(s) du Registre
1 : Valeur(s) du Registre
2 : Fichier(s)
1 : Logiciel(s)
End of the scan
Rapport de ZHPFix 1.12.3263 par Nicolas Coolman, Update du 22/03/2011
Fichier d'export Registre :
Run by Fuang at 24.03.2011 17:27:20
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe => Clé non supprimée
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings => Clé non supprimée
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280 => Clé non supprimée
HKCU\Software\AppDataLow\Software\uTorrentBar => Clé absente
O53 - SMSR:HKLM\...\startupreg\KUGHGZXAKT [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Users\Fuang\AppData\Local\Temp\Sk1.exe => Clé non supprimée
========== Valeur(s) du Registre ==========
R3 - URLSearchHook: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} Clé orpheline => Valeur absente
========== Fichier(s) ==========
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe => Supprimé et mis en quarantaine
c:\users\fuang\appdata\local\temp\sk1.exe => Supprimé et mis en quarantaine
========== Logiciel(s) ==========
O42 - Logiciel: pdfforge Toolbar v4.3 - (.Spigot, Inc..) [HKLM][64Bits] -- {A0B139A7-E8D5-49E8-A7BF-12421E652208} => Logiciel déjà supprimé
========== Récapitulatif ==========
5 : Clé(s) du Registre
1 : Valeur(s) du Registre
2 : Fichier(s)
1 : Logiciel(s)
End of the scan
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 08:25
25 mars 2011 à 08:25
Bonjour,
quand je me connecte, je suis encore envoyé sur des sites publicitaires.
J'ai fait comme tu m'as dit, j'ai scanné en mode sans échec.
Voici
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [4]) -> Lancé à 08:08:26 le 25/03/2011, Mode sans echec
Microsoft Windows 7 Édition Familiale Premium (X64)
Fuang@FUANG-HP (Hewlett-Packard HP G72 Notebook PC)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
-- C:\Users\Fuang\AppData\Roaming\Mozilla\FireFox\Profiles\3svwot1t.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Fuang\\Downloads
Prefs.js - browser.startup.homepage, hxxp://www.google.ch
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
-- C:\Users\Savitty\AppData\Roaming\Mozilla\FireFox\Profiles\7a574qd3.default --
Prefs.js - browser.startup.homepage, hxxp://www.google.ch/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKCU_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
HKCU_ElevationPolicy\{849435DA-D57F-4755-8239-7F6A80660B3A} - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (Foxit Software)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 110 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 31 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 24/03/2011 13:25:20 (12531 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 24/03/2011 13:35:07 (4034 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 24/03/2011 14:11:29 (4100 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 25/03/2011 08:08:34 (0 Octet(s))
Fin à: 08:09:15, 25/03/2011
============== E.O.F ==============
quand je me connecte, je suis encore envoyé sur des sites publicitaires.
J'ai fait comme tu m'as dit, j'ai scanné en mode sans échec.
Voici
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [4]) -> Lancé à 08:08:26 le 25/03/2011, Mode sans echec
Microsoft Windows 7 Édition Familiale Premium (X64)
Fuang@FUANG-HP (Hewlett-Packard HP G72 Notebook PC)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
-- C:\Users\Fuang\AppData\Roaming\Mozilla\FireFox\Profiles\3svwot1t.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Fuang\\Downloads
Prefs.js - browser.startup.homepage, hxxp://www.google.ch
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
-- C:\Users\Savitty\AppData\Roaming\Mozilla\FireFox\Profiles\7a574qd3.default --
Prefs.js - browser.startup.homepage, hxxp://www.google.ch/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKCU_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{1DB2F97F-7AAC-4CC7-AA83-EDFDC38DA95C} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
HKCU_ElevationPolicy\{849435DA-D57F-4755-8239-7F6A80660B3A} - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (Foxit Software)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 110 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 31 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 24/03/2011 13:25:20 (12531 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 24/03/2011 13:35:07 (4034 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 24/03/2011 14:11:29 (4100 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 25/03/2011 08:08:34 (0 Octet(s))
Fin à: 08:09:15, 25/03/2011
============== E.O.F ==============
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 08:59
25 mars 2011 à 08:59
Voici le rapport
ComboFix 11-03-24.03 - Fuang 25.03.2011 8:39.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.41.1036.18.3894.2146 [GMT 1:00]
Lancé depuis: c:\users\Fuang\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Fuang\ntuser.pol
c:\users\Savitty\ntuser.pol
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-25 au 2011-03-25 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-25 07:44 . 2011-03-25 07:44 -------- d-----w- c:\users\Savitty\AppData\Local\temp
2011-03-25 07:44 . 2011-03-25 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-24 12:39 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-24 12:24 . 2011-03-24 12:24 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-03-24 10:51 . 2011-03-24 10:51 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-03-24 10:48 . 2011-03-25 06:52 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-03-24 09:41 . 2011-03-24 09:41 -------- d-----w- c:\users\Fuang\AppData\Local\PackageAware
2011-03-23 12:51 . 2011-03-23 12:51 -------- d-----w- c:\program files (x86)\Enigma Software Group
2011-03-23 12:50 . 2011-03-24 08:29 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
2011-03-23 12:50 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-03-23 08:38 . 2011-03-23 08:38 -------- d-----w- c:\users\Fuang\AppData\Roaming\Malwarebytes
2011-03-23 08:37 . 2011-03-23 08:37 -------- d-----w- c:\programdata\Malwarebytes
2011-03-23 08:37 . 2011-03-24 12:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-23 08:37 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-23 06:54 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\trend micro
2011-03-23 06:54 . 2011-03-23 06:54 -------- d-----w- C:\rsit
2011-03-17 08:25 . 2011-03-24 08:29 -------- d-----w- c:\programdata\HP Product Assistant
2011-03-17 08:24 . 2011-03-24 08:29 -------- d-----w- c:\windows\SysWow64\spool
2011-03-17 08:23 . 2011-03-17 08:23 -------- d-----w- c:\program files (x86)\Common Files\HP
2011-03-15 08:28 . 2011-03-23 07:06 -------- d-----w- c:\program files (x86)\Panda Security
2011-03-15 08:22 . 2011-03-15 08:22 -------- d-----w- c:\users\Fuang\AppData\Roaming\QuickScan
2011-03-14 10:01 . 2011-03-16 06:03 -------- d-----w- c:\program files (x86)\Spyware Doctor
2011-03-13 12:59 . 2011-03-13 12:59 -------- d-----w- c:\users\Fuang\dvbern-tax
2011-03-13 12:44 . 2011-03-13 12:44 -------- d-----w- c:\users\Fuang\GeTax2009
2011-03-13 12:44 . 2011-03-13 12:44 -------- d-----w- c:\users\Fuang\GeTax2010
2011-03-13 12:43 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\GeTaxPP2010
2011-03-13 12:42 . 2011-03-13 12:42 -------- d--h--w- c:\users\Fuang\InstallAnywhere
2011-03-10 08:48 . 2011-03-10 08:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-03-10 08:48 . 2011-03-10 08:48 2052928 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-08 10:49 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2011-03-07 14:43 . 2011-03-07 14:43 143360 --sha-r- c:\windows\SysWow64\WPDSp0.dll
2011-03-07 06:00 . 2011-03-07 06:00 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-03-04 07:38 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD8AE3FF-6FB5-449D-8B4E-0C9C656A9ABC}\mpengine.dll
2011-02-28 07:20 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-28 07:20 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-28 07:19 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-28 07:19 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-28 07:19 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-28 07:19 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-24 21:50 . 1999-12-17 09:13 86016 ----a-w- c:\windows\unvise32.exe
2011-02-24 21:49 . 2011-02-24 21:49 -------- d-----w- c:\program files (x86)\Mindscape
2011-02-24 17:43 . 2011-02-24 17:43 53248 ----a-r- c:\users\Fuang\AppData\Roaming\Microsoft\Installer\{5CED88DF-4B9A-436E-BC30-5BC9502B1EE8}\_D4074E803447_4AC3_8D7C_7D82D0C071C6.exe
2011-02-24 17:42 . 2011-02-24 17:42 -------- d-----w- c:\program files (x86)\SDLL
2011-02-23 20:45 . 2011-02-23 20:45 -------- d-----w- c:\users\Fuang\AppData\Local\Zattoo
2011-02-23 20:44 . 2011-02-23 20:45 -------- d-----w- c:\program files (x86)\Zattoo4
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2010-11-19 07:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-26 06:53 . 2011-02-09 06:34 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-09 06:34 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-09 06:34 144384 ----a-w- c:\windows\system32\cdd.dll
2011-01-07 08:06 . 2011-02-09 06:34 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-09 06:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-09 06:34 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-09 06:34 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-09 06:34 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-09 06:34 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-09 06:34 3127808 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
.
c:\users\Fuang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Fuang\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-22 1436424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 KUSBusByTCP;KUSBusByTCP;SysWOW64\Drivers\KUSBusByTCP.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WSDPrintDevice;Prise en charge de l'impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-21 c:\windows\Tasks\HPCeeScheduleForFuang.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\Fuang\AppData\Roaming\Mozilla\Firefox\Profiles\3svwot1t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch
FF - prefs.js: keyword.URL - hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc]
@Denied: (Full) (LocalSystem)
@Denied: (Full) (Owner)
"DisplayName"="@%SystemRoot%\\system32\\wcncsvc.dll,-3"
"ErrorControl"=dword:00000001
"ImagePath"=expand:"%SystemRoot%\\System32\\svchost.exe -k LocalServiceAndNoImpersonation"
"Start"=dword:00000003
"Type"=dword:00000020
"Description"="@%SystemRoot%\\system32\\wcncsvc.dll,-4"
"DependOnService"=multi:"rpcss\00\00"
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=multi:"SeChangeNotifyPrivilege\00\00"
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,
00,01,00,00,00,c0,d4,01,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceMain"="WcnServiceMain"
"ServiceDll"=expand:"%SystemRoot%\\System32\\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\Security]
"Security"=hex:01,00,14,80,8c,00,00,00,98,00,00,00,14,00,00,00,30,00,00,00,02,
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
.
Heure de fin: 2011-03-25 08:46:29
ComboFix-quarantined-files.txt 2011-03-25 07:46
.
Avant-CF: 392'078'217'216 octets libres
Après-CF: 392'264'105'984 octets libres
.
- - End Of File - - 2AA459500921DF25EB7D9C8E406FF096
ComboFix 11-03-24.03 - Fuang 25.03.2011 8:39.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.41.1036.18.3894.2146 [GMT 1:00]
Lancé depuis: c:\users\Fuang\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Fuang\ntuser.pol
c:\users\Savitty\ntuser.pol
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-25 au 2011-03-25 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-25 07:44 . 2011-03-25 07:44 -------- d-----w- c:\users\Savitty\AppData\Local\temp
2011-03-25 07:44 . 2011-03-25 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-24 12:39 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-24 12:24 . 2011-03-24 12:24 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-03-24 10:51 . 2011-03-24 10:51 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-03-24 10:48 . 2011-03-25 06:52 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-03-24 09:41 . 2011-03-24 09:41 -------- d-----w- c:\users\Fuang\AppData\Local\PackageAware
2011-03-23 12:51 . 2011-03-23 12:51 -------- d-----w- c:\program files (x86)\Enigma Software Group
2011-03-23 12:50 . 2011-03-24 08:29 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
2011-03-23 12:50 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-03-23 08:38 . 2011-03-23 08:38 -------- d-----w- c:\users\Fuang\AppData\Roaming\Malwarebytes
2011-03-23 08:37 . 2011-03-23 08:37 -------- d-----w- c:\programdata\Malwarebytes
2011-03-23 08:37 . 2011-03-24 12:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-23 08:37 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-23 06:54 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\trend micro
2011-03-23 06:54 . 2011-03-23 06:54 -------- d-----w- C:\rsit
2011-03-17 08:25 . 2011-03-24 08:29 -------- d-----w- c:\programdata\HP Product Assistant
2011-03-17 08:24 . 2011-03-24 08:29 -------- d-----w- c:\windows\SysWow64\spool
2011-03-17 08:23 . 2011-03-17 08:23 -------- d-----w- c:\program files (x86)\Common Files\HP
2011-03-15 08:28 . 2011-03-23 07:06 -------- d-----w- c:\program files (x86)\Panda Security
2011-03-15 08:22 . 2011-03-15 08:22 -------- d-----w- c:\users\Fuang\AppData\Roaming\QuickScan
2011-03-14 10:01 . 2011-03-16 06:03 -------- d-----w- c:\program files (x86)\Spyware Doctor
2011-03-13 12:59 . 2011-03-13 12:59 -------- d-----w- c:\users\Fuang\dvbern-tax
2011-03-13 12:44 . 2011-03-13 12:44 -------- d-----w- c:\users\Fuang\GeTax2009
2011-03-13 12:44 . 2011-03-13 12:44 -------- d-----w- c:\users\Fuang\GeTax2010
2011-03-13 12:43 . 2011-03-24 08:29 -------- d-----w- c:\program files (x86)\GeTaxPP2010
2011-03-13 12:42 . 2011-03-13 12:42 -------- d--h--w- c:\users\Fuang\InstallAnywhere
2011-03-10 08:48 . 2011-03-10 08:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-03-10 08:48 . 2011-03-10 08:48 2052928 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-08 10:49 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2011-03-07 14:43 . 2011-03-07 14:43 143360 --sha-r- c:\windows\SysWow64\WPDSp0.dll
2011-03-07 06:00 . 2011-03-07 06:00 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-03-04 07:38 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD8AE3FF-6FB5-449D-8B4E-0C9C656A9ABC}\mpengine.dll
2011-02-28 07:20 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-28 07:20 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-28 07:19 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-28 07:19 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-28 07:19 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-28 07:19 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-24 21:50 . 1999-12-17 09:13 86016 ----a-w- c:\windows\unvise32.exe
2011-02-24 21:49 . 2011-02-24 21:49 -------- d-----w- c:\program files (x86)\Mindscape
2011-02-24 17:43 . 2011-02-24 17:43 53248 ----a-r- c:\users\Fuang\AppData\Roaming\Microsoft\Installer\{5CED88DF-4B9A-436E-BC30-5BC9502B1EE8}\_D4074E803447_4AC3_8D7C_7D82D0C071C6.exe
2011-02-24 17:42 . 2011-02-24 17:42 -------- d-----w- c:\program files (x86)\SDLL
2011-02-23 20:45 . 2011-02-23 20:45 -------- d-----w- c:\users\Fuang\AppData\Local\Zattoo
2011-02-23 20:44 . 2011-02-23 20:45 -------- d-----w- c:\program files (x86)\Zattoo4
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2010-11-19 07:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-26 06:53 . 2011-02-09 06:34 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-09 06:34 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-09 06:34 144384 ----a-w- c:\windows\system32\cdd.dll
2011-01-07 08:06 . 2011-02-09 06:34 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-09 06:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-09 06:34 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-09 06:34 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-09 06:34 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-09 06:34 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-09 06:34 3127808 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
.
c:\users\Fuang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Fuang\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-22 1436424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 KUSBusByTCP;KUSBusByTCP;SysWOW64\Drivers\KUSBusByTCP.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;SysWOW64\Drivers\KUSBusByTCPMasterBus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WSDPrintDevice;Prise en charge de l'impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-03-21 c:\windows\Tasks\HPCeeScheduleForFuang.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 97792 ----a-w- c:\users\Fuang\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\Fuang\AppData\Roaming\Mozilla\Firefox\Profiles\3svwot1t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ch
FF - prefs.js: keyword.URL - hxxp://ch.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc]
@Denied: (Full) (LocalSystem)
@Denied: (Full) (Owner)
"DisplayName"="@%SystemRoot%\\system32\\wcncsvc.dll,-3"
"ErrorControl"=dword:00000001
"ImagePath"=expand:"%SystemRoot%\\System32\\svchost.exe -k LocalServiceAndNoImpersonation"
"Start"=dword:00000003
"Type"=dword:00000020
"Description"="@%SystemRoot%\\system32\\wcncsvc.dll,-4"
"DependOnService"=multi:"rpcss\00\00"
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=multi:"SeChangeNotifyPrivilege\00\00"
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,
00,01,00,00,00,c0,d4,01,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceMain"="WcnServiceMain"
"ServiceDll"=expand:"%SystemRoot%\\System32\\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc\Security]
"Security"=hex:01,00,14,80,8c,00,00,00,98,00,00,00,14,00,00,00,30,00,00,00,02,
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
.
Heure de fin: 2011-03-25 08:46:29
ComboFix-quarantined-files.txt 2011-03-25 07:46
.
Avant-CF: 392'078'217'216 octets libres
Après-CF: 392'264'105'984 octets libres
.
- - End Of File - - 2AA459500921DF25EB7D9C8E406FF096
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 09:15
25 mars 2011 à 09:15
C'est normal que ma connexion internet est très lente ?
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 09:57
25 mars 2011 à 09:57
C'est pas un fichier .exe. Je ne peux pas l'exécuter.
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 11:36
25 mars 2011 à 11:36
Voici le rapport
https://pjjoint.malekal.com/files.php?id=e0133cfc2012912
https://pjjoint.malekal.com/files.php?id=e0133cfc2012912
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 11:43
25 mars 2011 à 11:43
Je vais essayé.
En tout cas merci beaucoup pour ce que vous avez fait.
Fuang
En tout cas merci beaucoup pour ce que vous avez fait.
Fuang
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 11:48
25 mars 2011 à 11:48
jusque maintenant ça va. j'ai pas encore eu de spot publicitaire.
Je vous tiens au courant si cela change.
Merci
Fuang
Je vous tiens au courant si cela change.
Merci
Fuang
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
25 mars 2011 à 11:55
25 mars 2011 à 11:55
ok teste un peu et si tout va bien
on finalise
on finalise
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 15:30
25 mars 2011 à 15:30
Voilà, j'ai testé. Cela semble bien fonctionner. J'ai pas encore eu de spot publicitaire.
Merci encore.
Merci encore.
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 16:33
25 mars 2011 à 16:33
voici le lien
https://pjjoint.malekal.com/files.php?id=c08bb788727155
https://pjjoint.malekal.com/files.php?id=c08bb788727155
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 16:37
25 mars 2011 à 16:37
Et voici Javara
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Fri Mar 25 16:36:06 2011
Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}
------------------------------------
Finished reporting.
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Fri Mar 25 16:36:06 2011
Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}
Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}
------------------------------------
Finished reporting.
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 16:40
25 mars 2011 à 16:40
Merci beaucoup
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
24 mars 2011 à 16:37
24 mars 2011 à 16:37
fuang
Messages postés
40
Date d'inscription
jeudi 24 mars 2011
Statut
Membre
Dernière intervention
7 juin 2011
14
25 mars 2011 à 10:34
25 mars 2011 à 10:34
Voici le lien pour le fichier OTL
https://pjjoint.malekal.com/files.php?id=edc56c7ffb9813
Et enfin extrat.txt
https://pjjoint.malekal.com/files.php?id=c56322a36f11146
https://pjjoint.malekal.com/files.php?id=edc56c7ffb9813
Et enfin extrat.txt
https://pjjoint.malekal.com/files.php?id=c56322a36f11146