Ecran bleu et redémarage windows 7

Résolu
thibault5995 Messages postés 8 Statut Membre -  
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

depuis quelques jours dès que j'allume mon ordinateur un écran bleu s'affiche et mon pc redémarre (trop vite pour que je puisse lire ce qui est affiché sur l'écran bleu), par contre le mode sans échec marche j'ai passé le scan malware (je ne peut pas faire la mise à jour en mode normal l'écran bleu apparait trop rapidement) mais aucun changement. Je ne sais pas ce que je peut faire, si quelqu'un aurait une aide à m'apporter ça serait simpa,

merci.

16 réponses

  1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    bonjour

    ▶ Télécharge Blue screen View :

    ouvre ce lien http://www.nirsoft.net/utils/blue_screen_view.html

    ▶ Clique sur Download BlueScreenView with full install/uninstall support

    ▶ Enregistre le fichier sur ton Bureau.

    ▶ Clic droit sur l'exe choisir Executer en tant qu'administrateur pour le lancer.

    ▶ A la fin du scan, , clique sur Edit puis Select All.
    ▶ Puis : File et Save Selected Items.

    ▶ Sauve le rapport sous BSOD.txt.

    ▶ Ouvre BSOD.txt dans le Bloc-notes, copie son contenu et poste le dans ta réponse.

    ~~

    Nous allons effectuer un diagnostic de ton PC:
    Télécharge ZHPDiag

    ▶ Laisse toi guider lors de l''installation,coche "Ajouter une icône sur le bureau" et "Exécuter ZHPDiag"

    ▶ Clique sur l''icône représentant une loupe (« Lancer le diagnostic »)

    ▶ Une fois le scan aux 100%, ferme ZHPDiag. Héberge le rapport ZHPDiag.txt présent sur ton bureau :

    Voici comment procéder

    ▶ Rends toi sur pjjoint.malekal.com
    ▶ Clique sur le bouton Parcourir
    ▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
    ▶ Clique sur le bouton Envoyer
    ▶ Un message de confirmation s''affiche (L''upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015 Copie le lien dans ta prochaine réponse.

    A bientôt.
    2
  2. thibault5995 Messages postés 8 Statut Membre
     
    Bonjour,

    Tout d'abord merci pour votre réponse, ensuite voilà pour le rapport BLue screen View:

    ==================================================
    Dump File : 100111-25287-01.dmp
    Crash Time : 01/10/2011 10:29:30
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83bc8487
    Parameter 3 : 0xc37b66dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\100111-25287-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 016
    ==================================================

    ==================================================
    Dump File : 093011-24882-01.dmp
    Crash Time : 30/09/2011 23:14:09
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83c06487
    Parameter 3 : 0xc5e8f6dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-24882-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 016
    ==================================================

    ==================================================
    Dump File : 093011-31247-01.dmp
    Crash Time : 30/09/2011 23:00:53
    Bug Check String : IRQL_NOT_LESS_OR_EQUAL
    Bug Check Code : 0x0000000a
    Parameter 1 : 0x00002edf
    Parameter 2 : 0x00000002
    Parameter 3 : 0x00000001
    Parameter 4 : 0x834ba8a4
    Caused By Driver : ntkrnlpa.exe
    Caused By Address : ntkrnlpa.exe+467cb
    File Description : NT Kernel & System
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16841 (win7_gdr.110622-1503)
    Processor : 32-bit
    Crash Address : ntkrnlpa.exe+467cb
    Stack Address 1 : ntkrnlpa.exe+718a4
    Stack Address 2 : ntkrnlpa.exe+94816
    Stack Address 3 :
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-31247-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 016
    ==================================================

    ==================================================
    Dump File : 093011-26816-01.dmp
    Crash Time : 30/09/2011 22:56:46
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x839a4487
    Parameter 3 : 0x96bdf6dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-26816-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 016
    ==================================================

    ==================================================
    Dump File : 093011-24008-01.dmp
    Crash Time : 30/09/2011 22:25:49
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83a06487
    Parameter 3 : 0xc52436dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-24008-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 008
    ==================================================

    ==================================================
    Dump File : 093011-23836-01.dmp
    Crash Time : 30/09/2011 22:21:02
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x839a6487
    Parameter 3 : 0x8e2ea6dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-23836-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 008
    ==================================================

    ==================================================
    Dump File : 093011-24445-01.dmp
    Crash Time : 30/09/2011 22:16:17
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83a06487
    Parameter 3 : 0xc585d6dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-24445-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 008
    ==================================================

    ==================================================
    Dump File : 093011-23322-01.dmp
    Crash Time : 30/09/2011 22:11:30
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83bda487
    Parameter 3 : 0x8ff7b6dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-23322-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 008
    ==================================================

    ==================================================
    Dump File : 093011-24320-01.dmp
    Crash Time : 30/09/2011 22:06:41
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83b81487
    Parameter 3 : 0xc64236dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-24320-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 008
    ==================================================

    ==================================================
    Dump File : 093011-49873-01.dmp
    Crash Time : 30/09/2011 22:01:59
    Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
    Bug Check Code : 0x1000008e
    Parameter 1 : 0xc0000005
    Parameter 2 : 0x83be3487
    Parameter 3 : 0xc29596dc
    Parameter 4 : 0x00000000
    Caused By Driver : ataport.SYS
    Caused By Address : ataport.SYS+6487
    File Description : ATAPI Driver Extension
    Product Name : Microsoft® Windows® Operating System
    Company : Microsoft Corporation
    File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
    Processor : 32-bit
    Crash Address : ataport.SYS+6487
    Stack Address 1 : ntkrnlpa.exe+3c4bc
    Stack Address 2 : klif.sys+6d206
    Stack Address 3 : klif.sys+6d720
    Computer Name :
    Full Path : C:\Windows\Minidump\093011-49873-01.dmp
    Processors Count : 2
    Major Version : 15
    Minor Version : 7600
    Dump File Size : 145 016
    ==================================================

    et voici le lien pour ZHPDiag:

    https://pjjoint.malekal.com/files.php?id=ZHPDiag_y117r13x8i13s6g13y13v10z12q7e14j9r9n6z15x7z9e10v10
    0
  3. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Vus.

    A faire dans l'ordre stp :

    ▶ Télécharge Reload_TDSSKiller

    ▶ Lance le

    choisis : lancer le nettoyage

    l'outil va automatiquement télécharger la derniere version puis

    TDSSKiller va s'ouvrir , clique sur "Start Scan" Clique ici pour l'aide en image

    Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
    Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
    Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
    Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
    Si Suspicious file est indiqué, laisse l''option cochée sur Skip
    une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer

    sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau

    ▶ Copie/Colle son contenu dans ta prochaine réponse.

    ~~


    désactive ton antivirus
    désactive Windows defender si présent
    désactive ton pare-feu


    Télécharge Pre_scan (de gen-hackman)

    Si le lien ne fonctionne pas, utilise celui-ci

    ♦ Enregistre le sur ton bureau
    s'il n'est pas sur ton bureau, coupe-le de ton dossier téléchargements et colle-le sur ton bureau

    ▶ Exécute Pre_scan.
    Avertissement: Il y aura une courte extinction du bureau pendant que l'outil travaillera --> pas de panique.
    Si l'outil est bloqué, utilise cette version
    Si l'outil détecte un proxy et que tu n'en n'as pas installé clique sur "supprimer le proxy"

    ▶ Une fois qu'il aura fini, un rapport s'ouvrira.

    ♦ NE LE POSTE PAS SUR LE FORUM (il est trop long)

    clique sur ce lien : http://www.cijoint.fr/

    ▶ Clique sur Parcourir et cherche le fichier Pre_Scan.txt qui se trouve sur ton bureau (une copie est aussi à la racine : C:\Pre_Scan.txt)

    ▶ Clique sur Ouvrir.

    ▶ Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

    est ajouté dans la page.

    ▶ Copie ce lien dans ta réponse.

    ~~

    Réparons les fichiers système :

    ▶ Ouvre ton menu démarrer

    -> Si tu es sur XP, ouvre exécuter, tape cmd et valide par pression sur la touche Enter

    -> Sur Vista/Seven, dans le champ "Recherche" tape cmd , sur le résultat qui apparait, clic droit > exécuter en tant qu'administrateur

    ▶ Dans la fenêtre noire, tape sfc /scannow et laisse Windows réparer les fichiers.

    Retente le démarrage en mode normal.
    0
  4. thibault5995 Messages postés 8 Statut Membre
     
    Je viens de redémarrer en mode normal et là ça remarche, un grand merci pour votre aide.

    Voici pour le rapport TDSSKiller:

    10:54:23.0312 1976 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
    10:54:23.0327 1976 ============================================================
    10:54:23.0327 1976 Current date / time: 2011/10/01 10:54:23.0327
    10:54:23.0327 1976 SystemInfo:
    10:54:23.0327 1976
    10:54:23.0327 1976 OS Version: 6.1.7600 ServicePack: 0.0
    10:54:23.0327 1976 Product type: Workstation
    10:54:23.0327 1976 ComputerName: THIBAULT-PC
    10:54:23.0327 1976 UserName: Administrateur
    10:54:23.0327 1976 Windows directory: C:\Windows
    10:54:23.0327 1976 System windows directory: C:\Windows
    10:54:23.0327 1976 Processor architecture: Intel x86
    10:54:23.0327 1976 Number of processors: 2
    10:54:23.0327 1976 Page size: 0x1000
    10:54:23.0327 1976 Boot type: Safe boot
    10:54:23.0327 1976 ============================================================
    10:54:25.0043 1976 Initialize success
    10:54:30.0566 2004 ============================================================
    10:54:30.0566 2004 Scan started
    10:54:30.0566 2004 Mode: Manual;
    10:54:30.0566 2004 ============================================================
    10:54:31.0112 2004 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    10:54:31.0127 2004 1394ohci - ok
    10:54:31.0190 2004 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
    10:54:31.0205 2004 ACPI - ok
    10:54:31.0330 2004 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    10:54:31.0330 2004 AcpiPmi - ok
    10:54:31.0377 2004 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    10:54:31.0393 2004 adp94xx - ok
    10:54:31.0408 2004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    10:54:31.0424 2004 adpahci - ok
    10:54:31.0439 2004 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    10:54:31.0439 2004 adpu320 - ok
    10:54:31.0642 2004 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
    10:54:31.0642 2004 AFD - ok
    10:54:31.0736 2004 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
    10:54:31.0751 2004 AgereSoftModem - ok
    10:54:31.0892 2004 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    10:54:31.0892 2004 agp440 - ok
    10:54:31.0923 2004 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    10:54:31.0923 2004 aic78xx - ok
    10:54:31.0954 2004 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    10:54:31.0954 2004 aliide - ok
    10:54:31.0985 2004 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    10:54:31.0985 2004 amdagp - ok
    10:54:32.0001 2004 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    10:54:32.0001 2004 amdide - ok
    10:54:32.0126 2004 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    10:54:32.0126 2004 AmdK8 - ok
    10:54:32.0173 2004 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    10:54:32.0173 2004 AmdPPM - ok
    10:54:32.0204 2004 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
    10:54:32.0204 2004 amdsata - ok
    10:54:32.0251 2004 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    10:54:32.0251 2004 amdsbs - ok
    10:54:32.0282 2004 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
    10:54:32.0282 2004 amdxata - ok
    10:54:32.0422 2004 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    10:54:32.0422 2004 AppID - ok
    10:54:32.0469 2004 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    10:54:32.0469 2004 arc - ok
    10:54:32.0500 2004 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    10:54:32.0516 2004 arcsas - ok
    10:54:32.0656 2004 aswFsBlk - ok
    10:54:32.0703 2004 aswRdr - ok
    10:54:32.0719 2004 aswSP - ok
    10:54:32.0765 2004 aswTdi - ok
    10:54:32.0797 2004 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    10:54:32.0812 2004 AsyncMac - ok
    10:54:32.0828 2004 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    10:54:32.0828 2004 atapi - ok
    10:54:33.0015 2004 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    10:54:33.0015 2004 b06bdrv - ok
    10:54:33.0046 2004 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    10:54:33.0046 2004 b57nd60x - ok
    10:54:33.0218 2004 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    10:54:33.0218 2004 Beep - ok
    10:54:33.0311 2004 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    10:54:33.0311 2004 blbdrive - ok
    10:54:33.0514 2004 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
    10:54:33.0514 2004 bowser - ok
    10:54:33.0561 2004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    10:54:33.0561 2004 BrFiltLo - ok
    10:54:33.0592 2004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    10:54:33.0592 2004 BrFiltUp - ok
    10:54:33.0701 2004 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    10:54:33.0701 2004 Brserid - ok
    10:54:33.0811 2004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    10:54:33.0811 2004 BrSerWdm - ok
    10:54:33.0889 2004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    10:54:33.0889 2004 BrUsbMdm - ok
    10:54:33.0889 2004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    10:54:33.0889 2004 BrUsbSer - ok
    10:54:33.0935 2004 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    10:54:33.0935 2004 BTHMODEM - ok
    10:54:34.0138 2004 catchme - ok
    10:54:34.0279 2004 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    10:54:34.0279 2004 cdfs - ok
    10:54:34.0325 2004 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    10:54:34.0325 2004 cdrom - ok
    10:54:34.0357 2004 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    10:54:34.0357 2004 circlass - ok
    10:54:34.0513 2004 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    10:54:34.0513 2004 CLFS - ok
    10:54:34.0637 2004 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    10:54:34.0653 2004 CmBatt - ok
    10:54:34.0762 2004 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    10:54:34.0762 2004 cmdide - ok
    10:54:34.0840 2004 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    10:54:34.0840 2004 CNG - ok
    10:54:34.0887 2004 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    10:54:34.0887 2004 Compbatt - ok
    10:54:34.0996 2004 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    10:54:34.0996 2004 CompositeBus - ok
    10:54:35.0074 2004 cpuz132 - ok
    10:54:35.0105 2004 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    10:54:35.0105 2004 crcdisk - ok
    10:54:35.0277 2004 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
    10:54:35.0277 2004 CSC - ok
    10:54:35.0339 2004 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
    10:54:35.0339 2004 DfsC - ok
    10:54:35.0386 2004 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    10:54:35.0386 2004 discache - ok
    10:54:35.0542 2004 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    10:54:35.0558 2004 Disk - ok
    10:54:35.0620 2004 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    10:54:35.0620 2004 drmkaud - ok
    10:54:35.0683 2004 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
    10:54:35.0698 2004 DXGKrnl - ok
    10:54:35.0917 2004 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    10:54:35.0995 2004 ebdrv - ok
    10:54:36.0166 2004 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    10:54:36.0166 2004 elxstor - ok
    10:54:36.0197 2004 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    10:54:36.0197 2004 ErrDev - ok
    10:54:36.0369 2004 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    10:54:36.0369 2004 exfat - ok
    10:54:36.0385 2004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    10:54:36.0400 2004 fastfat - ok
    10:54:36.0431 2004 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    10:54:36.0431 2004 fdc - ok
    10:54:36.0603 2004 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    10:54:36.0603 2004 FileInfo - ok
    10:54:36.0619 2004 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    10:54:36.0619 2004 Filetrace - ok
    10:54:36.0650 2004 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    10:54:36.0650 2004 flpydisk - ok
    10:54:36.0697 2004 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    10:54:36.0697 2004 FltMgr - ok
    10:54:36.0712 2004 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    10:54:36.0712 2004 FsDepends - ok
    10:54:36.0868 2004 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
    10:54:36.0868 2004 fssfltr - ok
    10:54:36.0946 2004 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    10:54:36.0946 2004 Fs_Rec - ok
    10:54:36.0993 2004 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
    10:54:36.0993 2004 fvevol - ok
    10:54:37.0149 2004 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
    10:54:37.0149 2004 FwLnk - ok
    10:54:37.0196 2004 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    10:54:37.0196 2004 gagp30kx - ok
    10:54:37.0258 2004 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    10:54:37.0258 2004 GEARAspiWDM - ok
    10:54:37.0414 2004 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    10:54:37.0414 2004 hcw85cir - ok
    10:54:37.0477 2004 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
    10:54:37.0492 2004 HdAudAddService - ok
    10:54:37.0539 2004 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    10:54:37.0539 2004 HDAudBus - ok
    10:54:37.0679 2004 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    10:54:37.0679 2004 HidBatt - ok
    10:54:37.0726 2004 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    10:54:37.0726 2004 HidBth - ok
    10:54:37.0757 2004 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    10:54:37.0757 2004 HidIr - ok
    10:54:37.0773 2004 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    10:54:37.0773 2004 HidUsb - ok
    10:54:37.0929 2004 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    10:54:37.0929 2004 HpSAMD - ok
    10:54:37.0960 2004 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    10:54:37.0991 2004 HTTP - ok
    10:54:38.0116 2004 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    10:54:38.0116 2004 hwpolicy - ok
    10:54:38.0132 2004 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    10:54:38.0132 2004 i8042prt - ok
    10:54:38.0179 2004 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
    10:54:38.0194 2004 iaStorV - ok
    10:54:38.0459 2004 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
    10:54:38.0569 2004 igfx - ok
    10:54:38.0725 2004 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    10:54:38.0725 2004 iirsp - ok
    10:54:38.0756 2004 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    10:54:38.0756 2004 intelide - ok
    10:54:38.0771 2004 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    10:54:38.0771 2004 intelppm - ok
    10:54:38.0818 2004 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    10:54:38.0818 2004 IPMIDRV - ok
    10:54:38.0849 2004 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    10:54:38.0849 2004 IPNAT - ok
    10:54:39.0005 2004 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    10:54:39.0005 2004 IRENUM - ok
    10:54:39.0021 2004 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    10:54:39.0037 2004 isapnp - ok
    10:54:39.0068 2004 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    10:54:39.0083 2004 iScsiPrt - ok
    10:54:39.0130 2004 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    10:54:39.0130 2004 kbdclass - ok
    10:54:39.0255 2004 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    10:54:39.0255 2004 kbdhid - ok
    10:54:39.0349 2004 kl1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
    10:54:39.0349 2004 kl1 - ok
    10:54:39.0489 2004 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
    10:54:39.0489 2004 kl2 - ok
    10:54:39.0567 2004 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
    10:54:39.0567 2004 KLIF - ok
    10:54:39.0739 2004 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
    10:54:39.0739 2004 KLIM6 - ok
    10:54:39.0785 2004 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
    10:54:39.0785 2004 klmouflt - ok
    10:54:39.0863 2004 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    10:54:39.0863 2004 KSecDD - ok
    10:54:40.0019 2004 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    10:54:40.0019 2004 KSecPkg - ok
    10:54:40.0051 2004 lbyq - ok
    10:54:40.0113 2004 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    10:54:40.0113 2004 lltdio - ok
    10:54:40.0175 2004 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    10:54:40.0175 2004 LSI_FC - ok
    10:54:40.0300 2004 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    10:54:40.0316 2004 LSI_SAS - ok
    10:54:40.0331 2004 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    10:54:40.0331 2004 LSI_SAS2 - ok
    10:54:40.0363 2004 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    10:54:40.0363 2004 LSI_SCSI - ok
    10:54:40.0409 2004 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    10:54:40.0409 2004 luafv - ok
    10:54:40.0534 2004 ManyCam - ok
    10:54:40.0612 2004 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys
    10:54:40.0612 2004 MBAMSwissArmy - ok
    10:54:40.0690 2004 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    10:54:40.0690 2004 megasas - ok
    10:54:40.0831 2004 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    10:54:40.0846 2004 MegaSR - ok
    10:54:40.0909 2004 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    10:54:40.0909 2004 Modem - ok
    10:54:41.0065 2004 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    10:54:41.0065 2004 monitor - ok
    10:54:41.0080 2004 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    10:54:41.0080 2004 mouclass - ok
    10:54:41.0127 2004 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    10:54:41.0127 2004 mouhid - ok
    10:54:41.0143 2004 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    10:54:41.0143 2004 mountmgr - ok
    10:54:41.0299 2004 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    10:54:41.0299 2004 mpio - ok
    10:54:41.0345 2004 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    10:54:41.0345 2004 mpsdrv - ok
    10:54:41.0377 2004 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    10:54:41.0377 2004 MRxDAV - ok
    10:54:41.0548 2004 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:54:41.0548 2004 mrxsmb - ok
    10:54:41.0626 2004 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:54:41.0642 2004 mrxsmb10 - ok
    10:54:41.0798 2004 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:54:41.0798 2004 mrxsmb20 - ok
    10:54:41.0860 2004 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    10:54:41.0860 2004 msahci - ok
    10:54:41.0891 2004 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    10:54:41.0891 2004 msdsm - ok
    10:54:42.0079 2004 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    10:54:42.0079 2004 Msfs - ok
    10:54:42.0125 2004 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    10:54:42.0125 2004 mshidkmdf - ok
    10:54:42.0157 2004 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    10:54:42.0172 2004 msisadrv - ok
    10:54:42.0188 2004 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    10:54:42.0188 2004 MSKSSRV - ok
    10:54:42.0344 2004 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    10:54:42.0344 2004 MSPCLOCK - ok
    10:54:42.0359 2004 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    10:54:42.0359 2004 MSPQM - ok
    10:54:42.0391 2004 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    10:54:42.0391 2004 MsRPC - ok
    10:54:42.0453 2004 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    10:54:42.0453 2004 mssmbios - ok
    10:54:42.0609 2004 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    10:54:42.0609 2004 MSTEE - ok
    10:54:42.0640 2004 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    10:54:42.0656 2004 MTConfig - ok
    10:54:42.0687 2004 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    10:54:42.0687 2004 Mup - ok
    10:54:42.0718 2004 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    10:54:42.0718 2004 NativeWifiP - ok
    10:54:42.0890 2004 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    10:54:42.0905 2004 NDIS - ok
    10:54:43.0046 2004 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    10:54:43.0046 2004 NdisCap - ok
    10:54:43.0077 2004 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    10:54:43.0077 2004 NdisTapi - ok
    10:54:43.0093 2004 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    10:54:43.0093 2004 Ndisuio - ok
    10:54:43.0249 2004 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    10:54:43.0249 2004 NdisWan - ok
    10:54:43.0280 2004 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    10:54:43.0280 2004 NDProxy - ok
    10:54:43.0342 2004 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    10:54:43.0342 2004 NetBIOS - ok
    10:54:43.0498 2004 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
    10:54:43.0498 2004 NetBT - ok
    10:54:43.0717 2004 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
    10:54:43.0810 2004 netw5v32 - ok
    10:54:43.0966 2004 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    10:54:43.0966 2004 nfrd960 - ok
    10:54:44.0044 2004 npf (6623e51595c0076755c29c00846c4eb2) C:\Windows\system32\drivers\npf.sys
    10:54:44.0044 2004 npf - ok
    10:54:44.0200 2004 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    10:54:44.0200 2004 Npfs - ok
    10:54:44.0247 2004 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    10:54:44.0247 2004 nsiproxy - ok
    10:54:44.0309 2004 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
    10:54:44.0325 2004 Ntfs - ok
    10:54:44.0481 2004 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    10:54:44.0481 2004 Null - ok
    10:54:44.0512 2004 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
    10:54:44.0512 2004 nvraid - ok
    10:54:44.0543 2004 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
    10:54:44.0543 2004 nvstor - ok
    10:54:44.0575 2004 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    10:54:44.0575 2004 nv_agp - ok
    10:54:44.0715 2004 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    10:54:44.0731 2004 ohci1394 - ok
    10:54:44.0777 2004 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    10:54:44.0777 2004 Parport - ok
    10:54:44.0809 2004 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    10:54:44.0809 2004 partmgr - ok
    10:54:44.0840 2004 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    10:54:44.0840 2004 Parvdm - ok
    10:54:44.0996 2004 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    10:54:44.0996 2004 pci - ok
    10:54:45.0027 2004 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    10:54:45.0027 2004 pciide - ok
    10:54:45.0058 2004 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    10:54:45.0058 2004 pcmcia - ok
    10:54:45.0089 2004 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    10:54:45.0089 2004 pcw - ok
    10:54:45.0121 2004 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    10:54:45.0136 2004 PEAUTH - ok
    10:54:45.0323 2004 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    10:54:45.0323 2004 PptpMiniport - ok
    10:54:45.0355 2004 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    10:54:45.0370 2004 Processor - ok
    10:54:45.0433 2004 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    10:54:45.0433 2004 Psched - ok
    10:54:45.0511 2004 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    10:54:45.0526 2004 ql2300 - ok
    10:54:45.0667 2004 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    10:54:45.0667 2004 ql40xx - ok
    10:54:45.0713 2004 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    10:54:45.0713 2004 QWAVEdrv - ok
    10:54:45.0745 2004 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    10:54:45.0745 2004 RasAcd - ok
    10:54:45.0791 2004 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    10:54:45.0791 2004 RasAgileVpn - ok
    10:54:45.0947 2004 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:54:45.0947 2004 Rasl2tp - ok
    10:54:45.0979 2004 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    10:54:45.0979 2004 RasPppoe - ok
    10:54:46.0025 2004 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    10:54:46.0025 2004 RasSstp - ok
    10:54:46.0181 2004 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    10:54:46.0181 2004 rdbss - ok
    10:54:46.0228 2004 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    10:54:46.0228 2004 rdpbus - ok
    10:54:46.0244 2004 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:54:46.0244 2004 RDPCDD - ok
    10:54:46.0291 2004 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
    10:54:46.0291 2004 RDPDR - ok
    10:54:46.0431 2004 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    10:54:46.0431 2004 RDPENCDD - ok
    10:54:46.0447 2004 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    10:54:46.0447 2004 RDPREFMP - ok
    10:54:46.0478 2004 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    10:54:46.0478 2004 RDPWD - ok
    10:54:46.0509 2004 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    10:54:46.0509 2004 rdyboost - ok
    10:54:46.0665 2004 rimmptsk (ea885e7a56f1be1f14c372337c42fe48) C:\Windows\system32\DRIVERS\rimmptsk.sys
    10:54:46.0665 2004 rimmptsk - ok
    10:54:46.0727 2004 rimsptsk (d7e09bc852684a7b1fc0f74fe090d45a) C:\Windows\system32\DRIVERS\rimsptsk.sys
    10:54:46.0727 2004 rimsptsk - ok
    10:54:46.0759 2004 rismxdp (b0a7494a9ba7909efac64e05d3f160db) C:\Windows\system32\DRIVERS\rixdptsk.sys
    10:54:46.0774 2004 rismxdp - ok
    10:54:46.0977 2004 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    10:54:46.0977 2004 rspndr - ok
    10:54:47.0055 2004 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
    10:54:47.0055 2004 RTL8167 - ok
    10:54:47.0102 2004 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
    10:54:47.0117 2004 s3cap - ok
    10:54:47.0273 2004 SASDIFSV - ok
    10:54:47.0305 2004 SASENUM - ok
    10:54:47.0305 2004 SASKUTIL - ok
    10:54:47.0429 2004 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    10:54:47.0429 2004 sbp2port - ok
    10:54:47.0476 2004 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    10:54:47.0476 2004 scfilter - ok
    10:54:47.0554 2004 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
    10:54:47.0554 2004 sdbus - ok
    10:54:47.0695 2004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    10:54:47.0695 2004 secdrv - ok
    10:54:47.0741 2004 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    10:54:47.0757 2004 Serenum - ok
    10:54:47.0773 2004 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    10:54:47.0773 2004 Serial - ok
    10:54:47.0804 2004 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    10:54:47.0804 2004 sermouse - ok
    10:54:47.0835 2004 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    10:54:47.0835 2004 sffdisk - ok
    10:54:47.0975 2004 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    10:54:47.0975 2004 sffp_mmc - ok
    10:54:47.0991 2004 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
    10:54:47.0991 2004 sffp_sd - ok
    10:54:48.0007 2004 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    10:54:48.0007 2004 sfloppy - ok
    10:54:48.0053 2004 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    10:54:48.0053 2004 sisagp - ok
    10:54:48.0194 2004 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    10:54:48.0194 2004 SiSRaid2 - ok
    10:54:48.0225 2004 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    10:54:48.0225 2004 SiSRaid4 - ok
    10:54:48.0256 2004 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    10:54:48.0256 2004 Smb - ok
    10:54:48.0334 2004 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    10:54:48.0334 2004 spldr - ok
    10:54:48.0506 2004 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
    10:54:48.0506 2004 sptd - ok
    10:54:48.0677 2004 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
    10:54:48.0677 2004 srv - ok
    10:54:48.0740 2004 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
    10:54:48.0755 2004 srv2 - ok
    10:54:48.0771 2004 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
    10:54:48.0771 2004 srvnet - ok
    10:54:48.0911 2004 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    10:54:48.0911 2004 stexstor - ok
    10:54:48.0974 2004 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
    10:54:48.0989 2004 storflt - ok
    10:54:49.0005 2004 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
    10:54:49.0005 2004 storvsc - ok
    10:54:49.0145 2004 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    10:54:49.0145 2004 swenum - ok
    10:54:49.0255 2004 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
    10:54:49.0286 2004 Tcpip - ok
    10:54:49.0442 2004 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
    10:54:49.0457 2004 TCPIP6 - ok
    10:54:49.0613 2004 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    10:54:49.0613 2004 tcpipreg - ok
    10:54:49.0676 2004 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    10:54:49.0676 2004 TDPIPE - ok
    10:54:49.0691 2004 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    10:54:49.0691 2004 TDTCP - ok
    10:54:49.0847 2004 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    10:54:49.0847 2004 tdx - ok
    10:54:49.0879 2004 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    10:54:49.0879 2004 TermDD - ok
    10:54:49.0972 2004 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:54:49.0972 2004 tssecsrv - ok
    10:54:50.0113 2004 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    10:54:50.0113 2004 tunnel - ok
    10:54:50.0175 2004 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
    10:54:50.0175 2004 TVALZ - ok
    10:54:50.0222 2004 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    10:54:50.0222 2004 uagp35 - ok
    10:54:50.0347 2004 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    10:54:50.0362 2004 udfs - ok
    10:54:50.0393 2004 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    10:54:50.0393 2004 uliagpkx - ok
    10:54:50.0440 2004 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    10:54:50.0440 2004 umbus - ok
    10:54:50.0471 2004 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    10:54:50.0471 2004 UmPass - ok
    10:54:50.0596 2004 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
    10:54:50.0596 2004 UnlockerDriver5 - ok
    10:54:50.0768 2004 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
    10:54:50.0768 2004 USBAAPL - ok
    10:54:50.0846 2004 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
    10:54:50.0861 2004 usbccgp - ok
    10:54:50.0877 2004 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    10:54:50.0877 2004 usbcir - ok
    10:54:50.0908 2004 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
    10:54:50.0908 2004 usbehci - ok
    10:54:51.0033 2004 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
    10:54:51.0049 2004 usbhub - ok
    10:54:51.0064 2004 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    10:54:51.0064 2004 usbohci - ok
    10:54:51.0080 2004 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    10:54:51.0080 2004 usbprint - ok
    10:54:51.0158 2004 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    10:54:51.0158 2004 usbscan - ok
    10:54:51.0189 2004 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:54:51.0189 2004 USBSTOR - ok
    10:54:51.0314 2004 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    10:54:51.0314 2004 usbuhci - ok
    10:54:51.0392 2004 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
    10:54:51.0392 2004 usbvideo - ok
    10:54:51.0439 2004 UVCFTR (0d09f77f46dd3be73c3e5949428d6995) C:\Windows\system32\DRIVERS\UVCFTR_S.SYS
    10:54:51.0454 2004 UVCFTR - ok
    10:54:51.0595 2004 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    10:54:51.0595 2004 vdrvroot - ok
    10:54:51.0626 2004 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    10:54:51.0641 2004 vga - ok
    10:54:51.0673 2004 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    10:54:51.0673 2004 VgaSave - ok
    10:54:51.0704 2004 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    10:54:51.0704 2004 vhdmp - ok
    10:54:51.0719 2004 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    10:54:51.0735 2004 viaagp - ok
    10:54:51.0875 2004 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    10:54:51.0875 2004 ViaC7 - ok
    10:54:51.0907 2004 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    10:54:51.0907 2004 viaide - ok
    10:54:51.0938 2004 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
    10:54:51.0953 2004 vmbus - ok
    10:54:51.0985 2004 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
    10:54:51.0985 2004 VMBusHID - ok
    10:54:52.0125 2004 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    10:54:52.0125 2004 volmgr - ok
    10:54:52.0156 2004 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    10:54:52.0156 2004 volmgrx - ok
    10:54:52.0234 2004 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    10:54:52.0234 2004 volsnap - ok
    10:54:52.0375 2004 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    10:54:52.0375 2004 vsmraid - ok
    10:54:52.0406 2004 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    10:54:52.0406 2004 vwifibus - ok
    10:54:52.0468 2004 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    10:54:52.0468 2004 WacomPen - ok
    10:54:52.0499 2004 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    10:54:52.0499 2004 WANARP - ok
    10:54:52.0499 2004 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    10:54:52.0499 2004 Wanarpv6 - ok
    10:54:52.0671 2004 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    10:54:52.0671 2004 Wd - ok
    10:54:52.0718 2004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    10:54:52.0718 2004 Wdf01000 - ok
    10:54:52.0765 2004 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    10:54:52.0765 2004 WfpLwf - ok
    10:54:52.0905 2004 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    10:54:52.0905 2004 WIMMount - ok
    10:54:52.0999 2004 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
    10:54:52.0999 2004 WinUsb - ok
    10:54:53.0170 2004 WmBEnum (38932c4649f8baad6ce1000ac6503d5b) C:\Windows\system32\drivers\WmBEnum.sys
    10:54:53.0170 2004 WmBEnum - ok
    10:54:53.0217 2004 WmFilter (58b3adab903fa1a78c86e6a42b80fe76) C:\Windows\system32\drivers\WmFilter.sys
    10:54:53.0217 2004 WmFilter - ok
    10:54:53.0264 2004 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    10:54:53.0264 2004 WmiAcpi - ok
    10:54:53.0435 2004 WmVirHid (e45f01f4014d7ab13b8a0c41ebf48a3d) C:\Windows\system32\drivers\WmVirHid.sys
    10:54:53.0435 2004 WmVirHid - ok
    10:54:53.0498 2004 WmXlCore (0398265dd65aae2ece180fa9d1e7b5bb) C:\Windows\system32\drivers\WmXlCore.sys
    10:54:53.0498 2004 WmXlCore - ok
    10:54:53.0560 2004 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    10:54:53.0560 2004 ws2ifsl - ok
    10:54:53.0701 2004 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
    10:54:53.0701 2004 WSDPrintDevice - ok
    10:54:53.0747 2004 WSDScan (7dc0270cfd4a05b4112e3ebbf083b595) C:\Windows\system32\DRIVERS\WSDScan.sys
    10:54:53.0763 2004 WSDScan - ok
    10:54:53.0872 2004 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    10:54:53.0872 2004 WudfPf - ok
    10:54:54.0028 2004 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    10:54:54.0044 2004 WUDFRd - ok
    10:54:54.0091 2004 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0
    10:54:54.0091 2004 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
    10:54:54.0091 2004 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
    10:54:54.0091 2004 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
    10:54:54.0091 2004 \Device\Harddisk1\DR2 - ok
    10:54:54.0122 2004 Boot (0x1200) (88db9aa6da5df5270a8cac6ff3fc0ae7) \Device\Harddisk0\DR0\Partition0
    10:54:54.0122 2004 \Device\Harddisk0\DR0\Partition0 - ok
    10:54:54.0122 2004 Boot (0x1200) (5567e9b3775ca156aa76b50aa7f18338) \Device\Harddisk1\DR2\Partition0
    10:54:54.0122 2004 \Device\Harddisk1\DR2\Partition0 - ok
    10:54:54.0137 2004 ============================================================
    10:54:54.0137 2004 Scan finished
    10:54:54.0137 2004 ============================================================
    10:54:54.0153 0296 Detected object count: 1
    10:54:54.0153 0296 Actual detected object count: 1
    10:55:25.0400 0296 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
    10:55:25.0400 0296 \Device\Harddisk0\DR0 - ok
    10:55:25.0400 0296 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
    10:55:47.0926 1928 Deinitialize success

    et voilà pour le rapport Pre_Scan:

    http://www.cijoint.fr/cjlink.php?file=cj201110/cijkp5b7zj.txt
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Bien.

    Pourrais-tu me poster ces 2 rapports stp :

    [30/09/2011|23:03:35] | C:\Ad-Report-CLEAN[1].txt
    [26/09/2010|15:28:55] | C:\ComboFix.txt
    0
  7. thibault5995 Messages postés 8 Statut Membre
     
    Pour Ad-Report:

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:03:32 le 30/09/2011, Mode sans echec

    Microsoft Windows 7 Édition Intégrale (X86)
    Administrateur@THIBAULT-PC (TOSHIBA Satellite A300)

    ============== ACTION(S) ==============

    Dossier supprimé: C:\Users\Administrateur\AppData\LocalLow\Conduit
    Dossier supprimé: C:\Program Files\Conduit
    Dossier supprimé: C:\Windows\$XNTUninstall643$

    (!) -- Fichiers temporaires supprimés.

    Clé supprimée: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    FIREFOX.EXE\Shell\Open\Command - "C:\Program Files\Mozilla Firefox\Firefox.exe"
    Components\aboutRights.js
    Components\aboutRobots.js
    Components\browsercomps.dll (Mozilla Foundation)
    Components\nsPostUpdateWin.js
    Extensions\KavAntiBanner@kaspersky.ru_bak (Anti-Banner )
    Extensions\linkfilter@kaspersky.ru_bak (Kaspersky URL Advisor )
    HKLM_Extensions|virtualKeyboard@kaspersky.ru - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
    HKLM_Extensions|KavAntiBanner@Kaspersky.ru - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\KavAntiBanner@kaspersky.ru
    HKLM_Extensions|linkfilter@kaspersky.ru - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

    -- C:\Users\Administrateur\AppData\Roaming\Mozilla\FireFox\Profiles\tzausfs9.default --
    Extensions\plugin@yontoo.com (Yontoo Layers)
    Prefs.js - browser.download.dir, C:\\Users\\Administrateur\\Downloads
    Prefs.js - browser.download.lastDir, C:\\Users\\Administrateur\\Desktop
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

    -- C:\Users\Thibault\AppData\Roaming\Mozilla\FireFox\Profiles\nyl9xns8.default --
    Prefs.js - browser.download.dir, C:\\Users\\Thibault\\Downloads
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKLM_ElevationPolicy\56d85a2e-4391-4667-b774-ae88dffac506 - C:\Program Files\Babylon-English\Babylon-EnglishToolbarHelper.exe (x)
    HKLM_ElevationPolicy\c17a93a7-f504-43da-88ce-42ad94ecf1d1 - C:\Program Files\Hotspot_Shield\Hotspot_ShieldToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} - C:\Program Files\Google\Update\1.3.21.65\GoogleUpdateBroker.exe (x)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 2 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 30/09/2011 23:03:35 (0 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 30/09/2011 23:02:10 (4052 Octet(s))

    Fin à: 23:04:19, 30/09/2011

    ============== E.O.F ==============

    et pour ComboFix:

    ComboFix 10-09-25.07 - Administrateur 26/09/2010 15:02:00.1.2 - x86
    Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3062.2286 [GMT 2:00]
    Lancé depuis: c:\users\Administrateur\Downloads\ComboFix.exe
    SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
    SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\install.exe
    C:\pic.jpg
    c:\users\Administrateur\AppData\Local\9682163.exe
    c:\users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-26 au 2010-09-26 ))))))))))))))))))))))))))))))))))))
    .

    2010-09-26 10:49 . 2010-09-26 10:49 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Malwarebytes
    2010-09-26 10:49 . 2010-09-26 10:49 -------- d-----w- c:\programdata\Malwarebytes
    2010-09-26 10:49 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-09-26 10:49 . 2010-09-26 10:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-09-26 10:49 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-09-15 19:35 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
    2010-09-14 19:01 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2010-09-14 19:01 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2010-09-14 19:01 . 2010-09-07 14:53 340048 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2010-09-14 19:00 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2010-09-14 19:00 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2010-09-14 19:00 . 2010-09-07 14:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2010-09-14 18:59 . 2010-09-07 14:24 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
    2010-09-14 18:59 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
    2010-09-14 18:59 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-09-26 10:18 . 2009-09-13 16:29 -------- d-----w- c:\program files\Spyware Terminator
    2010-09-26 10:18 . 2009-09-13 16:29 -------- d-----w- c:\users\Administrateur\AppData\Roaming\Spyware Terminator
    2010-09-25 22:02 . 2009-09-13 16:29 -------- d-----w- c:\programdata\Spyware Terminator
    2010-09-24 12:31 . 2009-10-14 19:20 -------- d-----w- c:\users\Administrateur\AppData\Roaming\vlc
    2010-09-21 13:54 . 2009-09-17 12:11 -------- d-----w- c:\users\Administrateur\AppData\Roaming\BitTorrent
    2010-09-21 11:27 . 2009-07-14 08:39 707384 ----a-w- c:\windows\system32\perfh00C.dat
    2010-09-21 11:27 . 2009-07-14 08:39 131598 ----a-w- c:\windows\system32\perfc00C.dat
    2010-09-19 16:46 . 2009-12-16 12:21 -------- d-----w- c:\program files\Everest Poker
    2010-09-14 18:59 . 2010-04-07 14:52 -------- d-----w- c:\programdata\Alwil Software
    2010-09-07 14:54 . 2010-06-18 10:01 99792 ----a-w- c:\windows\system32\drivers\aswFW.sys
    2010-09-07 14:53 . 2010-06-18 10:00 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
    2010-08-18 21:23 . 2009-11-20 16:39 -------- d-----w- c:\users\Administrateur\AppData\Roaming\dvdcss
    2010-08-10 09:39 . 2009-10-14 11:43 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2010-08-10 09:28 . 2010-06-21 18:47 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2010-08-10 09:28 . 2009-09-30 08:59 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2010-08-03 11:59 . 2009-09-13 20:53 -------- d-----w- c:\program files\Windows Live
    2010-08-03 11:58 . 2010-08-03 11:58 -------- d-----w- c:\program files\Microsoft
    2010-08-03 11:37 . 2009-09-13 20:55 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2010-08-01 21:07 . 2009-09-14 09:55 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2010-08-01 21:07 . 2010-08-01 21:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2010-08-01 21:07 . 2009-09-14 09:55 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2010-07-29 06:30 . 2010-08-11 09:08 197632 ----a-w- c:\windows\system32\ir32_32.dll
    2010-07-29 06:30 . 2010-08-11 09:08 82944 ----a-w- c:\windows\system32\iccvid.dll
    2010-06-30 06:25 . 2010-08-11 09:08 978432 ----a-w- c:\windows\system32\wininet.dll
    2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
    2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
    .

    ------- Sigcheck -------

    [-] 2010-05-27 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
    @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
    [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
    2010-09-07 15:14 152160 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-09-13 3055616]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
    "RegClean Expert Scheduler"="c:\program files\Registry Clean Expert\RCHelper.exe" [2009-07-28 606968]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-09-13 2171904]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-08-17 85888]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
    "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
    "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    R1 SASDIFSV;SASDIFSV;c:\users\ADMINI~1\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
    R1 SASKUTIL;SASKUTIL;c:\users\ADMINI~1\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-16 133104]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
    R3 SASENUM;SASENUM;c:\users\ADMINI~1\AppData\Local\Temp\SAS_SelfExtract\SASENUM.SYS [x]
    R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
    R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-01-16 691696]
    S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2010-09-07 12112]
    S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
    S1 aswFW;avast! TDI Firewall driver; [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-09-13 142592]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
    S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2010-09-07 119200]
    S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-07-06 34064]
    S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-19 7168]
    S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
    S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

    .
    Contenu du dossier 'Tâches planifiées'

    2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-16 14:48]

    2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-16 14:48]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1561552
    uInternet Settings,ProxyOverride = local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    FF - ProfilePath - c:\users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\tu4ov8u0.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - plugin: c:\progra~1\MICROS~4\Office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\MICROS~4\Office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\windows\system32\Wat\npWatWeb.dll

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-RunOnce-9682163 - c:\users\Administrateur\AppData\Local\9682163.exe

    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (Administrator)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,26,8f,4d,d8,5a,11,40,4a,8b,f3,10,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,e2,97,bb,c1,82,5a,49,b9,d1,6b,\

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.3G2"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.3GP"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.3G2"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.3GP"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ADTS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ADTS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ADTS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.AIFF"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.AIFF"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.AIFF"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ASF"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ASX"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.AU"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.AVI"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.CDA"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.M2TS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.M2TS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.m3u"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.M4A"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MP4"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MIDI"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MIDI"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MOV"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MP3"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MP3"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MP4"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MP4"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MPEG"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.M2TS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.MIDI"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.AU"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ts\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.TTS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tts\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.TTS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WAV"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WAX"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ASF"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WMA"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WMD"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WMS"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WMV"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.ASX"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WMZ"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WPL"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="WMP11.AssocFile.WVX"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="FirefoxHTML"

    [HKEY_USERS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
    @Denied: (2) (Administrator)
    "Progid"="FirefoxHTML"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Heure de fin: 2010-09-26 15:28:54
    ComboFix-quarantined-files.txt 2010-09-26 13:28

    Avant-CF: 6 132 301 824 octets libres
    Après-CF: 6 071 545 856 octets libres

    - - End Of File - - DC0AFBE4159D3A345AFACB4A122693E2
    0
  8. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    C'est pas fini.

    Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
    Lance le, clique sur [Recherche] puis patiente le temps du scan.
    Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt
    0
  9. thibault5995 Messages postés 8 Statut Membre
     
    Ok, par contre je sais pas si c'est normal mais le scan n'a pris qu'une seconde.

    Pour le rapport:

    # AdwCleaner v1.309 - Rapport créé le 01/10/2011 à 12:00:55
    # Mis à jour le 29/09/11 à 20h par Xplode
    # Système d'exploitation : Windows 7 Ultimate (32 bits)
    # Nom d'utilisateur : Administrateur - THIBAULT-PC (Administrateur)
    # Exécuté depuis : C:\Users\Administrateur\Desktop\adwcleaner0.exe
    # Option [Recherche]

    ***** [Processus] *****

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    ***** [Registre] *****

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.7600.16385

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v4.0.1 (fr)

    Profil : tzausfs9.default
    Fichier : C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\tzausfs9.default\prefs.js

    [OK] Le fichier ne contient aucune entrée illégitime.

    -\\ Google Chrome v [Impossible d'obtenir la version]

    Fichier : C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[R1].txt - [1038 octets] - [01/10/2011 12:00:55]

    ########## EOF - C:\AdwCleaner[R1].txt - [1166 octets] ##########
    0
  10. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    oui il est très rapide cet outil :)

    bon il n'a rien détecté, on va utiliser un scanner généraliste ;)

    ▶ Télécharge MBAM et installe le selon l'emplacement par défaut
    https://www.malwarebytes.com/mwb-download/
    ▶ Effectue la mise à jour et lance Malwarebytes' Anti-Malware

    ▶ ▶ Si tu n''arrive pas à le mettre à jour, télécharge ce fichier , ferme MBAM, et exécute le

    ▶ Clique dans l'onglet du haut "Recherche"
    ▶ Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
    ▶ Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

    A la fin de l'analyse, si MBAM n'a rien trouvé :

    ▶ Clique sur OK, le rapport s'ouvre spontanément

    Si des menaces ont été détectées :

    ▶ Clique sur OK puis "Afficher les résultats"
    ▶ Choisis l'option "Supprimer la sélection"
    ▶ Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
    ▶ Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
    ▶ Sinon le rapport s'ouvre automatiquement après la suppression

    Quelque soit le résultat, copie/colle le rapport dans le prochain message

    ~~

    Refais un ZHPDiag et ensuite on finalise.
    0
  11. thibault5995 Messages postés 8 Statut Membre
     
    Avec un peu de retard voilà le rapport MBAM:

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Version de la base de données: 7839

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    01/10/2011 23:37:36
    mbam-log-2011-10-01 (23-37-36).txt

    Type d'examen: Examen complet (C:\|)
    Elément(s) analysé(s): 423801
    Temps écoulé: 2 heure(s), 13 minute(s), 37 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Users\administrateur\AppData\LocalLow\Sun\Java\deployment\cache\6.0\30\5661ebde-32d3aa1f (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Windows\Temp\0cb6c4 (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Windows\Temp\cosxtu\setup.exe (Trojan.Winlock) -> Quarantined and deleted successfully.

    et pour ZHPDiag:

    Rapport de ZHPDiag v1.28.136 par Nicolas Coolman, Update du 29/09/2011
    Run by Administrateur at 01/10/2011 23:43:22
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.7600.16385
    MFIE: Mozilla Firefox v3.0.19 (fr) (Defaut)

    ---\\ Windows Product Information
    Windows 7 Ultimate Edition, 32-bit (Build 7600)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : PMJBM
    ~ Windows Remaining Initializations Number : 3
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    ---\\ System Information
    ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3062 MB (67% free)
    System Restore: Activé (Enable)
    System drive C: has 32 GB (14%) free of 231 GB

    ---\\ Logged in mode
    ~ Computer Name: THIBAULT-PC
    ~ User Name: Administrateur
    ~ All Users Names: Thibault, HomeGroupUser$, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Users\Administrateur\AppData\Roaming\
    ~ %Desktop% : C:\Users\Administrateur\Desktop\
    ~ %Favorites% : C:\Users\Administrateur\Favorites\
    ~ %LocalAppData% : C:\Users\Administrateur\AppData\Local\
    ~ %StartMenu% : C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\system32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 231 Go)
    D:\ CD-ROM drive (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
    [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
    ~ Scan Security Center in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.26/01/2010 - 06:45:39.) -- C:\Windows\Explorer.exe [2614272]
    [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]
    [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
    [MD5.EE0D7471EBF9CE40CC4A203B1F90F028] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2011 - 06:36:36.) -- C:\Windows\system32\wininet.dll [981504]
    [MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.26/01/2010 - 07:17:59.) -- C:\Windows\system32\Winlogon.exe [285696]
    [MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\system32\sppcomapi.dll [193024]
    [MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.14/07/2009 - 09:39:06.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
    [MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/06/2011 - 03:35:40.) -- C:\Windows\system32\drivers\AFD.sys [338944] 1908
    [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584] 1828
    [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\drivers\Cdfs.sys [70656] 1828
    [MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\drivers\Cdrom.sys [108544] 1820
    [MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/06/2011 - 03:33:46.) -- C:\Windows\system32\drivers\DfsC.sys [78336] 1868
    [MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\drivers\HDAudBus.sys [108544] 1908
    [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\drivers\i8042prt.sys [80896] 1892
    [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\drivers\IpNat.sys [101888] 1860
    [MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 03:43:41.) -- C:\Windows\system32\drivers\MRxSmb.sys [123392] 1836
    [MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\drivers\netBT.sys [187904] 1812
    [MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432] 1908
    [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\drivers\Parport.sys [79360] 1892
    [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [78848] 1900
    [MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:02:58.) -- C:\Windows\system32\drivers\rdpdr.sys [133120] 1852
    [MD5.5FB7FCEA0490D821F26F39CC5EA3D1E2] - (.Microsoft Corporation - Pilote de périphérique série.) (.14/07/2009 - 00:45:33.) -- C:\Windows\system32\drivers\Serial.sys [83456] 1908
    [MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\drivers\tdx.sys [74240] 1804
    ~ Scan Generic Processes in 00mn 00s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4
    ~ Mes musiques (My Musics) : 5/133
    ~ Mes Favoris (My Favorites) : 4/38
    ~ Mes Documents (My Documents) : 4/31
    ~ Mon Bureau (My Desktop) : 312/18282
    ~ Menu demarrer (Programs) : 6/33
    ~ Scan Hidden Files in 00mn 37s

    ---\\ Processus lancés
    [MD5.452FA961163EF4AEE4815796A13AB2CF] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [35696] [PID.3780]
    [MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3824]
    [MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3856]
    [MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3864]
    [MD5.E5B82EA4B98828D50C61137BFA8793F1] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.3936]
    [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552] [PID.3948]
    [MD5.B2B3FCBA37671C853879DF7DDE8A839A] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [365336] [PID.]
    [MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.3976]
    [MD5.78A4C4CF5E0FE37C708F825B0BD87C73] - (.iExpert Software - RegClean Expert Scheduler.) -- C:\Program Files\Registry Clean Expert\RCHelper.exe [606968] [PID.2996]
    [MD5.7AFF1C22E8BC6D8181053FC3590FD0F2] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [718208] [PID.3732]
    [MD5.B80B49333FF247705691FE2C12DFD139] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [307672] [PID.2592]
    [MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104] [PID.2316]
    [MD5.A6333BD6D9D42AE4E3A72E5EA5E7560F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2125312] [PID.2856]
    ~ Scan Processes Running in 00mn 01s

    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
    ~ Scan Google Browser in 00mn 00s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\tzausfs9.default\prefs.js
    C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\tzausfs9.default\user.js (.not file.)
    M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
    M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
    M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
    M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
    M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
    M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
    M2 - MFEP: prefs.js [Administrateur - tzausfs9.default\plugin@yontoo.com] [] Yontoo Layers v1.20.00 (.Yontoo LLC.)
    P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
    P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
    P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
    P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.dll
    P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.dll
    P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (...) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (.not file.)
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (...) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (.not file.)
    ~ Scan Firefox Browser in 00mn 00s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
    R0 - HKUS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://www.google.com/?gws_rd=ssl
    R1 - HKUS\S-1-5-21-1613560364-2309280019-3326055209-500\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
    R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
    R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
    ~ Scan IE Browser in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = 0
    ~ Scan Proxy management in 00mn 00s

    ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
    ~ Scan Keys in 00mn 00s

    ---\\ Redirection du fichier Hosts (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Scan Hosts File in 00mn 07s

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    ~ Scan BHO in 00mn 00s

    ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
    O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
    O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [RegClean Expert Scheduler] . (.iExpert Software - RegClean Expert Scheduler.) -- C:\Program Files\Registry Clean Expert\RCHelper.exe
    O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
    O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (.not file.)
    O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (.not file.)
    O4 - HKUS\S-1-5-21-1613560364-2309280019-3326055209-500\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKUS\S-1-5-21-1613560364-2309280019-3326055209-500\..\Run: [RegClean Expert Scheduler] . (.iExpert Software - RegClean Expert Scheduler.) -- C:\Program Files\Registry Clean Expert\RCHelper.exe
    O4 - HKUS\S-1-5-21-1613560364-2309280019-3326055209-500\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    O4 - HKUS\S-1-5-21-1613560364-2309280019-3326055209-500\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
    ~ Scan Application in 00mn 00s

    ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Users\Administrateur\Desktop\FLV-Media Player.lnk . (.HYBRIDWEB.) -- C:\Program Files\FLV-Media Player\FLV-Media.exe
    O4 - Global Startup: C:\Users\Administrateur\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Administrateur\Desktop\mozilla firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    ~ Scan Global Startup in 00mn 00s

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: Add to Anti-Banner . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~4\Office14\EXCEL.exe
    O8 - Extra context menu item: Se&nd to OneNote - (.not file.) - C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll
    ~ Scan IE Menu Contextuel in 00mn 00s

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
    O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll
    O9 - Extra button: &Envoyer à OneNote - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\kbrd.ico
    O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office14\ONBTTN~1.dll
    O9 - Extra button: Notes &liées OneNote - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\logo.ico
    ~ Scan IE Extra Buttons in 00mn 00s

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
    O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
    O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    ~ Scan Winsock in 00mn 00s

    ---\\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    ~ Scan Objets ActiveX in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0ADBE894-DA98-434C-A831-B02C249EBD6E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C4FE37FA-23AA-4012-B116-10951C8F74DA}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0ADBE894-DA98-434C-A831-B02C249EBD6E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{C4FE37FA-23AA-4012-B116-10951C8F74DA}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{0ADBE894-DA98-434C-A831-B02C249EBD6E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{C4FE37FA-23AA-4012-B116-10951C8F74DA}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{0ADBE894-DA98-434C-A831-B02C249EBD6E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{C4FE37FA-23AA-4012-B116-10951C8F74DA}: DhcpNameServer = 192.168.1.1
    ~ Scan Domain in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
    O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
    O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
    O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
    O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
    O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
    O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
    O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
    O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
    O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
    O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    ~ Scan Protocole Additionnel in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
    O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\system32\klogon.dll
    ~ Scan Winlogon in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - AppInit_DLLs: . (.Kaspersky Lab ZAO - Kaspersky OE plugin loader.) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    ~ Scan AppInit DLL in 00mn 00s

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll
    ~ Scan SSODL in 00mn 00s

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
    ~ Scan Services in 00mn 00s

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - (.not file.)
    ~ Scan Desktop Component in 00mn 00s

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
    [MD5.00000000000000000000000000000000] [APT] [{FDE29018-FFE0-478B-82BF-F83199622FBA}] (...) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (.not file.)
    ~ Scan Scheduled Task in 00mn 05s

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
    O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
    O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
    O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys
    O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
    O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
    O41 - Driver: (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\system32\DRIVERS\kl2.sys
    O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\system32\DRIVERS\klif.sys
    O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\system32\DRIVERS\klim6.sys
    O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
    O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
    O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
    O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
    O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
    O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
    O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
    O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
    O41 - Driver: (SASDIFSV) . (. - .) - C:\Users\ADMINI~1\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.sys (.not file.)
    O41 - Driver: (SASKUTIL) . (. - .) - C:\Users\ADMINI~1\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys (.not file.)
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
    O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
    O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
    O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
    O41 - Driver: (kl1) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\system32\DRIVERS\kl1.sys
    O41 - Driver: (sp_rsdrv2) . (. - .) - C:\Windows\system32\drivers\sp_rsdrv2.sys (.not file.)
    ~ Scan Drivers in 00mn 00s

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001}
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
    O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
    O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent
    O42 - Logiciel: BitTorrent - (.Pas de propriétaire.) [HKCU] -- BitTorrent
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
    O42 - Logiciel: Canon MX410 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series
    O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
    O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
    O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{06C723B9-ADF5-42BC-B949-D14D6C6628B9}
    O42 - Logiciel: FLV-Media Player 1.8 - (.HYBRIDWEB.) [HKLM] -- FLV-Media Player
    O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
    O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
    O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
    O42 - Logiciel: Intel(R) TV Wizard - (.Intel Corporation.) [HKLM] -- TVWiz
    O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}
    O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    O42 - Logiciel: Kaspersky Anti-Virus 2011 - (.Kaspersky Lab.) [HKLM] -- {66F1F013-008F-4875-B283-5A814B820347}
    O42 - Logiciel: Kaspersky Internet Security 2011 - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}
    O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
    O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0015-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0016-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00BA-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0044-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00A1-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0018-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS
    O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0401-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0413-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0407-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0C0A-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002C-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0019-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006E-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001B-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit - (.Microsoft Corporation.) [HKLM] -- {95140000-007D-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 - (.Microsoft Corporation.) [HKLM] -- {5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
    O42 - Logiciel: Microsoft Works 6-9 Converter - (.Microsoft Corporation.) [HKLM] -- {172423F9-522A-483A-AD65-03600CE4CA4F}
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
    O42 - Logiciel: Mozilla Firefox (3.0.19) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.0.19)
    O42 - Logiciel: NirSoft BlueScreenView - (.Pas de propriétaire.) [HKLM] -- NirSoft BlueScreenView
    O42 - Logiciel: Octoshape add-in for Adobe Flash Player - (.Pas de propriétaire.) [HKCU] -- Octoshape add-in for Adobe Flash Player
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
    O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
    O42 - Logiciel: Registry Clean Expert - (.iExpert.) [HKLM] -- Registry Clean Expert_is1
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
    O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2523021) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{AA9E4C48-857D-4558-A4F4-343CA7680277}
    O42 - Logiciel: Security Update for Microsoft InfoPath 2010 (KB2510065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3C6C6854-EB6B-455C-B0A6-9871F0538028}
    O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}
    O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289161) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F134C2C6-30B3-4169-A325-58482B4CE6FC}
    O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}
    O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}
    O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}
    O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
    O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
    O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {401879D1-AC26-43CD-BDDE-E0D5D5608083}
    O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{556146F7-74AE-4E0A-B64F-5B8B93469F61}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B5516874-E926-4BFD-B412-D0E70112F244}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2523113) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}
    O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{309EEC22-83CE-4109-B019-BA9392FAA322}
    O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2441641) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}
    O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
    O42 - Logiciel: WinPcap 3.1 - (.CACE Technologies.) [HKLM] -- WinPcapInst
    O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
    O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
    O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
    O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
    O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
    O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
    O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
    O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
    O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
    O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
    O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
    O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
    O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
    O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
    O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
    O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
    O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
    O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
    O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
    O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
    O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
    O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
    O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
    O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
    O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
    O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
    O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
    O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
    O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
    O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
    O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
    O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
    O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {881F5DE8-9367-4B81-A325-E91BBC6472F9}
    O42 - Logiciel: winpcap-nmap 4.02 - (.Pas de propriétaire.) [HKLM] -- winpcap-nmap

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\ASProtect]
    [HKCU\Software\Ad-Remover]
    [HKCU\Software\Adobe]
    [HKCU\Software\AirSnare]
    [HKCU\Software\AppDataLow\Software\Microsoft]
    [HKCU\Software\AppDataLow\Software\Monitored]
    [HKCU\Software\AppDataLow\Software\settings]
    [HKCU\Software\AppDataLow\Software]
    [HKCU\Software\AppDataLow]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\Awsdata]
    [HKCU\Software\Canon]
    [HKCU\Software\Carambis]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\DT Soft]
    [HKCU\Software\Google]
    [HKCU\Software\IM Providers]
    [HKCU\Software\Intel]
    [HKCU\Software\JEDI-VCL]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\KasperskyLab]
    [HKCU\Software\Lexmark]
    [HKCU\Software\Logitech]
    [HKCU\Software\Macromedia]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\ManyCam 2.4]
    [HKCU\Software\Mozilla]
    [HKCU\Software\Netscape]
    [HKCU\Software\ODBC]
    [HKCU\Software\Piriform]
    [HKCU\Software\Policies]
    [HKCU\Software\Redemption??]
    [HKCU\Software\Sysinternals]
    [HKCU\Software\WinRAR]
    [HKCU\Software\g3n-h@ckm@n]
    [HKCU\Software\iExpertSoft]
    [HKLM\Software\ASProtect]
    [HKLM\Software\ATI Technologies]
    [HKLM\Software\Adobe]
    [HKLM\Software\AdwCleaner]
    [HKLM\Software\Agere]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\Awsdata]
    [HKLM\Software\Canon]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\ComputerAssociates]
    [HKLM\Software\DT Soft]
    [HKLM\Software\Debug]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\Google]
    [HKLM\Software\Intel]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\KasperskyLab]
    [HKLM\Software\LSI]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKL
    0
  12. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Peux-tu héberger le rapport de ZHPDiag ? Il est incomplet ...
    0
  13. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    ▶ Copie tout le texte présent dans la balise code ci-dessous ( tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]    => Conduit/EffectiveBrand Hotspot Shield Toolbar
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = 0    => 
    O43 - CFD: 11/10/2010 - 18:41:06 - [93511] ----D- C:\Program Files\Babylon    => Infection BT (Toolbar.Babylon)
    C:\Program Files\Babylon    => Infection BT (Toolbar.Babylon)
    EMPTYTEMP
    EMPTYFLASH
    


    ▶ Puis Lance ZHPFix depuis le raccourci du bureau .

    ▶ Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ).

    ▶ Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitre.

    ▶ Vérifie que toutes les lignes que je t''ai demandé de copier (et seulement elles) sont dans la fenêtre.

    ▶ Clique sur le bouton « GO » pour lancer le nettoyage

    ▶ Copie/Colle le rapport à l''écran dans ton prochain message

    Note : le rapport se trouve aussi dans C:\ZHP sous le nom de ZHPFix[Rx].txt (où X correspond au numéro du lancement de ZHPFix)
    0
  14. thibault5995 Messages postés 8 Statut Membre
     
    voilà le rapport ZHPFix:

    Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011
    Fichier d'export Registre :
    Run by Administrateur at 02/10/2011 21:24:42
    Windows 7 Ultimate Edition, 32-bit (Build 7600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

    ========== Clé(s) du Registre ==========
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c95a4e8e-816d-4655-8c79-d736da1adb6d}

    ========== Dossier(s) ==========
    SUPPRIME Folder: C:\Program Files\Babylon
    SUPPRIME Temporaires Windows: : 74
    SUPPRIME Flash Cookies: 13

    ========== Fichier(s) ==========
    ABSENT Folder/File: c:\program files\babylon
    SUPPRIME Temporaires Windows: : 35
    SUPPRIME Flash Cookies: 5

    ========== Récapitulatif ==========
    1 : Clé(s) du Registre
    3 : Dossier(s)
    3 : Fichier(s)

    End of clean in 00mn 01s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 02/10/2011 21:24:42 [891]
    0
  15. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Bonsoir désolé du retard ...

    Si plus de soucis on termine :

    Procédure d'optimisation/d'entretien/de prévention

    ▶ Télécharge ici : PureRa (par l''editeur de JavaRa)

    ▶ Lance-le (clic droit "executer en tant qu''administrateur" pour Vista/7)

    => Configuration en vidéo ( merci gen-hackman )

    ▶ clique sur "Clean"

    ▶ L''outil va faire son scan puis son nettoyage

    ▶ à la fin du rapport tu auras une ligne comme ca :

    Total space cleaned: 8140878 bytes

    ▶ transmets juste cette ligne , le reste importe peu

    ------

    ▶ télécharge et installe Ccleaner

    ▶ double-clique sur le fichier pour lancer l''installation

    /!\Utilisateur de Vista et windows 7 : Clique droit sur le logo de Ccleaner, « exécuter en tant qu''administrateur »

    ▶ ▶ une fois ouvert tu cliques sur option et puis avancé
    ▶ tu décoches "effacer uniquement les fichiers du dossier temp de windows plus vieux que 24 heures "
    ▶ ▶ cliques sur nettoyeur
    ▶ cliques sur windows et dans la colonne avancé
    ▶ coches la première case "vieilles données du perfetch"
    ▶ cliques sur analyse une fois l''analyse terminé
    ▶ cliques sur "lancer le nettoyage" et sur la demande de confirmation "OK" ▶ ▶ cliques maintenant sur registre et puis sur "rechercher les erreurs "
    ▶ laisses tout cochées et cliques sur "réparer les erreurs sélectionnées"
    ▶ il te demande de sauvegarder ==> OUI
    ▶ tu lui donnes un nom pour pouvoir la retrouver et enregistre
    ▶ cliques sur "corriger toutes les erreurs sélectionnées" et sur la demande de confirmation ==> OK
    ▶ Vérifie qu''il ne reste plus rien en relançant "rechercher les erreurs"
    ▶ tu retournes dans option et tu recoches la case "effacer uniquement les fichiers du dossier temp de windows plus vieux que 24 heures" et sur nettoyeur windows, sous avancé, tu décoches la première case "vieilles données du perfetch"
    ▶ tu peux fermer Ccleaner

    ------

    Fais une recherche des erreurs de disque :
    ouvre Ordinateur/Poste de travail => clic droit sur C: => propriétés => outils => Vérification des erreurs cliquez sur vérifier maintenant. Ensuite cochez les deux cases puis cliquez sur démarrer. Répondez oui pour le message d''avertissement et redémarrez votre système.

    ------

    Défragmente tes disques dur :
    Télécharge Deffragler, et défragmente tes disques.

    ------

    ▶ Désactivation, puis Réactivation de la restauration système après désinfection :

    Il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés :

    XP/Vista : http://www.forum-fec.net/t97-purger-la-restauration-du-systeme
    Seven: http://www.forum-fec.net/faq-tutoriel-astuces-f10/purger-la-restauration-du-systeme-sous-windows-7-t142.htm

    ------

    ▶ Maintiens tes logiciels à jour c'est important, utilise ce programme : https://www.commentcamarche.net/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
    Absolument à faire.

    ▶ idem pour les Mises à jour Windows :

    Il est très important de maintenir son OS à jour car ceci comble les failles de sécurité par lesquelles les malwares ("virus") s'introduisent ...

    ▶ Windows Update XP (uniquement avec Internet Explorer): http://update.microsoft.com/windowsupdate/v6/

    ▶ Windows Update Vista/Seven : cliquer sur le logo windows, dans la rechercher taper "Windows Update", cliquer sur le résultat.

    -----

    ▶ Mets à jour Java : https://www.java.com/fr/download/uninstalltool.jsp

    ▶ Désinstaller les anciennes versions de Java :

    ▶ Télécharge JavaRa.zip

    ▶ Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)

    ▶ Double-clique sur le répertoire JavaRa obtenu.

    ▶ Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s''afficher)

    ▶ Clique sur Remove Older Versions.

    ▶ Clique sur Oui pour confirmer. L''outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.

    ▶ Un rapport va s''ouvrir, copie-colle le dans ta prochaine réponse.

    ▶ Note : le rapport se trouve aussi là : ( C:\JavaRa.log )

    ▶ Tu peux fermer l''application

    ▶ ▶ Met à jour les logiciels Adobe :

    ▶ Reader : https://get2.adobe.com/fr/reader/otherversions/

    ▶ Flash Player: https://get.adobe.com/flashplayer/?loc=fr

    -----

    Si tu utilise FireFox, vérifie que tes plug in sont à jour : https://support.mozilla.org/en-US/kb/npapi-plugins

    -----

    ▶ ▶ pour supprimer les outils de désinfection :

    ▶ Télécharge et exécute Delfix sur ton bureau

    ▶ Clique sur le bouton « Suppression » et poste son rapport sur ton prochain message
    ▶ ▶ Pour le désinstaller, il suffit de le relancer et cliquer sur le bouton de désinstallation.

    ------

    Tu peux garder Malwarebytes pour un scan de temps à autres

    -----

    Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
    La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
    Donc faut se documenter.

    Tu peux lire ce sujet sur les logiciels recommandés, et les attitudes responsables sur le web
    Et celui ci, sur les logiciels gratuits à éviter

    Si tu utilises Avast! ou AVG - regle le pour détecter les LPIs - voir : https://www.malekal.com/adwares-pup-protection/

    Un peu de lecture pour éviter les infections :
    - connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
    - sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
    - lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

    Ce qu'il ne faut pas faire :
    Je télécharge n'importe quoi - je m'infecte - evite les programmes par publicités ou sur les liens commerciaux des moteurs de recherche - ce sont des arnaques ::
    Les PUPs/LPIs : https://www.malekal.com/adwares-pup-protection/
    Exemple de ce qu'il ne faut pas faire :
    https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
    https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
    Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
    Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

    Fonctionnement de quelques catégories de malwares :
    https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
    https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus
    ------

    ▶ ▶ Pense à marquer le fil comme résolu

    ------

    Si tu as d'autres questions,
    Sur le fonctionnement des malwares
    Ou comment tu t'es fait infecté
    N'hésites pas.
    On se quitte si le rapport DelFix est ok...

    @+
    0
  16. thibault5995
     
    Bonsoir,

    j'ai fait tout ce que tu demandais et mon PC remarche très bien, merci beaucoup pour ton aide c'est vraiment sympa.

    Je poste les rapports :

    -PureRa: Total space cleaned: 1515518775 bytes

    -DelFix:

    # DelFix v8.5 - Rapport créé le 04/10/2011 à 22:06:10
    # Mis à jour le 25/09/11 à 11h par Xplode
    # Système d'exploitation : Windows 7 Ultimate Service Pack 1 (32 bits)
    # Nom d'utilisateur : Administrateur - THIBAULT-PC (Administrateur)
    # Exécuté depuis : C:\Users\Administrateur\Desktop\delfix0.exe
    # Option [Suppression]

    ~~~~~~ Dossiers(s) ~~~~~~

    Supprimé : C:\Qoobox
    Supprimé : C:\Kill'em
    Supprimé : C:\Combofix
    Supprimé : C:\ZHP
    Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
    Supprimé : C:\Program Files\Ad-Remover
    Supprimé : C:\Program Files\ZHPDiag

    ~~~~~~ Fichier(s) ~~~~~~

    Supprimé : C:\Ad-Report-CLEAN[1].txt
    Supprimé : C:\Ad-Report-SCAN[1].txt
    Supprimé : C:\AdwCleaner[R1].txt
    Supprimé : C:\AdwCleaner[R2].txt
    Supprimé : C:\ComboFix.txt
    Supprimé : C:\JavaRa.log
    Supprimé : C:\PhysicalDisk0_MBR.bin
    Supprimé : C:\rkill.log
    Supprimé : C:\Users\Administrateur\Desktop\JavaRa.def
    Supprimé : C:\Users\Administrateur\Desktop\JavaRa.exe
    Supprimé : C:\Users\Administrateur\Downloads\Hotmail.zip
    Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
    Supprimé : C:\Windows\grep.exe
    Supprimé : C:\Windows\PEV.exe
    Supprimé : C:\Windows\NIRCMD.exe
    Supprimé : C:\Windows\MBR.exe
    Supprimé : C:\Windows\SED.exe
    Supprimé : C:\Windows\SWREG.exe
    Supprimé : C:\Windows\SWSC.exe
    Supprimé : C:\Windows\SWXCACLS.exe
    Supprimé : C:\Windows\Zip.exe

    ~~~~~~ Registre ~~~~~~

    Clé Supprimée : HKCU\Software\Ad-Remover
    Clé Supprimée : HKCU\Software\g3n-h@ckm@n
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cfxxe
    Clé Supprimée : HKLM\SOFTWARE\AdwCleaner
    Clé Supprimée : HKLM\SOFTWARE\Swearware
    Clé Supprimée : HKLM\SOFTWARE\Classes\.cfxxe
    Clé Supprimée : HKLM\SOFTWARE\Classes\cfxxefile
    Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~~~~~~ Autres ~~~~~~

    -> Prefetch Vidé

    *************************

    DelFix[S1].txt - [1985 octets] - [04/10/2011 22:06:10]

    ########## EOF - C:\DelFix[S1].txt - [2109 octets] ##########

    -Java:

    JavaRa 1.15 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Tue Oct 04 21:58:43 2011

    ------------------------------------

    Finished reporting.

    JavaRa 1.15 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Tue Oct 04 21:59:43 2011

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    ------------------------------------

    Finished reporting.

    Encore merci!

    à+
    0
    1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
       
      prudence et bon surf ;o)
      0