Windows 7 trop lent suite à une infection Résolu/Fermé

Question

Bonsoir, 

après une infection par le virus rumnit  réparé normalement par 3 scans par 3 antivirus différent, mon système devient trop lent de façon très remarquable !

Qu'elle est la cause de ce problème et que dois je faire pour résoudre ce problème sachant que je ne possède pas le cd d'installation pour faire une réparation du système

PC: Dell inspiron N5510 i7 6Go de ram
Système : Windows 7 64bit



Configuration: Windows 7 / Firefox 11.0

antipolis a · Answer

Bonjour.

Vous avez peut-être tué le virus,
mais pas réparé les dégâts qu'il a pu faire.

Vous devriez déposer un message dans le forum "Virus-Sécurité, mais personnellement, je préfère une bonne réinstallation du système et des applications, ou bien une réinitialisation à son état d'usine.

A vous de voir.

dali0807 · Answer

Merci pour la réponse,
je ne peux pas réinstaller le système car tout simplement j'ai pas un cd d'installation

comment je peux déplacer ce sujet dans le forum "Virus-Sécurité" ?

aloes · Answer

Bonsoir,

Es-tu certain d'être débarrassé de Ramnit complètement ?
Je pense que ton poste concerne plutôt le Forum Virus-Sécurité, ici :
https://forums.commentcamarche.net/forum/virus-securite-7

aloes

dali0807 · Answer

Non, je ne suis sûr mais avec kaspersky et ComboFix, je l'ai supprimé mais est ce que définitivement ? je ne sais pas,

je connais le forum mais j'ai voulais déplacer le même sujet pour ne pas avoir deux sujets identiques dans deux forums

aloes · Answer

Demande aux modérateurs, tu as en haut un lien Signaler.

aloes

dali0807 · Answer

ok c'est fait
merci

dali0807 · Answer

Bonsoir
ça fait longtemps que j'ai posté ce message mais toujours pas de solution
Y a t' il quelqu'un qui peut m'aider ?
Merci

aloes · Answer

Personne ne t'a répondu sur Virus-Sécurité ?
Quand c'est comme ça, tu fais un petit "Up" de temps en temps pour remonter le post.

On va essayer de nettoyer un peu. Beaucoup de choses peuvent ralentir un PC.
Commence peut-être par désactiver les programmes qui se lancent inutilement au démarrage comme ceci :

Clique sur Démarrer / Exécuter (regarde ici pour afficher la commande Exécuter dans W7 :https://www.commentcamarche.net/faq/19650-windows-7-faire-apparaitre-la-commande-executer puis tapes msconfig dans Exécuter et fais OK. 

Clique sur l'onglet Démarrage puis décoches les cases de toutes les lignes, sauf celle qui indique ton antivirus et ton pare-feu. Tout le reste doit être décoché. Fais Appliquer et OK.

Puis clique sur l'onglet Services (pour désactiver les services qui tournent en arrière plan) et coche en bas la case Masquer tous les services Microsoft  avant de cliquer sur Désactiver tout, Appliquer et OK. 

Redémarre le PC.

Fais déjà ça avant de passer à la suite.

aloes

dali0807 · Answer

Merci pour la réponse
en désactivant tous les programmes de démarrages, je ne risque pas d'arrêter des programmes Windows nécessaires ?

aloes · Answer

Non, pas de souci.

dali0807 · Answer

ok c'est fait

aloes · Answer

Déjà !

Tu as CCleaner sur ton PC, si oui, je pense que tu as déjà fait un nettoyage complet ?

aloes

dali0807 · Answer

Non,
mais je peux le faire maintenant si ça prend pas trop de temps

dali0807 · Answer

j'ai fait un nettoyage avec CCleaner

aloes · Answer

Il est ici, télécharge-le et grade-le sur le PC, il peut servir :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/#tutoriel-ccleaner
Regarde le tutoriel en bas de page, garde le réglage par défaut. Par la suite tu pourra gérer tes cookies, ceux que tu veux garder ou pas, assez pratique.

aloes

g3n-h@ckm@n · Answer

salut c est possible de lire le rapport de combofix ?

aloes · Answer

Tu as aussi nettoyé la base du registre ?
Attention là fais toujours une sauvegarde (proposée systématiquement), cela permet de récupérer en cas d'erreur de suppression.

aloes

dali0807 · Answer

oui je l'ai fait

pour le le rapport de combofix je suis entrain de le faire

aloes · Answer

Salut  g3n-h@ckm@n, super que tu sois là.
Je te laisse continuer.

aloes

dali0807 · Answer

je suis en train de télécharger une version 64 bit car la première version été incompatible

dali0807 · Answer

est ce que je copie tout le contenu du rapport ici ou il y a une autre méthode ?

dali0807 · Answer

Voici le rapport :

ComboFix 12-03-29.02 - dell 30/03/2012   0:15.4.8 - x64
Microsoft Windows 7 Professionnel   6.1.7600.0.1252.33.1036.18.6051.4459 [GMT 2:00]
Lancé depuis: h:\logiciel\Maintenance PC\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-02-28 au 2012-03-29  ))))))))))))))))))))))))))))))))))))
.
.
2012-03-29 22:19 . 2012-03-29 22:19	--------	d-----w-	c:\users\Default\AppData\Local	emp
2012-03-29 21:52 . 2012-03-29 21:52	--------	d-----w-	c:\users\dell\AppData\Local\Apple Computer
2012-03-29 21:50 . 2012-03-29 21:50	--------	d-----w-	c:\program files\CCleaner
2012-03-29 20:07 . 2012-03-29 21:39	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-27 07:50 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A3A3E1C-1D84-4E69-A1F6-47F663DCE983}\mpengine.dll
2012-03-25 21:03 . 2012-03-28 21:54	--------	d-----w-	C:\wamp
2012-03-23 16:34 . 2012-03-23 16:34	--------	d-----w-	c:\programdata\Atheros
2012-03-20 15:01 . 2012-03-20 15:01	--------	d-----w-	c:\users\dell\AppData\Roaming\vlc
2012-03-20 15:00 . 2012-03-20 15:00	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-03-20 00:27 . 2012-03-20 00:27	--------	d-----w-	c:\users\dell\AppData\Roaming\Malwarebytes
2012-03-20 00:27 . 2012-03-20 00:27	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-20 00:12 . 2012-03-20 00:12	--------	d-----w-	c:\program files (x86)\ESET
2012-03-19 23:55 . 2012-03-20 00:17	--------	d-----w-	C:\sh4ldr
2012-03-19 23:55 . 2012-03-19 23:55	--------	d-----w-	c:\program files\Enigma Software Group
2012-03-19 23:54 . 2012-03-20 00:17	--------	d-----w-	c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-03-19 23:54 . 2012-03-19 23:54	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2012-03-19 14:25 . 2012-03-21 04:20	--------	d-----w-	c:\users\dell\DoctorWeb
2012-03-19 14:10 . 2012-03-19 14:10	--------	d-----w-	C:\Kaspersky
2012-03-19 13:31 . 2012-03-19 13:31	--------	d-----w-	c:\program files (x86)\Common Files\Bitdefender
2012-03-18 22:08 . 2012-03-18 22:10	--------	d-----w-	c:\program files (x86)\CodeChargeStudio5
2012-03-18 11:49 . 2012-03-18 11:50	--------	d-----w-	C:\572a75784fab8ddca397351eabc13aa0
2012-03-17 06:36 . 2012-03-17 06:36	--------	d-----w-	c:\users\dell\AppData\Roaming\Ahead
2012-03-17 06:34 . 2000-06-26 10:45	106496	----a-w-	c:\windows\SysWow64\TwnLib20.dll
2012-03-17 06:34 . 2001-06-26 07:15	38912	----a-w-	c:\windows\SysWow64\picn20.dll
2012-03-17 06:34 . 2001-07-06 13:41	569344	----a-w-	c:\windows\SysWow64\imagr5.dll
2012-03-17 06:34 . 2001-07-06 11:44	544768	----a-w-	c:\windows\SysWow64\imagx5.dll
2012-03-17 06:34 . 2001-07-06 17:24	283920	----a-w-	c:\windows\SysWow64\ImagXpr5.dll
2012-03-17 06:34 . 2012-03-17 06:34	--------	d-----w-	c:\program files (x86)\Common Files\Ahead
2012-03-17 06:34 . 2001-07-09 10:50	155648	----a-w-	c:\windows\SysWow64\NeroCheck.exe
2012-03-17 06:33 . 2012-03-17 06:34	--------	d-----w-	c:\program files (x86)\Ahead
2012-03-16 20:09 . 2012-03-16 20:09	--------	d-----w-	c:\program files (x86)\Conduit
2012-03-16 20:09 . 2012-03-20 22:12	--------	d-----w-	c:\users\dell\AppData\Local\Conduit
2012-03-16 20:05 . 2012-03-16 20:09	--------	d-----w-	c:\program files (x86)\uTorrent
2012-03-16 20:03 . 2012-03-29 21:52	--------	d-----w-	c:\users\dell\AppData\Roaming\uTorrent
2012-03-16 18:53 . 2012-03-16 18:53	--------	d-----w-	C:\Multimedia Files
2012-03-16 18:53 . 2012-03-16 18:53	--------	d-----w-	c:\program files (x86)\Microsoft GIF Animator
2012-03-16 18:51 . 2012-03-16 18:51	--------	d-----w-	c:\users\dell\AppData\Roaming\gtk-2.0
2012-03-16 18:50 . 2012-03-16 18:50	--------	d-----w-	c:\users\dell\.thumbnails
2012-03-16 18:38 . 2012-03-27 00:45	--------	d-----w-	c:\users\dell\.gimp-2.6
2012-03-16 18:35 . 2012-03-16 18:36	--------	d-----w-	c:\program files (x86)\GIMP-2.0
2012-03-16 17:25 . 2012-03-13 04:39	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-16 17:25 . 2012-03-13 04:39	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-16 17:22 . 2012-03-16 17:22	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-03-16 17:22 . 2012-03-18 19:48	--------	d-----r-	c:\program files (x86)\Skype
2012-03-14 21:45 . 2012-03-07 00:02	28504	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2012-03-14 21:45 . 2012-03-07 00:02	53080	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-03-14 21:07 . 2012-03-14 21:07	--------	d-----w-	c:\program files (x86)\Trend Micro
2012-03-14 21:05 . 2012-03-14 21:05	--------	d-----w-	c:\windows\system32\MpEngineStore
2012-03-14 16:15 . 2012-03-29 09:16	--------	d-----w-	C:\UwAmp
2012-03-14 15:43 . 2012-03-14 15:43	--------	d-----w-	C:\found.000
2012-03-14 08:01 . 2011-11-19 18:30	5504880	----a-w-	c:\windows\system32
toskrnl.exe
2012-03-14 08:01 . 2011-11-19 14:25	3957616	----a-w-	c:\windows\SysWow64
tkrnlpa.exe
2012-03-14 08:01 . 2011-11-19 14:25	3902320	----a-w-	c:\windows\SysWow64
toskrnl.exe
2012-03-14 07:40 . 2012-02-03 04:16	3143168	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 07:40 . 2012-02-10 06:18	1541120	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 07:40 . 2012-02-10 06:17	320512	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 05:41	1074176	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 07:40 . 2012-02-10 05:41	218624	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 06:17	1837568	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 06:17	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 07:40 . 2012-02-10 05:41	1170944	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 05:41	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-03-14 07:40 . 2012-02-10 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 07:40 . 2012-02-10 05:41	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2012-03-14 07:34 . 2012-01-25 06:27	76288	----a-w-	c:\windows\system32dpwsx.dll
2012-03-14 07:34 . 2012-01-25 06:27	149504	----a-w-	c:\windows\system32dpcorekmts.dll
2012-03-14 07:34 . 2012-01-25 06:20	9216	----a-w-	c:\windows\system32drmemptylst.exe
2012-03-14 07:34 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32dpcore.dll
2012-03-14 07:34 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64dpcore.dll
2012-03-14 07:34 . 2012-02-15 04:47	204800	----a-w-	c:\windows\system32\driversdpwd.sys
2012-03-14 07:34 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers	dtcp.sys
2012-03-13 23:54 . 2012-03-21 11:07	--------	d-----w-	c:\users\UpdatusUser
2012-03-13 23:47 . 2012-03-13 23:58	--------	d-----w-	c:\users\dell\AppData\Roaming\FileZilla
2012-03-13 23:44 . 2012-03-13 23:44	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2012-03-12 17:18 . 2012-03-12 17:18	--------	d-----w-	c:\program files\Microsoft Games
2012-03-12 15:29 . 2012-03-12 15:29	--------	d-----w-	c:\program files (x86)\LaBoiteACouleurs
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Roaming\Thunderbird
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Local\Thunderbird
2012-03-11 22:57 . 2012-03-11 22:57	--------	d-----w-	c:\users\dell\AppData\Roaming\OfficeRecovery
2012-03-09 08:15 . 2012-03-09 08:15	--------	d-----w-	c:\programdata\Symantec
2012-03-09 08:15 . 2012-03-11 23:16	--------	d-----w-	c:\programdata\Norton
2012-03-08 21:54 . 2012-03-08 21:54	--------	d-----w-	c:\users\dell\AppData\Local\DDMSettings
2012-03-08 21:53 . 2012-03-08 21:53	--------	d-----w-	c:\users\dell\AppData\Roaming\DivX
2012-03-08 21:52 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files\DivX
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2012-03-08 21:51 . 2012-03-08 21:53	--------	d-----w-	c:\program files (x86)\DivX
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Roaming\widestream
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Local\widestream6 Air
2012-03-08 20:30 . 2012-03-15 19:54	--------	d-----w-	c:\program files (x86)\Widestream6
2012-03-08 20:30 . 2012-03-08 20:30	--------	d-----w-	c:\program files (x86)\PriceGong
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\program files (x86)\Complitly
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\users\dell\AppData\Roaming\Complitly
2012-03-08 19:58 . 2012-03-08 21:53	--------	d-----w-	c:\programdata\DivX
2012-03-06 10:10 . 2012-03-18 22:51	--------	d-----w-	c:\users\dell\AppData\Local\CCS5
2012-03-06 10:09 . 2012-03-06 10:09	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2012-03-05 13:58 . 2012-03-06 20:33	--------	d-----w-	c:\users\dell\AppData\Local\MediaGet2
2012-03-04 22:20 . 2012-03-04 22:20	--------	d-----w-	c:\users\dell\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-03-04 13:24 . 2012-03-04 13:28	--------	d-----w-	c:\users\dell\AppData\Roaming\Easy Thumbnails
2012-03-04 13:23 . 2012-03-04 13:23	--------	d-----w-	c:\program files (x86)\Easy Thumbnails
2012-03-04 13:16 . 2011-12-21 04:29	548864	----a-w-	c:\program files (x86)\Mozilla Firefox	rzAB40.tmp
2012-03-04 13:16 . 2011-12-21 04:29	626688	----a-w-	c:\program files (x86)\Mozilla Firefox	rz92C0.tmp
2012-03-04 12:56 . 2012-03-04 13:16	--------	d-----w-	c:\users\dell\chat-land
2012-03-04 11:08 . 2012-03-19 14:09	--------	dc-h--w-	c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-04 11:08 . 2012-03-04 11:08	--------	d-----w-	c:\users\dell\AppData\Local\PackageAware
2012-03-01 19:39 . 2012-03-18 22:09	466944	----a-w-	c:\windows\SysWow64\wodSFTP.ocx
2012-03-01 00:28 . 2012-03-01 00:28	--------	d-----w-	c:\program files (x86)\EasyPHP-5.3.9
2012-02-29 22:01 . 2012-03-04 23:43	--------	d-----w-	c:\programdataegid.1986-12.com.adobe
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\users\dell\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Adobe Download Assistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-02-29 19:46 . 2012-02-29 19:48	--------	d-----w-	c:\program files\glassfish-3.1.1
2012-02-29 19:36 . 2012-03-11 23:21	--------	d-----w-	c:\program files\NetBeans 7.1
2012-02-29 19:31 . 2012-02-29 19:32	--------	d-----w-	c:\program files (x86)\Oracle
2012-02-29 19:31 . 2012-02-29 19:31	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-02-29 19:30 . 2012-01-10 12:57	637848	----a-w-	c:\windows\SysWow64
pdeployJava1.dll
2012-02-29 18:57 . 2012-02-29 18:57	--------	d-----w-	c:\users\dell\AppData\Roaming\MySQL
2012-02-29 18:49 . 2012-03-11 23:21	--------	d-----w-	c:\users\dell\.nbi
2012-02-29 18:42 . 2012-03-01 00:22	--------	d-----w-	c:\programdata\MySQL
2012-02-29 12:26 . 2012-02-29 12:26	416064	----a-w-	c:\windows\SysWow64
vStreaming.exe
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 00:15 . 2011-12-08 11:00	41184	----a-w-	c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-12-08 11:00	201352	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2011-12-20 18:13	258520	----a-w-	c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2011-12-08 11:00	819032	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2011-12-08 11:00	337240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:01 . 2011-12-08 11:00	59224	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-12-08 11:00	69976	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2011-12-08 11:00	24408	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-03-01 00:02 . 2011-12-08 10:49	962368	----a-w-	c:\windows\system32
vumdshimx.dll
2012-03-01 00:02 . 2011-12-08 10:49	812352	----a-w-	c:\windows\SysWow64
vumdshim.dll
2012-03-01 00:02 . 2011-12-08 10:49	2660160	----a-w-	c:\windows\system32
vapi64.dll
2012-03-01 00:02 . 2011-12-08 10:49	260416	----a-w-	c:\windows\system32
vinitx.dll
2012-03-01 00:02 . 2011-12-08 10:49	2301248	----a-w-	c:\windows\SysWow64
vapi.dll
2012-03-01 00:02 . 2011-12-08 10:49	215360	----a-w-	c:\windows\SysWow64
vinit.dll
2012-03-01 00:02 . 2011-12-08 10:49	17642816	----a-w-	c:\windows\system32
vd3dumx.dll
2012-03-01 00:02 . 2011-12-08 10:49	1737536	----a-w-	c:\windows\system32
vdispco64.dll
2012-03-01 00:02 . 2011-12-08 10:49	1466176	----a-w-	c:\windows\system32
vgenco64.dll
2012-02-29 21:00 . 2011-12-08 10:49	3089728	----a-w-	c:\windows\system32
vsvc64.dll
2012-02-29 21:00 . 2011-12-08 10:49	6074176	----a-w-	c:\windows\system32
vcpl.dll
2012-02-29 20:59 . 2011-12-08 10:49	889664	----a-w-	c:\windows\system32
vvsvc.exe
2012-02-29 20:59 . 2011-12-08 10:49	63296	----a-w-	c:\windows\system32
vshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	55616	----a-w-	c:\windows\system32
v3dappshextr.dll
2012-02-29 20:59 . 2011-12-08 10:49	2561856	----a-w-	c:\windows\system32
vsvcr.dll
2012-02-29 20:59 . 2011-12-08 10:49	118080	----a-w-	c:\windows\system32
vmctray.dll
2012-02-29 20:59 . 2011-12-08 10:49	849728	----a-w-	c:\windows\system32
v3dappshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	2515790	----a-w-	c:\windows\system32
vcoproc.bin
2012-02-23 08:18 . 2011-12-08 13:34	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-20 00:28 . 2011-12-10 07:40	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 12:57 . 2011-12-21 10:29	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-01-06 21:53 . 2012-01-06 21:53	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\system32	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	63488	----a-w-	c:\windows\SysWow64	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	448512	----a-w-	c:\windows\system32\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	222208	----a-w-	c:\windows\system32\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	160256	----a-w-	c:\windows\system32\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	12288	----a-w-	c:\windows\system32\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	114176	----a-w-	c:\windows\system32\admparse.dll
2012-01-06 21:53 . 2012-01-06 21:53	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-01-06 21:50 . 2012-01-06 21:50	982912	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-01-06 21:50 . 2012-01-06 21:50	4068864	----a-w-	c:\windows\system32\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	3181568	----a-w-	c:\windows\SysWow64\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	265088	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-01-06 21:50 . 2012-01-06 21:50	257024	----a-w-	c:\windows\system32\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	229888	----a-w-	c:\windows\system32\XpsRasterService.dll
2012-01-06 21:50 . 2012-01-06 21:50	206848	----a-w-	c:\windows\system32\mfps.dll
2012-01-06 21:50 . 2012-01-06 21:50	196608	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	1888256	----a-w-	c:\windows\system32\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1863680	----a-w-	c:\windows\system32\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	1619456	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1495040	----a-w-	c:\windows\SysWow64\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	144384	----a-w-	c:\windows\system32\cdd.dll
2012-01-06 21:50 . 2012-01-06 21:50	135168	----a-w-	c:\windows\SysWow64\XpsRasterService.dll
2012-01-04 09:58 . 2012-02-19 18:24	509952	----a-w-	c:\windows\system32
tshrui.dll
2012-01-04 09:03 . 2012-02-19 18:24	442880	----a-w-	c:\windows\SysWow64
tshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48	354176	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2012-01-03 06:24 . 2012-02-19 18:22	515584	----a-w-	c:\windows\system32	imedate.cpl
2012-01-03 05:44 . 2012-02-19 18:22	478208	----a-w-	c:\windows\SysWow64	imedate.cpl
.
.
(((((((((((((((((((((((((((((   SnapShot_2012-03-19_13.51.05   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-03-29 21:38	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-19 12:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-29 21:38	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-19 12:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-29 21:38	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-19 12:04	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-08 13:40 . 2012-03-20 21:55	61778              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-20 21:55	32176              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:30 . 2012-03-23 16:34	86016              c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-03-16 16:50	86016              c:\windows\system32\DriverStore\infpub.dat
+ 2011-12-08 10:05 . 2012-03-29 09:44	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-08 10:05 . 2012-02-02 19:21	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-08 10:05 . 2012-03-29 09:44	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-12-08 10:05 . 2012-02-02 19:21	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-29 09:44	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-02 19:21	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-28 22:46 . 2012-03-28 22:46	25600              c:\windows\Installer\11bf0d1.msi
+ 2012-03-20 00:17 . 2012-03-20 00:17	66956              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCall.dll
+ 2012-03-07 00:42 . 2012-03-20 01:25	3334              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-12-08 11:04 . 2012-03-20 21:55	9658              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3358886915-3420025041-2136404748-1000_UserData.bin
+ 2012-03-23 21:48 . 2012-03-23 21:48	9560              c:\windows\system32\NetworkList\Icons\{7C70BE99-804B-4DA6-AF0F-A7999F5AAB4C}_48.bin
+ 2012-03-23 21:48 . 2012-03-23 21:48	4280              c:\windows\system32\NetworkList\Icons\{7C70BE99-804B-4DA6-AF0F-A7999F5AAB4C}_32.bin
+ 2012-03-23 21:48 . 2012-03-23 21:48	2456              c:\windows\system32\NetworkList\Icons\{7C70BE99-804B-4DA6-AF0F-A7999F5AAB4C}_24.bin
+ 2011-12-08 11:01 . 2012-03-29 21:36	1956              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-03-29 21:37 . 2012-03-29 21:37	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-19 12:03 . 2012-03-19 12:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-19 12:03 . 2012-03-19 12:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-29 21:37 . 2012-03-29 21:37	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-08 12:32 . 2012-03-19 20:56	300382              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 15:24 . 2012-03-29 21:42	706326              c:\windows\system32\perfh00C.dat
- 2009-07-14 15:24 . 2012-03-19 13:27	706326              c:\windows\system32\perfh00C.dat
- 2009-07-14 02:36 . 2012-03-19 13:27	616546              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-29 21:42	616546              c:\windows\system32\perfh009.dat
- 2009-07-14 15:24 . 2012-03-19 13:27	131388              c:\windows\system32\perfc00C.dat
+ 2009-07-14 15:24 . 2012-03-29 21:42	131388              c:\windows\system32\perfc00C.dat
+ 2009-07-14 02:36 . 2012-03-29 21:42	106926              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-19 13:27	106926              c:\windows\system32\perfc009.dat
+ 2009-07-14 05:30 . 2012-03-23 16:34	143360              c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-03-16 16:50	143360              c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-03-16 16:50	143360              c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-03-23 08:45	143360              c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:01 . 2012-03-19 10:10	385508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-29 21:36	385508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-20 00:17 . 2012-03-20 00:17	189844              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla36.exe
+ 2012-03-20 00:17 . 2012-03-20 00:17	175992              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla34.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	176035              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla33.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	176545              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla32.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	184966              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla31.exe
+ 2012-03-20 00:17 . 2012-03-20 00:17	189750              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla21.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	176035              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla2.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	179526              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla.dll
+ 2011-12-08 11:01 . 2012-03-23 09:30	1254376              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-12-20 23:56 . 2012-03-29 21:36	5506489              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3358886915-3420025041-2136404748-1000-8192.dat
+ 2011-12-20 23:56 . 2012-03-29 21:36	5372360              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3358886915-3420025041-2136404748-1000-12288.dat
- 2009-07-14 02:34 . 2012-03-19 13:11	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-03-29 21:51	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
-- Instantané actualisé --
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files (x86)\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]
.
c:\users\dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64
vinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversionun-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2010-12-17 53920]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R4 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R4 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000Core.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000UA.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15	135408	----a-w-	c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32
vinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yvy6l7n1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-03-30  00:21:18
ComboFix-quarantined-files.txt  2012-03-29 22:21
ComboFix2.txt  2012-03-20 22:31
ComboFix3.txt  2012-03-19 14:01
ComboFix4.txt  2012-03-14 21:20
.
Avant-CF: 30 338 809 856 octets libres
Après-CF: 30 292 283 392 octets libres
.
- - End Of File - - 7072DB0561D2FD7F793B32C281B64D4E

chewb · Answer

Tu devrais essayer de désinstaller tous les antivirus, pour n'en garder qu'un seul (MSE est léger). 

Pas bon d'en avoir plusieurs sur la même bécanne ...

g3n-h@ckm@n · Answer

▶ Télécharge Dr Web CureIt sur ton Bureau : ▶ redemarre en mode sans échec ▶- Double clique (clic droit "en tant qu'admin" sous Vista) et ensuite clique sur ; ▶- Clique à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton . Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X". ▶- Lorsque le scan rapide est terminé, clique sur le menu puis ; Choisis l'onglet , et décoche . Clique ensuite sur . ▶- De retour à la fenêtre principale : clique pour activer selectionne tous les disques ▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera. ▶- Clique pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter". ▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône , au dessous, et choisis . ▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu et choisis . Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv ▶-pour le rapport tu l enregistres sur ton bureau , tu clic droit dessus /envoyer vers / dossiers compresses ensuite : héberge l'archive sur http://pjjoint.malekal.com et donne le lien obtenu ▶- Ferme Dr.Web Cureit ▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).

dali0807 · Answer

Merci chewb pour ta réponse,
j'ai un seul antivirus installé qui est avast, Windows defender est installé sur ma machine virtuelle XP Mode.

dali0807 · Answer

j'ai fait un scan avec Dr Web CureIt mais il n'a rien détecté, déjà c'est pas la première fois que je scanne mon pc avec des antivirus différents
je pense que ce virus qui attaque les fichiers .dll et .exe a joué sur mes fichiers systèmes, heureusement j'ai pu créer un cd de réparation chez un ami qui a le même système et je pense que les choses vont mieux maintenant.

mais j'avoue qu'après les manips de aloes j'ai remarqué des améliorations donc merci pour vous tous

g3n-h@ckm@n · Answer

je comprends pas tu as reformaté ?

si le virus que tu avais est bien celui que tu dis , il resiste au formatage donc c'etait inutile

dali0807 · Answer

non j'ai pas formaté mais juste j'ai fais une réparation du système avec un cd de récupération de Windows 7

le virus est désinfecté mais ces dégâts qui peut être restent encore, généralement après une infection par ce virus une réinstallation du système peut être nécessaire mais j'ai pu le supprimer avant qu'il endommage tout le système.

maintenant je vois que le système est en bon état mais est ce que ce que j'ai fais a résolu le problème? j'en suis pas sûr car après les correctifs de aloes  j'ai remarqué que le pc est moins lent qu'avant

g3n-h@ckm@n · Answer

juste une question...

tu passes combofix une fois par semaine sur ton pc ??????

dali0807 · Answer

non, je ne l'ai jamais exécuté sauf après cette infection mais j'ai rien compris à ce moment !!

vois tu quelque chose d'anormale dans le rapport ?

g3n-h@ckm@n · Answer

ComboFix2.txt 2012-03-20 22:31
ComboFix3.txt 2012-03-19 14:01
ComboFix4.txt 2012-03-14 21:20

dali0807 · Answer

oui c'est vrai tous ces vérifications sont faites après l'infection, j'ai fait des recherches sur les forums et j'ai remarqué qu'à chaque fois ComboFix est demandé donc j'ai tout simplement essayé :), déjà ça fait longtemps que je cherche une solution à mon problème.

g3n-h@ckm@n · Answer

bien je voudrais donc bien lire ces rapports

dali0807 · Answer

où je peux les trouver ?

g3n-h@ckm@n · Answer

dans c:\ , ou dans c:\qoobox

poste le rapport quarantinedFiles aussi si tu peux

dali0807 · Answer

voici les 3 rapports :

rapport 1 :


ComboFix 12-03-14.01 - dell 20/03/2012  23:26:35.3.8 - x64 MINIMAL
Microsoft Windows 7 Professionnel   6.1.7600.0.1252.33.1036.18.6051.5256 [GMT 1:00]
Lancé depuis: h:\logiciel\Antivirus\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
- Mode FONCTIONNALITES REDUITES -
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-02-20 au 2012-03-20  ))))))))))))))))))))))))))))))))))))
.
.
2012-03-20 22:29 . 2012-03-20 22:29	--------	d-----w-	c:\users\Default\AppData\Local	emp
2012-03-20 15:01 . 2012-03-20 15:01	--------	d-----w-	c:\users\dell\AppData\Roaming\vlc
2012-03-20 15:00 . 2012-03-20 15:00	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-03-20 00:27 . 2012-03-20 00:27	--------	d-----w-	c:\users\dell\AppData\Roaming\Malwarebytes
2012-03-20 00:27 . 2012-03-20 00:27	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-20 00:12 . 2012-03-20 00:12	--------	d-----w-	c:\program files (x86)\ESET
2012-03-19 23:55 . 2012-03-20 00:17	--------	d-----w-	C:\sh4ldr
2012-03-19 23:55 . 2012-03-19 23:55	--------	d-----w-	c:\program files\Enigma Software Group
2012-03-19 23:54 . 2012-03-20 00:17	--------	d-----w-	c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-03-19 23:54 . 2012-03-19 23:54	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2012-03-19 14:25 . 2012-03-19 14:25	--------	d-----w-	c:\users\dell\DoctorWeb
2012-03-19 14:10 . 2012-03-19 14:10	--------	d-----w-	C:\Kaspersky
2012-03-19 13:31 . 2012-03-19 13:31	--------	d-----w-	c:\program files (x86)\Common Files\Bitdefender
2012-03-18 22:08 . 2012-03-18 22:10	--------	d-----w-	c:\program files (x86)\CodeChargeStudio5
2012-03-18 16:05 . 2012-03-18 16:05	--------	d-----w-	C:\avast! sandbox
2012-03-18 11:49 . 2012-03-18 11:50	--------	d-----w-	C:\572a75784fab8ddca397351eabc13aa0
2012-03-18 11:40 . 2012-03-20 15:02	--------	d-----w-	c:\users\dell\AppData\Local\ElevatedDiagnostics
2012-03-17 06:36 . 2012-03-17 06:36	--------	d-----w-	c:\users\dell\AppData\Roaming\Ahead
2012-03-17 06:34 . 2000-06-26 10:45	106496	----a-w-	c:\windows\SysWow64\TwnLib20.dll
2012-03-17 06:34 . 2001-06-26 07:15	38912	----a-w-	c:\windows\SysWow64\picn20.dll
2012-03-17 06:34 . 2001-07-06 13:41	569344	----a-w-	c:\windows\SysWow64\imagr5.dll
2012-03-17 06:34 . 2001-07-06 11:44	544768	----a-w-	c:\windows\SysWow64\imagx5.dll
2012-03-17 06:34 . 2001-07-06 17:24	283920	----a-w-	c:\windows\SysWow64\ImagXpr5.dll
2012-03-17 06:34 . 2012-03-17 06:34	--------	d-----w-	c:\program files (x86)\Common Files\Ahead
2012-03-17 06:34 . 2001-07-09 10:50	155648	----a-w-	c:\windows\SysWow64\NeroCheck.exe
2012-03-17 06:33 . 2012-03-17 06:34	--------	d-----w-	c:\program files (x86)\Ahead
2012-03-16 20:09 . 2012-03-16 20:09	--------	d-----w-	c:\program files (x86)\Conduit
2012-03-16 20:09 . 2012-03-20 22:12	--------	d-----w-	c:\users\dell\AppData\Local\Conduit
2012-03-16 20:05 . 2012-03-16 20:09	--------	d-----w-	c:\program files (x86)\uTorrent
2012-03-16 20:03 . 2012-03-17 12:51	--------	d-----w-	c:\users\dell\AppData\Roaming\uTorrent
2012-03-16 19:57 . 2012-02-08 07:13	8643640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0451A3C-E57A-49C2-BDC5-944ADC262C33}\mpengine.dll
2012-03-16 18:53 . 2012-03-16 18:53	--------	d-----w-	C:\Multimedia Files
2012-03-16 18:53 . 2012-03-16 18:53	--------	d-----w-	c:\program files (x86)\Microsoft GIF Animator
2012-03-16 18:51 . 2012-03-16 18:51	--------	d-----w-	c:\users\dell\AppData\Roaming\gtk-2.0
2012-03-16 18:50 . 2012-03-16 18:50	--------	d-----w-	c:\users\dell\.thumbnails
2012-03-16 18:38 . 2012-03-16 23:51	--------	d-----w-	c:\users\dell\.gimp-2.6
2012-03-16 18:35 . 2012-03-16 18:36	--------	d-----w-	c:\program files (x86)\GIMP-2.0
2012-03-16 17:25 . 2012-03-13 04:39	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-16 17:25 . 2012-03-13 04:39	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-16 17:22 . 2012-03-16 17:22	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-03-16 17:22 . 2012-03-18 19:48	--------	d-----r-	c:\program files (x86)\Skype
2012-03-14 21:45 . 2012-03-07 00:02	28504	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2012-03-14 21:45 . 2012-03-07 00:02	53080	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-03-14 21:07 . 2012-03-14 21:07	--------	d-----w-	c:\program files (x86)\Trend Micro
2012-03-14 21:05 . 2012-03-14 21:05	--------	d-----w-	c:\windows\system32\MpEngineStore
2012-03-14 16:15 . 2012-03-14 16:22	--------	d-----w-	C:\UwAmp
2012-03-14 15:43 . 2012-03-14 15:43	--------	d-----w-	C:\found.000
2012-03-14 08:01 . 2011-11-19 18:30	5504880	----a-w-	c:\windows\system32
toskrnl.exe
2012-03-14 08:01 . 2011-11-19 14:25	3957616	----a-w-	c:\windows\SysWow64
tkrnlpa.exe
2012-03-14 08:01 . 2011-11-19 14:25	3902320	----a-w-	c:\windows\SysWow64
toskrnl.exe
2012-03-14 07:40 . 2012-02-03 04:16	3143168	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 07:40 . 2012-02-10 06:18	1541120	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 07:40 . 2012-02-10 06:17	320512	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 05:41	1074176	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 07:40 . 2012-02-10 05:41	218624	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 06:17	1837568	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 06:17	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 07:40 . 2012-02-10 05:41	1170944	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 05:41	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-03-14 07:40 . 2012-02-10 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 07:40 . 2012-02-10 05:41	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2012-03-14 07:34 . 2012-01-25 06:27	76288	----a-w-	c:\windows\system32dpwsx.dll
2012-03-14 07:34 . 2012-01-25 06:27	149504	----a-w-	c:\windows\system32dpcorekmts.dll
2012-03-14 07:34 . 2012-01-25 06:20	9216	----a-w-	c:\windows\system32drmemptylst.exe
2012-03-14 07:34 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32dpcore.dll
2012-03-14 07:34 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64dpcore.dll
2012-03-14 07:34 . 2012-02-15 04:47	204800	----a-w-	c:\windows\system32\driversdpwd.sys
2012-03-14 07:34 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers	dtcp.sys
2012-03-13 23:54 . 2012-03-19 09:56	--------	d-----w-	c:\users\UpdatusUser
2012-03-13 23:47 . 2012-03-13 23:58	--------	d-----w-	c:\users\dell\AppData\Roaming\FileZilla
2012-03-13 23:44 . 2012-03-13 23:44	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2012-03-12 17:18 . 2012-03-12 17:18	--------	d-----w-	c:\program files\Microsoft Games
2012-03-12 15:29 . 2012-03-12 15:29	--------	d-----w-	c:\program files (x86)\LaBoiteACouleurs
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Roaming\Thunderbird
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Local\Thunderbird
2012-03-11 22:57 . 2012-03-11 22:57	--------	d-----w-	c:\users\dell\AppData\Roaming\OfficeRecovery
2012-03-09 08:15 . 2012-03-09 08:15	--------	d-----w-	c:\programdata\Symantec
2012-03-09 08:15 . 2012-03-11 23:16	--------	d-----w-	c:\programdata\Norton
2012-03-08 21:54 . 2012-03-08 21:54	--------	d-----w-	c:\users\dell\AppData\Local\DDMSettings
2012-03-08 21:53 . 2012-03-08 21:53	--------	d-----w-	c:\users\dell\AppData\Roaming\DivX
2012-03-08 21:52 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files\DivX
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2012-03-08 21:51 . 2012-03-08 21:53	--------	d-----w-	c:\program files (x86)\DivX
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Roaming\widestream
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Local\widestream6 Air
2012-03-08 20:30 . 2012-03-15 19:54	--------	d-----w-	c:\program files (x86)\Widestream6
2012-03-08 20:30 . 2012-03-08 20:30	--------	d-----w-	c:\program files (x86)\PriceGong
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\program files (x86)\Complitly
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\users\dell\AppData\Roaming\Complitly
2012-03-08 19:58 . 2012-03-08 21:53	--------	d-----w-	c:\programdata\DivX
2012-03-06 10:10 . 2012-03-18 22:51	--------	d-----w-	c:\users\dell\AppData\Local\CCS5
2012-03-06 10:09 . 2012-03-06 10:09	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2012-03-05 13:58 . 2012-03-06 20:33	--------	d-----w-	c:\users\dell\AppData\Local\MediaGet2
2012-03-04 22:20 . 2012-03-04 22:20	--------	d-----w-	c:\users\dell\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-03-04 13:24 . 2012-03-04 13:28	--------	d-----w-	c:\users\dell\AppData\Roaming\Easy Thumbnails
2012-03-04 13:23 . 2012-03-04 13:23	--------	d-----w-	c:\program files (x86)\Easy Thumbnails
2012-03-04 13:16 . 2011-12-21 04:29	548864	----a-w-	c:\program files (x86)\Mozilla Firefox	rzAB40.tmp
2012-03-04 13:16 . 2011-12-21 04:29	626688	----a-w-	c:\program files (x86)\Mozilla Firefox	rz92C0.tmp
2012-03-04 12:56 . 2012-03-04 13:16	--------	d-----w-	c:\users\dell\chat-land
2012-03-04 11:08 . 2012-03-19 14:09	--------	dc-h--w-	c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-04 11:08 . 2012-03-04 11:08	--------	d-----w-	c:\users\dell\AppData\Local\PackageAware
2012-03-01 19:39 . 2012-03-18 22:09	466944	----a-w-	c:\windows\SysWow64\wodSFTP.ocx
2012-03-01 00:28 . 2012-03-01 00:28	--------	d-----w-	c:\program files (x86)\EasyPHP-5.3.9
2012-02-29 22:01 . 2012-03-04 23:43	--------	d-----w-	c:\programdataegid.1986-12.com.adobe
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\users\dell\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Adobe Download Assistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-02-29 19:46 . 2012-02-29 19:48	--------	d-----w-	c:\program files\glassfish-3.1.1
2012-02-29 19:36 . 2012-03-11 23:21	--------	d-----w-	c:\program files\NetBeans 7.1
2012-02-29 19:31 . 2012-02-29 19:32	--------	d-----w-	c:\program files (x86)\Oracle
2012-02-29 19:31 . 2012-02-29 19:31	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-02-29 19:30 . 2012-01-10 12:57	637848	----a-w-	c:\windows\SysWow64
pdeployJava1.dll
2012-02-29 18:57 . 2012-02-29 18:57	--------	d-----w-	c:\users\dell\AppData\Roaming\MySQL
2012-02-29 18:49 . 2012-03-11 23:21	--------	d-----w-	c:\users\dell\.nbi
2012-02-29 18:42 . 2012-03-01 00:22	--------	d-----w-	c:\programdata\MySQL
2012-02-29 12:26 . 2012-02-29 12:26	416064	----a-w-	c:\windows\SysWow64
vStreaming.exe
2012-02-22 19:31 . 2012-02-22 19:31	--------	d-----w-	c:\program files (x86)\WebZIP 6
2012-02-22 01:05 . 2012-02-22 01:10	--------	d-----w-	c:\users\dell\AppData\Roaming\Notepad++
2012-02-22 01:05 . 2012-02-22 01:05	--------	d-----w-	c:\program files (x86)\Notepad++
2012-02-22 00:37 . 2012-02-22 00:37	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\windows\PCHEALTH
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-02-22 00:33 . 2012-02-22 00:34	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 00:15 . 2011-12-08 11:00	41184	----a-w-	c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-12-08 11:00	201352	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2011-12-20 18:13	258520	----a-w-	c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2011-12-08 11:00	819032	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2011-12-08 11:00	337240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:01 . 2011-12-08 11:00	59224	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-12-08 11:00	69976	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2011-12-08 11:00	24408	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-03-01 00:02 . 2011-12-08 10:49	962368	----a-w-	c:\windows\system32
vumdshimx.dll
2012-03-01 00:02 . 2011-12-08 10:49	812352	----a-w-	c:\windows\SysWow64
vumdshim.dll
2012-03-01 00:02 . 2011-12-08 10:49	2660160	----a-w-	c:\windows\system32
vapi64.dll
2012-03-01 00:02 . 2011-12-08 10:49	260416	----a-w-	c:\windows\system32
vinitx.dll
2012-03-01 00:02 . 2011-12-08 10:49	2301248	----a-w-	c:\windows\SysWow64
vapi.dll
2012-03-01 00:02 . 2011-12-08 10:49	215360	----a-w-	c:\windows\SysWow64
vinit.dll
2012-03-01 00:02 . 2011-12-08 10:49	17642816	----a-w-	c:\windows\system32
vd3dumx.dll
2012-03-01 00:02 . 2011-12-08 10:49	1737536	----a-w-	c:\windows\system32
vdispco64.dll
2012-03-01 00:02 . 2011-12-08 10:49	1466176	----a-w-	c:\windows\system32
vgenco64.dll
2012-02-29 21:00 . 2011-12-08 10:49	3089728	----a-w-	c:\windows\system32
vsvc64.dll
2012-02-29 21:00 . 2011-12-08 10:49	6074176	----a-w-	c:\windows\system32
vcpl.dll
2012-02-29 20:59 . 2011-12-08 10:49	889664	----a-w-	c:\windows\system32
vvsvc.exe
2012-02-29 20:59 . 2011-12-08 10:49	63296	----a-w-	c:\windows\system32
vshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	55616	----a-w-	c:\windows\system32
v3dappshextr.dll
2012-02-29 20:59 . 2011-12-08 10:49	2561856	----a-w-	c:\windows\system32
vsvcr.dll
2012-02-29 20:59 . 2011-12-08 10:49	118080	----a-w-	c:\windows\system32
vmctray.dll
2012-02-29 20:59 . 2011-12-08 10:49	849728	----a-w-	c:\windows\system32
v3dappshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	2515790	----a-w-	c:\windows\system32
vcoproc.bin
2012-02-23 08:18 . 2011-12-08 13:34	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-20 00:28 . 2011-12-10 07:40	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 12:57 . 2011-12-21 10:29	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-01-06 21:53 . 2012-01-06 21:53	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\system32	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	63488	----a-w-	c:\windows\SysWow64	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	448512	----a-w-	c:\windows\system32\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	222208	----a-w-	c:\windows\system32\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	160256	----a-w-	c:\windows\system32\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	12288	----a-w-	c:\windows\system32\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	114176	----a-w-	c:\windows\system32\admparse.dll
2012-01-06 21:53 . 2012-01-06 21:53	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-01-06 21:50 . 2012-01-06 21:50	982912	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-01-06 21:50 . 2012-01-06 21:50	4068864	----a-w-	c:\windows\system32\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	3181568	----a-w-	c:\windows\SysWow64\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	265088	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-01-06 21:50 . 2012-01-06 21:50	257024	----a-w-	c:\windows\system32\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	229888	----a-w-	c:\windows\system32\XpsRasterService.dll
2012-01-06 21:50 . 2012-01-06 21:50	206848	----a-w-	c:\windows\system32\mfps.dll
2012-01-06 21:50 . 2012-01-06 21:50	196608	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	1888256	----a-w-	c:\windows\system32\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1863680	----a-w-	c:\windows\system32\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	1619456	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1495040	----a-w-	c:\windows\SysWow64\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	144384	----a-w-	c:\windows\system32\cdd.dll
2012-01-06 21:50 . 2012-01-06 21:50	135168	----a-w-	c:\windows\SysWow64\XpsRasterService.dll
2012-01-04 09:58 . 2012-02-19 18:24	509952	----a-w-	c:\windows\system32
tshrui.dll
2012-01-04 09:03 . 2012-02-19 18:24	442880	----a-w-	c:\windows\SysWow64
tshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48	354176	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2012-01-03 06:24 . 2012-02-19 18:22	515584	----a-w-	c:\windows\system32	imedate.cpl
2012-01-03 05:44 . 2012-02-19 18:22	478208	----a-w-	c:\windows\SysWow64	imedate.cpl
2011-12-28 03:59 . 2012-02-19 18:16	499200	----a-w-	c:\windows\system32\drivers\afd.sys
2011-12-24 09:59 . 2011-12-24 09:59	95110	----a-w-	c:\windows\Uninstal.exe
.
.
(((((((((((((((((((((((((((((   SnapShot_2012-03-19_13.51.05   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-03-20 21:53	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-19 12:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-19 12:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-20 21:53	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-19 12:04	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-20 21:53	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-08 13:40 . 2012-03-20 21:55	61778              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-20 21:55	32176              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-20 00:17 . 2012-03-20 00:17	66956              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCall.dll
+ 2012-03-07 00:42 . 2012-03-20 01:25	3334              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-12-08 11:04 . 2012-03-20 21:55	9658              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3358886915-3420025041-2136404748-1000_UserData.bin
- 2012-03-19 12:03 . 2012-03-19 12:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-20 22:21 . 2012-03-20 22:21	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-19 12:03 . 2012-03-19 12:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-20 22:21 . 2012-03-20 22:21	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-08 12:32 . 2012-03-19 20:56	300382              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 15:24 . 2012-03-20 22:25	704242              c:\windows\system32\perfh00C.dat
+ 2009-07-14 02:36 . 2012-03-20 22:25	615810              c:\windows\system32\perfh009.dat
+ 2009-07-14 15:24 . 2012-03-20 22:25	130548              c:\windows\system32\perfc00C.dat
+ 2009-07-14 02:36 . 2012-03-20 22:25	106190              c:\windows\system32\perfc009.dat
- 2011-12-08 11:01 . 2012-03-09 11:59	814336              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-12-08 11:01 . 2012-03-20 15:14	814336              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-03-20 22:19	385508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-19 10:10	385508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-20 00:17 . 2012-03-20 00:17	189844              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla36.exe
+ 2012-03-20 00:17 . 2012-03-20 00:17	175992              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla34.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	176035              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla33.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	176545              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla32.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	184966              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla31.exe
+ 2012-03-20 00:17 . 2012-03-20 00:17	189750              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla21.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	176035              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla2.dll
+ 2012-03-20 00:17 . 2012-03-20 00:17	179526              c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP\WiseCustomCalla.dll
+ 2011-12-20 23:56 . 2012-03-20 22:19	5506489              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3358886915-3420025041-2136404748-1000-8192.dat
+ 2011-12-20 23:56 . 2012-03-20 22:19	5372360              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3358886915-3420025041-2136404748-1000-12288.dat
- 2009-07-14 02:34 . 2012-03-19 13:11	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-03-20 15:07	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files (x86)\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
usb3mon.exe" [2010-11-17 113288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64
vinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversionun-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R1 aswKbd;aswKbd; [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 nvkflt;nvkflt;c:\windows\system32\DRIVERS
vkflt.sys [x]
R1 tudnrkib;tudnrkib;c:\windows\system32\drivers	udnrkib.sys [x]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2010-12-17 53920]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe [2012-02-29 382272]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-13 2028864]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
vhda64v.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
vpciflt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
usb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
usb3xhc.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000Core.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000UA.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15	135408	----a-w-	c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2010-12-17 613536]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2010-12-17 379040]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32
vinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
FF - ProfilePath - c:\users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yvy6l7n1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-03-20  23:31:17
ComboFix-quarantined-files.txt  2012-03-20 22:31
ComboFix2.txt  2012-03-19 14:01
ComboFix3.txt  2012-03-14 21:20
.
Avant-CF: 29 971 566 592 octets libres
Après-CF: 29 549 686 784 octets libres
.
- - End Of File - - 0B8017BA28440559611117D7EF6AAF0A

dali0807 · Answer

rapport 2 :


ComboFix 12-03-14.01 - dell 19/03/2012  14:35:44.2.8 - x64
Microsoft Windows 7 Professionnel   6.1.7600.0.1252.33.1036.18.6051.3901 [GMT 1:00]
Lancé depuis: h:\logiciel\Antivirus\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\logboot_19.03.2012.tureg.log
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-02-19 au 2012-03-19  ))))))))))))))))))))))))))))))))))))
.
.
2012-03-19 13:50 . 2012-03-19 13:50	--------	d-----w-	c:\users\Default\AppData\Local	emp
2012-03-19 13:43 . 2012-03-19 13:44	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0451A3C-E57A-49C2-BDC5-944ADC262C33}\offreg.dll
2012-03-19 13:31 . 2012-03-19 13:31	--------	d-----w-	c:\program files (x86)\Common Files\Bitdefender
2012-03-18 22:08 . 2012-03-18 22:10	--------	d-----w-	c:\program files (x86)\CodeChargeStudio5
2012-03-18 11:49 . 2012-03-18 11:50	--------	d-----w-	C:\572a75784fab8ddca397351eabc13aa0
2012-03-18 11:40 . 2012-03-18 11:40	--------	d-----w-	c:\users\dell\AppData\Local\ElevatedDiagnostics
2012-03-17 06:36 . 2012-03-17 06:36	--------	d-----w-	c:\users\dell\AppData\Roaming\Ahead
2012-03-17 06:34 . 2000-06-26 10:45	106496	----a-w-	c:\windows\SysWow64\TwnLib20.dll
2012-03-17 06:34 . 2001-06-26 07:15	38912	----a-w-	c:\windows\SysWow64\picn20.dll
2012-03-17 06:34 . 2001-07-06 13:41	569344	----a-w-	c:\windows\SysWow64\imagr5.dll
2012-03-17 06:34 . 2001-07-06 11:44	544768	----a-w-	c:\windows\SysWow64\imagx5.dll
2012-03-17 06:34 . 2001-07-06 17:24	283920	----a-w-	c:\windows\SysWow64\ImagXpr5.dll
2012-03-17 06:34 . 2012-03-17 06:34	--------	d-----w-	c:\program files (x86)\Common Files\Ahead
2012-03-17 06:34 . 2001-07-09 10:50	155648	----a-w-	c:\windows\SysWow64\NeroCheck.exe
2012-03-17 06:33 . 2012-03-17 06:34	--------	d-----w-	c:\program files (x86)\Ahead
2012-03-16 20:09 . 2012-03-16 20:09	--------	d-----w-	c:\program files (x86)\Conduit
2012-03-16 20:09 . 2012-03-16 20:09	--------	d-----w-	c:\users\dell\AppData\Local\Conduit
2012-03-16 20:05 . 2012-03-16 20:09	--------	d-----w-	c:\program files (x86)\uTorrent
2012-03-16 20:03 . 2012-03-17 12:51	--------	d-----w-	c:\users\dell\AppData\Roaming\uTorrent
2012-03-16 19:57 . 2012-02-08 07:13	8643640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0451A3C-E57A-49C2-BDC5-944ADC262C33}\mpengine.dll
2012-03-16 19:48 . 2012-03-16 19:48	--------	d-----w-	c:\program files\MySQL
2012-03-16 19:36 . 2012-03-16 19:36	--------	d-----w-	c:\program files (x86)\MySQL
2012-03-16 18:53 . 2012-03-16 18:53	--------	d-----w-	C:\Multimedia Files
2012-03-16 18:53 . 2012-03-16 18:53	--------	d-----w-	c:\program files (x86)\Microsoft GIF Animator
2012-03-16 18:51 . 2012-03-16 18:51	--------	d-----w-	c:\users\dell\AppData\Roaming\gtk-2.0
2012-03-16 18:50 . 2012-03-16 18:50	--------	d-----w-	c:\users\dell\.thumbnails
2012-03-16 18:38 . 2012-03-16 23:51	--------	d-----w-	c:\users\dell\.gimp-2.6
2012-03-16 18:35 . 2012-03-16 18:36	--------	d-----w-	c:\program files (x86)\GIMP-2.0
2012-03-16 17:25 . 2012-03-13 04:39	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-16 17:25 . 2012-03-13 04:39	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-16 17:22 . 2012-03-16 17:22	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-03-16 17:22 . 2012-03-18 19:48	--------	d-----r-	c:\program files (x86)\Skype
2012-03-14 21:45 . 2012-03-07 00:02	28504	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2012-03-14 21:45 . 2012-03-07 00:02	53080	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-03-14 21:07 . 2012-03-14 21:07	--------	d-----w-	c:\program files (x86)\Trend Micro
2012-03-14 21:05 . 2012-03-14 21:05	--------	d-----w-	c:\windows\system32\MpEngineStore
2012-03-14 16:15 . 2012-03-14 16:22	--------	d-----w-	C:\UwAmp
2012-03-14 15:43 . 2012-03-14 15:43	--------	d-----w-	C:\found.000
2012-03-14 08:01 . 2011-11-19 18:30	5504880	----a-w-	c:\windows\system32
toskrnl.exe
2012-03-14 08:01 . 2011-11-19 14:25	3957616	----a-w-	c:\windows\SysWow64
tkrnlpa.exe
2012-03-14 08:01 . 2011-11-19 14:25	3902320	----a-w-	c:\windows\SysWow64
toskrnl.exe
2012-03-14 07:40 . 2012-02-03 04:16	3143168	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 07:40 . 2012-02-10 06:18	1541120	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 07:40 . 2012-02-10 06:17	320512	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 05:41	1074176	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 07:40 . 2012-02-10 05:41	218624	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 06:17	1837568	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 06:17	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 07:40 . 2012-02-10 05:41	1170944	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 05:41	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-03-14 07:40 . 2012-02-10 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 07:40 . 2012-02-10 05:41	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2012-03-14 07:34 . 2012-01-25 06:27	76288	----a-w-	c:\windows\system32dpwsx.dll
2012-03-14 07:34 . 2012-01-25 06:27	149504	----a-w-	c:\windows\system32dpcorekmts.dll
2012-03-14 07:34 . 2012-01-25 06:20	9216	----a-w-	c:\windows\system32drmemptylst.exe
2012-03-14 07:34 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32dpcore.dll
2012-03-14 07:34 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64dpcore.dll
2012-03-14 07:34 . 2012-02-15 04:47	204800	----a-w-	c:\windows\system32\driversdpwd.sys
2012-03-14 07:34 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers	dtcp.sys
2012-03-13 23:54 . 2012-03-19 09:56	--------	d-----w-	c:\users\UpdatusUser
2012-03-13 23:47 . 2012-03-13 23:58	--------	d-----w-	c:\users\dell\AppData\Roaming\FileZilla
2012-03-13 23:44 . 2012-03-13 23:44	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2012-03-12 17:18 . 2012-03-12 17:18	--------	d-----w-	c:\program files\Microsoft Games
2012-03-12 15:29 . 2012-03-12 15:29	--------	d-----w-	c:\program files (x86)\LaBoiteACouleurs
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Roaming\Thunderbird
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Local\Thunderbird
2012-03-11 22:57 . 2012-03-11 22:57	--------	d-----w-	c:\users\dell\AppData\Roaming\OfficeRecovery
2012-03-09 08:15 . 2012-03-09 08:15	--------	d-----w-	c:\programdata\Symantec
2012-03-09 08:15 . 2012-03-11 23:16	--------	d-----w-	c:\programdata\Norton
2012-03-08 21:54 . 2012-03-08 21:54	--------	d-----w-	c:\users\dell\AppData\Local\DDMSettings
2012-03-08 21:53 . 2012-03-08 21:53	--------	d-----w-	c:\users\dell\AppData\Roaming\DivX
2012-03-08 21:52 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files\DivX
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2012-03-08 21:51 . 2012-03-08 21:53	--------	d-----w-	c:\program files (x86)\DivX
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Roaming\widestream
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Local\widestream6 Air
2012-03-08 20:30 . 2012-03-15 19:54	--------	d-----w-	c:\program files (x86)\Widestream6
2012-03-08 20:30 . 2012-03-08 20:30	--------	d-----w-	c:\program files (x86)\PriceGong
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\program files (x86)\Complitly
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\users\dell\AppData\Roaming\Complitly
2012-03-08 19:58 . 2012-03-08 21:53	--------	d-----w-	c:\programdata\DivX
2012-03-06 10:10 . 2012-03-18 22:51	--------	d-----w-	c:\users\dell\AppData\Local\CCS5
2012-03-06 10:09 . 2012-03-06 10:09	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2012-03-05 13:58 . 2012-03-06 20:33	--------	d-----w-	c:\users\dell\AppData\Local\MediaGet2
2012-03-04 22:20 . 2012-03-04 22:20	--------	d-----w-	c:\users\dell\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-03-04 13:24 . 2012-03-04 13:28	--------	d-----w-	c:\users\dell\AppData\Roaming\Easy Thumbnails
2012-03-04 13:23 . 2012-03-04 13:23	--------	d-----w-	c:\program files (x86)\Easy Thumbnails
2012-03-04 13:16 . 2011-12-21 04:29	548864	----a-w-	c:\program files (x86)\Mozilla Firefox	rzAB40.tmp
2012-03-04 13:16 . 2011-12-21 04:29	626688	----a-w-	c:\program files (x86)\Mozilla Firefox	rz92C0.tmp
2012-03-04 12:56 . 2012-03-04 13:16	--------	d-----w-	c:\users\dell\chat-land
2012-03-04 11:08 . 2012-03-04 11:10	--------	dc-h--w-	c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-04 11:08 . 2012-03-04 11:08	--------	d-----w-	c:\users\dell\AppData\Local\PackageAware
2012-03-01 19:39 . 2012-03-18 22:09	466944	----a-w-	c:\windows\SysWow64\wodSFTP.ocx
2012-03-01 00:28 . 2012-03-01 00:28	--------	d-----w-	c:\program files (x86)\EasyPHP-5.3.9
2012-02-29 22:01 . 2012-03-04 23:43	--------	d-----w-	c:\programdataegid.1986-12.com.adobe
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\users\dell\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Adobe Download Assistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-02-29 19:46 . 2012-02-29 19:48	--------	d-----w-	c:\program files\glassfish-3.1.1
2012-02-29 19:36 . 2012-03-11 23:21	--------	d-----w-	c:\program files\NetBeans 7.1
2012-02-29 19:31 . 2012-02-29 19:32	--------	d-----w-	c:\program files (x86)\Oracle
2012-02-29 19:31 . 2012-02-29 19:31	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-02-29 19:30 . 2012-01-10 12:57	637848	----a-w-	c:\windows\SysWow64
pdeployJava1.dll
2012-02-29 18:57 . 2012-02-29 18:57	--------	d-----w-	c:\users\dell\AppData\Roaming\MySQL
2012-02-29 18:49 . 2012-03-11 23:21	--------	d-----w-	c:\users\dell\.nbi
2012-02-29 18:42 . 2012-03-01 00:22	--------	d-----w-	c:\programdata\MySQL
2012-02-29 12:26 . 2012-02-29 12:26	416064	----a-w-	c:\windows\SysWow64
vStreaming.exe
2012-02-22 19:31 . 2012-02-22 19:31	--------	d-----w-	c:\program files (x86)\WebZIP 6
2012-02-22 01:05 . 2012-02-22 01:10	--------	d-----w-	c:\users\dell\AppData\Roaming\Notepad++
2012-02-22 01:05 . 2012-02-22 01:05	--------	d-----w-	c:\program files (x86)\Notepad++
2012-02-22 00:37 . 2012-02-22 00:37	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\windows\PCHEALTH
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-02-22 00:33 . 2012-02-22 00:34	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2012-02-22 00:32 . 2012-02-22 00:32	--------	d-----w-	c:\program files\Microsoft Analysis Services
2012-02-22 00:32 . 2012-02-22 00:32	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2012-02-22 00:31 . 2012-02-22 00:31	--------	d-----r-	C:\MSOCache
2012-02-20 02:23 . 2012-02-20 02:23	--------	d-----w-	c:\windows\system32\SPReview
2012-02-20 01:01 . 2012-02-20 01:01	--------	d-----w-	c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-02-19 23:42 . 2012-02-19 23:43	--------	d-----w-	c:\program files\Windows XP Mode
2012-02-19 23:41 . 2012-02-19 23:41	--------	d-----w-	c:\program files (x86)\ClicRDV
2012-02-19 21:12 . 2012-03-19 12:38	--------	d-----r-	c:\users\dell\Virtual Machines
2012-02-19 19:36 . 2009-09-23 01:49	14336	----a-w-	c:\windows\system32\drivers\fr-FR\vpcvmm.sys.mui
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 00:15 . 2011-12-08 11:00	41184	----a-w-	c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-12-08 11:00	201352	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2011-12-20 18:13	258520	----a-w-	c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2011-12-08 11:00	819032	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2011-12-08 11:00	337240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:01 . 2011-12-08 11:00	59224	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-12-08 11:00	69976	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2011-12-08 11:00	24408	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-03-01 00:02 . 2011-12-08 10:49	962368	----a-w-	c:\windows\system32
vumdshimx.dll
2012-03-01 00:02 . 2011-12-08 10:49	812352	----a-w-	c:\windows\SysWow64
vumdshim.dll
2012-03-01 00:02 . 2011-12-08 10:49	2660160	----a-w-	c:\windows\system32
vapi64.dll
2012-03-01 00:02 . 2011-12-08 10:49	260416	----a-w-	c:\windows\system32
vinitx.dll
2012-03-01 00:02 . 2011-12-08 10:49	2301248	----a-w-	c:\windows\SysWow64
vapi.dll
2012-03-01 00:02 . 2011-12-08 10:49	215360	----a-w-	c:\windows\SysWow64
vinit.dll
2012-03-01 00:02 . 2011-12-08 10:49	17642816	----a-w-	c:\windows\system32
vd3dumx.dll
2012-03-01 00:02 . 2011-12-08 10:49	1737536	----a-w-	c:\windows\system32
vdispco64.dll
2012-03-01 00:02 . 2011-12-08 10:49	1466176	----a-w-	c:\windows\system32
vgenco64.dll
2012-02-29 21:00 . 2011-12-08 10:49	3089728	----a-w-	c:\windows\system32
vsvc64.dll
2012-02-29 21:00 . 2011-12-08 10:49	6074176	----a-w-	c:\windows\system32
vcpl.dll
2012-02-29 20:59 . 2011-12-08 10:49	889664	----a-w-	c:\windows\system32
vvsvc.exe
2012-02-29 20:59 . 2011-12-08 10:49	63296	----a-w-	c:\windows\system32
vshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	55616	----a-w-	c:\windows\system32
v3dappshextr.dll
2012-02-29 20:59 . 2011-12-08 10:49	2561856	----a-w-	c:\windows\system32
vsvcr.dll
2012-02-29 20:59 . 2011-12-08 10:49	118080	----a-w-	c:\windows\system32
vmctray.dll
2012-02-29 20:59 . 2011-12-08 10:49	849728	----a-w-	c:\windows\system32
v3dappshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	2515790	----a-w-	c:\windows\system32
vcoproc.bin
2012-02-23 08:18 . 2011-12-08 13:34	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-20 00:28 . 2011-12-10 07:40	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 12:57 . 2011-12-21 10:29	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-01-06 21:53 . 2012-01-06 21:53	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\system32	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	63488	----a-w-	c:\windows\SysWow64	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	448512	----a-w-	c:\windows\system32\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	222208	----a-w-	c:\windows\system32\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	160256	----a-w-	c:\windows\system32\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	12288	----a-w-	c:\windows\system32\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	114176	----a-w-	c:\windows\system32\admparse.dll
2012-01-06 21:53 . 2012-01-06 21:53	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-01-06 21:50 . 2012-01-06 21:50	982912	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-01-06 21:50 . 2012-01-06 21:50	4068864	----a-w-	c:\windows\system32\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	3181568	----a-w-	c:\windows\SysWow64\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	265088	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-01-06 21:50 . 2012-01-06 21:50	257024	----a-w-	c:\windows\system32\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	229888	----a-w-	c:\windows\system32\XpsRasterService.dll
2012-01-06 21:50 . 2012-01-06 21:50	206848	----a-w-	c:\windows\system32\mfps.dll
2012-01-06 21:50 . 2012-01-06 21:50	196608	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	1888256	----a-w-	c:\windows\system32\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1863680	----a-w-	c:\windows\system32\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	1619456	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1495040	----a-w-	c:\windows\SysWow64\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	144384	----a-w-	c:\windows\system32\cdd.dll
2012-01-06 21:50 . 2012-01-06 21:50	135168	----a-w-	c:\windows\SysWow64\XpsRasterService.dll
2012-01-04 00:48 . 2012-01-04 00:48	354176	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-24 09:59 . 2011-12-24 09:59	95110	----a-w-	c:\windows\Uninstal.exe
2011-12-21 09:34 . 2011-12-21 09:34	2593724	----a-w-	C:\installNP.exe
2011-12-21 09:30 . 2011-12-21 09:30	90196	----a-w-	C:\MajNP.exe
2011-12-20 18:27 . 2011-12-20 18:27	455680	----a-w-	c:\windows\system32\deploytk.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-03-14_21.18.33   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-03-19 12:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-14 21:08	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-19 12:04	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-19 12:04	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-14 21:08	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-08 13:40 . 2012-03-19 12:06	61426              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-19 12:06	32160              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:30 . 2012-03-13 23:54	86016              c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-03-16 16:50	86016              c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 04:46 . 2012-03-17 10:38	85960              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-12-08 11:04 . 2012-03-19 12:06	9444              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3358886915-3420025041-2136404748-1000_UserData.bin
+ 2012-03-15 12:17 . 2012-03-15 12:17	4928              c:\windows\system32\MpEngineStore\RebootActions	udnrkib.dat
+ 2012-03-19 12:03 . 2012-03-19 12:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-14 15:47 . 2012-03-14 15:47	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-19 12:03 . 2012-03-19 12:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-14 15:47 . 2012-03-14 15:47	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-06-10 21:38 . 2009-06-10 21:38	113629              c:\windows\SysWOW64\slmgr.vbs
+ 2008-11-20 22:17 . 2008-11-20 22:17	106496              c:\windows\SysWOW64\myodbc3m.exe
+ 2008-11-20 22:17 . 2008-11-20 22:17	118784              c:\windows\SysWOW64\myodbc3i.exe
+ 2011-12-08 12:32 . 2012-03-18 18:22	299590              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-13 23:56 . 2009-07-14 01:41	419840              c:\windows\system32\systemcpl.dll
- 2009-07-13 23:56 . 2012-02-20 22:44	419840              c:\windows\system32\systemcpl.dll
+ 2009-06-10 20:59 . 2009-06-10 20:59	113629              c:\windows\system32\slmgr.vbs
+ 2009-07-14 15:24 . 2012-03-19 13:27	706326              c:\windows\system32\perfh00C.dat
- 2009-07-14 15:24 . 2012-03-14 20:09	706326              c:\windows\system32\perfh00C.dat
+ 2009-07-14 02:36 . 2012-03-19 13:27	616546              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-14 20:09	616546              c:\windows\system32\perfh009.dat
- 2009-07-14 15:24 . 2012-03-14 20:09	131388              c:\windows\system32\perfc00C.dat
+ 2009-07-14 15:24 . 2012-03-19 13:27	131388              c:\windows\system32\perfc00C.dat
+ 2009-07-14 02:36 . 2012-03-19 13:27	106926              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-14 20:09	106926              c:\windows\system32\perfc009.dat
+ 2009-07-14 05:30 . 2012-03-16 16:50	143360              c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-03-13 23:54	143360              c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-16 16:50	143360              c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-03-13 23:54	143360              c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:01 . 2012-03-14 10:44	385508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-19 10:10	385508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-18 19:48 . 2012-03-18 19:48	371272              c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
+ 2008-11-20 22:17 . 2008-11-20 22:17	6660096              c:\windows\SysWOW64\myodbc3S.dll
+ 2008-11-20 22:17 . 2008-11-20 22:17	2191360              c:\windows\SysWOW64\myodbc3.dll
- 2009-07-14 04:45 . 2012-03-14 09:16	3859456              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform	okens.dat
+ 2009-07-14 04:45 . 2012-03-16 20:04	3859456              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform	okens.dat
+ 2011-12-20 23:56 . 2012-03-19 10:10	5496268              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3358886915-3420025041-2136404748-1000-8192.dat
+ 2011-12-20 23:56 . 2012-03-18 23:18	5367388              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3358886915-3420025041-2136404748-1000-12288.dat
+ 2012-03-16 19:47 . 2012-03-16 19:47	4897792              c:\windows\Installer\9d5800.msi
+ 2009-01-16 15:29 . 2009-01-16 15:29	3724800              c:\windows\Installer\9d57fc.msi
+ 2012-02-27 12:47 . 2012-02-27 12:47	2857984              c:\windows\Installer\9d57f5.msi
- 2009-07-14 02:34 . 2012-03-14 16:01	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-03-19 13:11	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-03-18 19:48 . 2012-03-18 19:48	18989056              c:\windows\Installer\db68ed.msi
.
-- Instantané actualisé --
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
2011-05-09 08:49	176936	----a-w-	c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-10 39408]
"SuperCopier2.exe"="c:\program files (x86)\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
usb3mon.exe" [2010-11-17 113288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64
vinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversionun-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R1 tudnrkib;tudnrkib;c:\windows\system32\drivers	udnrkib.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
vhda64v.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
vpciflt.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS
vkflt.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2010-12-17 53920]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe [2012-02-29 382272]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-13 2028864]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
usb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
usb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000Core.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000UA.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15	135408	----a-w-	c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2010-12-17 613536]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2010-12-17 379040]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32
vinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?AF=109980&babsrc=HP_ss&mntrId=3abf313b00000000000060d81948fb8e
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yvy6l7n1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-FoxTab FLV Player - c:\progra~2\FOXTAB~1\Uninstall\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-03-19  15:01:07
ComboFix-quarantined-files.txt  2012-03-19 14:01
ComboFix2.txt  2012-03-14 21:20
.
Avant-CF: 26 097 123 328 octets libres
Après-CF: 28 394 467 328 octets libres
.
- - End Of File - - F81FB1CD76BCDE68F7AA31B8E53D60D6

dali0807 · Answer

rapport 3 :


ComboFix 12-03-14.01 - dell 14/03/2012  22:11:09.1.8 - x64
Microsoft Windows 7 Professionnel   6.1.7600.0.1252.33.1036.18.6051.3405 [GMT 1:00]
Lancé depuis: h:\logiciel\Antivirus\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\SysWow64\mq11285.dll
c:\windows\SysWow64	rz2A5C.tmp
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2012-02-14 au 2012-03-14  ))))))))))))))))))))))))))))))))))))
.
.
2012-03-14 21:18 . 2012-03-14 21:18	--------	d-----w-	c:\users\Default\AppData\Local	emp
2012-03-14 21:07 . 2012-03-14 21:07	--------	d-----w-	c:\program files (x86)\Trend Micro
2012-03-14 21:05 . 2012-03-14 21:05	48464	----a-w-	c:\windows\system32\drivers	udnrkib.sys
2012-03-14 21:05 . 2012-03-14 21:05	--------	d-----w-	c:\windows\system32\MpEngineStore
2012-03-14 16:15 . 2012-03-14 16:22	--------	d-----w-	C:\UwAmp
2012-03-14 15:43 . 2012-03-14 15:43	--------	d-----w-	C:\found.000
2012-03-14 08:01 . 2011-11-19 18:30	5504880	----a-w-	c:\windows\system32
toskrnl.exe
2012-03-14 08:01 . 2011-11-19 14:25	3957616	----a-w-	c:\windows\SysWow64
tkrnlpa.exe
2012-03-14 08:01 . 2011-11-19 14:25	3902320	----a-w-	c:\windows\SysWow64
toskrnl.exe
2012-03-14 07:40 . 2012-02-03 04:16	3143168	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 07:40 . 2012-02-10 06:18	1541120	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 07:40 . 2012-02-10 06:17	320512	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 05:41	1074176	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-14 07:40 . 2012-02-10 05:41	218624	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2012-03-14 07:40 . 2012-02-10 06:17	1837568	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 06:17	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 07:40 . 2012-02-10 05:41	1170944	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2012-03-14 07:40 . 2012-02-10 05:41	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-03-14 07:40 . 2012-02-10 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 07:40 . 2012-02-10 05:41	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2012-03-14 07:34 . 2012-01-25 06:27	76288	----a-w-	c:\windows\system32dpwsx.dll
2012-03-14 07:34 . 2012-01-25 06:27	149504	----a-w-	c:\windows\system32dpcorekmts.dll
2012-03-14 07:34 . 2012-01-25 06:20	9216	----a-w-	c:\windows\system32drmemptylst.exe
2012-03-14 07:34 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32dpcore.dll
2012-03-14 07:34 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64dpcore.dll
2012-03-14 07:34 . 2012-02-15 04:47	204800	----a-w-	c:\windows\system32\driversdpwd.sys
2012-03-14 07:34 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers	dtcp.sys
2012-03-13 23:54 . 2012-03-13 23:54	--------	d-----w-	c:\users\UpdatusUser
2012-03-13 23:47 . 2012-03-13 23:58	--------	d-----w-	c:\users\dell\AppData\Roaming\FileZilla
2012-03-13 23:44 . 2012-03-13 23:44	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2012-03-13 10:58 . 2012-02-08 07:13	8643640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA86C8E3-79C7-461C-A46F-05C1FEBD0FF4}\mpengine.dll
2012-03-13 00:10 . 2012-03-13 00:11	--------	d-----w-	c:\program files (x86)\Any to Icon
2012-03-12 17:18 . 2012-03-12 17:18	--------	d-----w-	c:\program files\Microsoft Games
2012-03-12 15:29 . 2012-03-12 15:29	--------	d-----w-	c:\program files (x86)\LaBoiteACouleurs
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Roaming\Thunderbird
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\users\dell\AppData\Local\Thunderbird
2012-03-12 10:54 . 2012-03-12 10:54	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2012-03-11 22:57 . 2012-03-11 22:57	--------	d-----w-	c:\users\dell\AppData\Roaming\OfficeRecovery
2012-03-09 08:15 . 2012-03-09 08:15	--------	d-----w-	c:\programdata\Symantec
2012-03-09 08:15 . 2012-03-11 23:16	--------	d-----w-	c:\programdata\Norton
2012-03-08 21:54 . 2012-03-08 21:54	--------	d-----w-	c:\users\dell\AppData\Local\DDMSettings
2012-03-08 21:53 . 2012-03-08 21:53	--------	d-----w-	c:\users\dell\AppData\Roaming\DivX
2012-03-08 21:52 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files\DivX
2012-03-08 21:51 . 2012-03-08 21:52	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2012-03-08 21:51 . 2012-03-08 21:53	--------	d-----w-	c:\program files (x86)\DivX
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Roaming\widestream
2012-03-08 20:31 . 2012-03-08 20:31	--------	d-----w-	c:\users\dell\AppData\Local\widestream6 Air
2012-03-08 20:30 . 2012-03-08 20:31	--------	d-----w-	c:\program files (x86)\Widestream6
2012-03-08 20:30 . 2012-03-08 20:30	--------	d-----w-	c:\program files (x86)\PriceGong
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\program files (x86)\Complitly
2012-03-08 20:29 . 2012-03-08 20:29	--------	d-----w-	c:\users\dell\AppData\Roaming\Complitly
2012-03-08 19:58 . 2012-03-08 21:53	--------	d-----w-	c:\programdata\DivX
2012-03-06 10:10 . 2012-03-06 22:45	--------	d-----w-	c:\users\dell\AppData\Local\CCS5
2012-03-06 10:09 . 2012-03-06 10:09	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2012-03-06 10:07 . 2012-03-06 10:09	--------	d-----w-	c:\program files (x86)\CodeChargeStudio5
2012-03-05 23:04 . 2012-03-05 23:10	--------	d-----w-	c:\users\dell\AppData\Roaming\PhotoFiltre Studio X
2012-03-05 23:04 . 2012-03-05 23:04	--------	d-----w-	c:\program files (x86)\PhotoFiltre Studio X
2012-03-05 13:58 . 2012-03-06 20:33	--------	d-----w-	c:\users\dell\AppData\Local\MediaGet2
2012-03-04 22:20 . 2012-03-04 22:20	--------	d-----w-	c:\users\dell\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-03-04 19:54 . 2002-02-24 20:30	260096	------w-	c:\windows\SysWow64\RICHTX32.OCX
2012-03-04 19:53 . 2000-05-22 00:00	140488	------w-	c:\windows\SysWow64\COMDLG32.OCX
2012-03-04 19:53 . 2012-03-04 19:53	--------	d-----w-	c:\program files (x86)\Sybase
2012-03-04 19:52 . 2012-03-04 19:52	--------	d-----w-	c:\program files (x86)\Common Files\InstallShield
2012-03-04 13:24 . 2012-03-04 13:28	--------	d-----w-	c:\users\dell\AppData\Roaming\Easy Thumbnails
2012-03-04 13:23 . 2012-03-04 13:23	--------	d-----w-	c:\program files (x86)\Easy Thumbnails
2012-03-04 13:16 . 2011-12-21 04:29	548864	----a-w-	c:\program files (x86)\Mozilla Firefox	rzAB40.tmp
2012-03-04 13:16 . 2011-12-21 04:29	626688	----a-w-	c:\program files (x86)\Mozilla Firefox	rz92C0.tmp
2012-03-04 12:56 . 2012-03-04 13:16	--------	d-----w-	c:\users\dell\chat-land
2012-03-04 11:08 . 2012-03-04 11:10	--------	dc-h--w-	c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-04 11:08 . 2012-03-04 11:08	--------	d-----w-	c:\users\dell\AppData\Local\PackageAware
2012-03-01 19:39 . 2012-03-06 10:07	466944	----a-w-	c:\windows\SysWow64\wodSFTP.ocx
2012-03-01 00:28 . 2012-03-01 00:28	--------	d-----w-	c:\program files (x86)\EasyPHP-5.3.9
2012-02-29 22:01 . 2012-03-04 23:43	--------	d-----w-	c:\programdataegid.1986-12.com.adobe
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\users\dell\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Adobe Download Assistant
2012-02-29 19:51 . 2012-02-29 19:51	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-02-29 19:46 . 2012-02-29 19:48	--------	d-----w-	c:\program files\glassfish-3.1.1
2012-02-29 19:36 . 2012-03-11 23:21	--------	d-----w-	c:\program files\NetBeans 7.1
2012-02-29 19:31 . 2012-02-29 19:32	--------	d-----w-	c:\program files (x86)\Oracle
2012-02-29 19:31 . 2012-02-29 19:31	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-02-29 19:30 . 2012-01-10 12:57	637848	----a-w-	c:\windows\SysWow64
pdeployJava1.dll
2012-02-29 18:57 . 2012-02-29 18:57	--------	d-----w-	c:\users\dell\AppData\Roaming\MySQL
2012-02-29 18:49 . 2012-03-11 23:21	--------	d-----w-	c:\users\dell\.nbi
2012-02-29 18:42 . 2012-03-01 00:22	--------	d-----w-	c:\programdata\MySQL
2012-02-29 12:26 . 2012-02-29 12:26	416064	----a-w-	c:\windows\SysWow64
vStreaming.exe
2012-02-22 19:33 . 2012-02-22 19:33	--------	d-----w-	c:\program files (x86)\WebZIP 7
2012-02-22 19:31 . 2012-02-22 19:31	--------	d-----w-	c:\program files (x86)\WebZIP 6
2012-02-22 19:22 . 2012-02-22 19:22	--------	d-----w-	c:\program files (x86)\WinHTTrack
2012-02-22 01:05 . 2012-02-22 01:10	--------	d-----w-	c:\users\dell\AppData\Roaming\Notepad++
2012-02-22 01:05 . 2012-02-22 01:05	--------	d-----w-	c:\program files (x86)\Notepad++
2012-02-22 00:37 . 2012-02-22 00:37	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\windows\PCHEALTH
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-02-22 00:36 . 2012-02-22 00:36	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-02-22 00:33 . 2012-02-22 00:34	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2012-02-22 00:32 . 2012-02-22 00:32	--------	d-----w-	c:\program files\Microsoft Analysis Services
2012-02-22 00:32 . 2012-02-22 00:32	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2012-02-22 00:31 . 2012-02-22 00:31	--------	d-----r-	C:\MSOCache
2012-02-20 02:23 . 2012-02-20 02:23	--------	d-----w-	c:\windows\system32\SPReview
2012-02-20 01:01 . 2012-02-20 01:01	--------	d-----w-	c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-02-19 23:42 . 2012-02-19 23:43	--------	d-----w-	c:\program files\Windows XP Mode
2012-02-19 23:41 . 2012-02-19 23:41	--------	d-----w-	c:\program files (x86)\ClicRDV
2012-02-19 21:12 . 2012-03-08 22:11	--------	d-----r-	c:\users\dell\Virtual Machines
2012-02-19 19:36 . 2009-09-23 01:49	14336	----a-w-	c:\windows\system32\drivers\fr-FR\vpcvmm.sys.mui
2012-02-19 19:05 . 2012-02-19 19:05	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2012-02-19 18:24 . 2012-01-04 09:58	509952	----a-w-	c:\windows\system32
tshrui.dll
2012-02-19 18:24 . 2012-01-04 09:03	442880	----a-w-	c:\windows\SysWow64
tshrui.dll
2012-02-19 18:22 . 2012-01-03 06:24	515584	----a-w-	c:\windows\system32	imedate.cpl
2012-02-19 18:22 . 2012-01-03 05:44	478208	----a-w-	c:\windows\SysWow64	imedate.cpl
2012-02-19 18:16 . 2011-12-28 03:59	499200	----a-w-	c:\windows\system32\drivers\afd.sys
2012-02-19 18:16 . 2011-12-16 08:42	634368	----a-w-	c:\windows\system32\msvcrt.dll
2012-02-19 18:16 . 2011-12-16 07:59	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2012-02-13 22:27 . 2012-02-13 22:27	--------	d-----w-	c:\users\dell\AppData\Roaming\Leadertech
2012-02-13 22:27 . 2012-02-13 22:27	--------	d-----w-	c:\program files (x86)\Common Files\LogiShrd
2012-02-13 22:27 . 2012-02-20 21:06	--------	d-----w-	c:\programdata\LogiShrd
2012-02-13 22:27 . 2012-02-13 22:27	--------	d-----w-	c:\program files\Logitech
2012-02-13 22:20 . 2012-02-13 22:27	--------	d-----w-	c:\program files\Common Files\logishrd
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 00:02 . 2011-12-08 10:49	962368	----a-w-	c:\windows\system32
vumdshimx.dll
2012-03-01 00:02 . 2011-12-08 10:49	812352	----a-w-	c:\windows\SysWow64
vumdshim.dll
2012-03-01 00:02 . 2011-12-08 10:49	2660160	----a-w-	c:\windows\system32
vapi64.dll
2012-03-01 00:02 . 2011-12-08 10:49	260416	----a-w-	c:\windows\system32
vinitx.dll
2012-03-01 00:02 . 2011-12-08 10:49	2301248	----a-w-	c:\windows\SysWow64
vapi.dll
2012-03-01 00:02 . 2011-12-08 10:49	215360	----a-w-	c:\windows\SysWow64
vinit.dll
2012-03-01 00:02 . 2011-12-08 10:49	17642816	----a-w-	c:\windows\system32
vd3dumx.dll
2012-03-01 00:02 . 2011-12-08 10:49	1737536	----a-w-	c:\windows\system32
vdispco64.dll
2012-03-01 00:02 . 2011-12-08 10:49	1466176	----a-w-	c:\windows\system32
vgenco64.dll
2012-02-29 21:00 . 2011-12-08 10:49	3089728	----a-w-	c:\windows\system32
vsvc64.dll
2012-02-29 21:00 . 2011-12-08 10:49	6074176	----a-w-	c:\windows\system32
vcpl.dll
2012-02-29 20:59 . 2011-12-08 10:49	889664	----a-w-	c:\windows\system32
vvsvc.exe
2012-02-29 20:59 . 2011-12-08 10:49	63296	----a-w-	c:\windows\system32
vshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	55616	----a-w-	c:\windows\system32
v3dappshextr.dll
2012-02-29 20:59 . 2011-12-08 10:49	2561856	----a-w-	c:\windows\system32
vsvcr.dll
2012-02-29 20:59 . 2011-12-08 10:49	118080	----a-w-	c:\windows\system32
vmctray.dll
2012-02-29 20:59 . 2011-12-08 10:49	849728	----a-w-	c:\windows\system32
v3dappshext.dll
2012-02-29 20:59 . 2011-12-08 10:49	2515790	----a-w-	c:\windows\system32
vcoproc.bin
2012-02-23 08:18 . 2011-12-08 13:34	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-20 22:44 . 2009-07-13 23:56	419840	----a-w-	c:\windows\system32\systemcpl.dll
2012-02-20 00:28 . 2011-12-10 07:40	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 12:57 . 2011-12-21 10:29	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-01-06 21:53 . 2012-01-06 21:53	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-06 21:53 . 2012-01-06 21:53	76800	----a-w-	c:\windows\system32	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-01-06 21:53 . 2012-01-06 21:53	63488	----a-w-	c:\windows\SysWow64	dc.ocx
2012-01-06 21:53 . 2012-01-06 21:53	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-01-06 21:53 . 2012-01-06 21:53	448512	----a-w-	c:\windows\system32\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-01-06 21:53 . 2012-01-06 21:53	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-01-06 21:53 . 2012-01-06 21:53	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-01-06 21:53 . 2012-01-06 21:53	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-01-06 21:53 . 2012-01-06 21:53	222208	----a-w-	c:\windows\system32\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-01-06 21:53 . 2012-01-06 21:53	160256	----a-w-	c:\windows\system32\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-01-06 21:53 . 2012-01-06 21:53	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-01-06 21:53 . 2012-01-06 21:53	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-01-06 21:53 . 2012-01-06 21:53	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	12288	----a-w-	c:\windows\system32\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-01-06 21:53 . 2012-01-06 21:53	114176	----a-w-	c:\windows\system32\admparse.dll
2012-01-06 21:53 . 2012-01-06 21:53	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-01-06 21:53 . 2012-01-06 21:53	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-01-06 21:53 . 2012-01-06 21:53	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-01-06 21:50 . 2012-01-06 21:50	982912	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-01-06 21:50 . 2012-01-06 21:50	4068864	----a-w-	c:\windows\system32\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	3181568	----a-w-	c:\windows\SysWow64\mf.dll
2012-01-06 21:50 . 2012-01-06 21:50	265088	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-01-06 21:50 . 2012-01-06 21:50	257024	----a-w-	c:\windows\system32\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	229888	----a-w-	c:\windows\system32\XpsRasterService.dll
2012-01-06 21:50 . 2012-01-06 21:50	206848	----a-w-	c:\windows\system32\mfps.dll
2012-01-06 21:50 . 2012-01-06 21:50	196608	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2012-01-06 21:50 . 2012-01-06 21:50	1888256	----a-w-	c:\windows\system32\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1863680	----a-w-	c:\windows\system32\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	1619456	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2012-01-06 21:50 . 2012-01-06 21:50	1495040	----a-w-	c:\windows\SysWow64\ExplorerFrame.dll
2012-01-06 21:50 . 2012-01-06 21:50	144384	----a-w-	c:\windows\system32\cdd.dll
2012-01-06 21:50 . 2012-01-06 21:50	135168	----a-w-	c:\windows\SysWow64\XpsRasterService.dll
2012-01-04 00:48 . 2012-01-04 00:48	354176	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-24 09:59 . 2011-12-24 09:59	95110	----a-w-	c:\windows\Uninstal.exe
2011-12-21 09:34 . 2011-12-21 09:34	2593724	----a-w-	C:\installNP.exe
2011-12-21 09:30 . 2011-12-21 09:30	90196	----a-w-	C:\MajNP.exe
2011-12-20 18:27 . 2011-12-20 18:27	455680	----a-w-	c:\windows\system32\deploytk.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-10 39408]
"SuperCopier2.exe"="c:\program files (x86)\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
usb3mon.exe" [2010-11-17 113288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64
vinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversionun-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R1 tudnrkib;tudnrkib;c:\windows\system32\drivers	udnrkib.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
vhda64v.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
vpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS
vkflt.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2010-12-17 53920]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe [2012-02-29 382272]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-13 2028864]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
usb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
usb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:40]
.
2012-03-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000Core.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3358886915-3420025041-2136404748-1000UA.job
- c:\users\dell\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 18:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01	134384	----a-w-	c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2010-12-17 613536]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2010-12-17 379040]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32
vinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?AF=109980&babsrc=HP_ss&mntrId=3abf313b00000000000060d81948fb8e
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yvy6l7n1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-UwAmp - c:\uwamp\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-03-14  22:20:50
ComboFix-quarantined-files.txt  2012-03-14 21:20
.
Avant-CF: 34 090 668 032 octets libres
Après-CF: 34 139 631 616 octets libres
.
- - End Of File - - D0A6D5C8B24794EEF76D2653605A24E7

g3n-h@ckm@n · Answer

ah ben c'est sur que si tu joues avec les cracks...on est pas sortis de l auberge

dali0807 · Answer

Ah oui tu as raison, donc le problème est là !
et maintenant est e que mon système est correcte ?

g3n-h@ckm@n · Answer

non

&#9654 Télécharge Sur cette page : AdwCleaner (de Xplode) 

&#9654 clique sur Télécharger et enregistre le fichier sur ton Bureau

&#9654 Double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation

==================================

&#9654&#9654&#9654  Sous Vista et Windows 7 /!\ :

il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur

==================================

Sur le menu principal :
    
&#9654 clique sur Suppression et patiente le temps de l'analyse

&#9654 poste le contenu du rapport que tu trouveras dans ton disque dur c:\ADwcleaner[Sx].txt ou son contenu s'il s'ouvre.

==============================================================================================================

telecharge et enregistre Pre_Scan sur ton bureau :

http://www.crdfcloud.fr/gen-hackman_toolspublic/Pre_Scan.exe

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

http://www.crdfcloud.fr/gen-hackman_toolspublic/Pre_Scan.pif

ou cette version renommée winlogon.exe :

http://www.crdfcloud.fr/gen-hackman_toolspublic/winlogon.exe

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan


NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider

=============

pour faire evoluer l'outil , l'auteur a besoin du fichier reboot.txt qui se trouve dans le Dossier C:\Pre_scan

relance pre_scan , clic sur "Explore" , puis "Internet" , puis "Upload"
une page internet va s'ouvrir , clic sur Upload , puis "parcourir" , jusqu'au fichier Reboot.txt , puis envoie le fichier

ce fichier texte (que tu peux ouvrir par curiosité) , contient uniquement ce qui concerne les fichiers infectieux ou des noms de repertoires qui serviront à créer une liste blanche.

dali0807 · Answer

voici le rapport de adwcleaner

# AdwCleaner v1.503 - Rapport créé le 30/03/2012 à 18:44:20
# Mis à jour le 24/03/2012 par Xplode
# Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits)
# Nom d'utilisateur : dell - DELL-PC
# Exécuté depuis : C:\Users\dell\Desktop\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\dell\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\dell\AppData\Roaming\Complitly
Dossier Supprimé : C:\Users\dell\AppData\Roaming\widestream
Dossier Supprimé : C:\Users\dell\AppData\Local\Babylon
Dossier Supprimé : C:\Users\dell\AppData\Local\Conduit
Dossier Supprimé : C:\Users\dell\AppData\Local\widestream6 Air
Dossier Supprimé : C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Dossier Supprimé : C:\Users\dell\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\dell\chat-land
Dossier Supprimé : C:\Users\dell\Documents\WideStream
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\Complitly
Dossier Supprimé : C:\Program Files (x86)\PriceGong
Dossier Supprimé : C:\Program Files (x86)\Widestream6
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [H. Navipromo] *****


***** [Registre] *****

[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2851639
Clé Supprimée : HKCU\Software\Complitly
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\WideStream
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Babylon
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Classes\b
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong

***** [Registre (x64)] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

***** [Navigateurs] *****

-\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\ Mozilla Firefox v11.0 (en-US)

Nom du profil : default
Fichier : C:\Users\dell\AppData\Roaming\Mozilla\FireFox\Profiles\yvy6l7n1.default\prefs.js

C:\Users\dell\AppData\Roaming\Mozilla\FireFox\Profiles\yvy6l7n1.default\user.js ... Supprimé !

Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true);
Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109980&babsrc=NT_s[...]

-\ Google Chrome v17.0.963.83

Fichier : C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [8244 octets] - [30/03/2012 18:44:20]

########## EOF - C:\AdwCleaner[S1].txt - [8372 octets] ##########

g3n-h@ckm@n · Answer

ok la suite :)

dali0807 · Answer

la suite n'est pas affiché après le scan, le pc est redémarrer sans rien afficher :)

donc où je le trouve ?

g3n-h@ckm@n · Answer

dans tes icones sur ton bureau

dali0807 · Answer

voici le lien du premier fichier :

http://pjjoint.malekal.com/files.php?id=20120330_5z13r5w6v10

j'ai envoyé le fichier comme tu m'as dis mais je me demander, qui va lire ce fichier ?

g3n-h@ckm@n · Answer

seulement moi , j'en ai interdit le telechargement sur mon serveur

ca me sert uniquement à l'évolution de l'outil

tu peux l ouvrir et le lire si tu veux

dali0807 · Answer

je l'ai ouvert mais j'ai rien compris :) donc je t'attends

vraiment merci pour l'aide que tu m'as donné durant tout ce temps, c'est très gentil

g3n-h@ckm@n · Answer

ce windows a été installé par dessus un windows XP .???

dali0807 · Answer

oui, c'est un windows XP Mode (windows virtuel)

g3n-h@ckm@n · Answer

relance pre_scan et choisis script , une page vierge va s'ouvrir.

selectionne tout le texte en gras ci-dessous, puis (clic droit/copier ou ctrl+c) :
___________________________________________________
Kill::

Registry::
[-HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]

folder::
C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yvy6l7n1.default\extensions\jid0-iCPOmYOpfr0lTUfjSAXweQzqxyw@jetpack 
C:\Windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP 
C:\572a75784fab8ddca397351eabc13aa0 
C:\8606a91d931cf304e12e3b4d1095c7 
C:\Users\dell\AppData\Local\MediaGet2     

txt::
C:\Windows\System32\Tasks\{19D2904F-D7A7-445D-93F1-1758A175E0CB}
C:\Windows\System32\Tasks\{C110373F-F948-4969-8DC0-1D6D82769488} 

Mbr::    

clean::      

Reboot::        
___________________________________________________

colle-le ensuite (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille 

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

dali0807 · Answer

voici le rapport : ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.326 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Windows 7 Professional (64 bits) Service Pack 1 Switchs possibles : processes:: | file:: | folder:: | Registry:: Driver:: | replace:: | DNS:: | Command:: txt:: | Host:: | NsLook:: | DLL:: | Unhide_Part:: list:: | IP:: | Kill:: | clean:: | Del_Part:: Reboot:: | MBR:: | Fixmbr:: | 40:: | Zip:: search:: | Tray:: | FF:: Script : 19:57:52 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Modification du registre effectuée ¤ ¤¤¤¤¤¤¤¤¤¤ | Edition de : C:\Windows\System32\Tasks\{19D2904F-D7A7-445D-93F1-1758A175E0CB} true IgnoreNew false true true false false PT10M PT1H true false true true false false false PT72H 7 C:\Windows\system32\pcalua.exe -a "H:\Logiciel\Web\Aspirateur Web\Gratuit\webzip60_setup.exe" -d "H:\Logiciel\Web\Aspirateur Web\Gratuit" dell-PC\dell InteractiveToken LeastPrivilege ¤¤¤¤¤¤¤¤¤¤ | Edition de : C:\Windows\System32\Tasks\{C110373F-F948-4969-8DC0-1D6D82769488} true IgnoreNew false true true false false PT10M PT1H true false true true false false false PT72H 7 C:\Windows\system32\pcalua.exe -a H:\Logiciel\Développement\Conception\PowerAMC15_Evaluation.exe -d H:\Logiciel\Développement\Conception dell-PC\dell InteractiveToken LeastPrivilege ¤ Supprimé : C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\yvy6l7n1.default\extensions\jid0-iCPOmYOpfr0lTUfjSAXweQzqxyw@jetpack Supprimé : C:\Windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP Supprimé : C:\572a75784fab8ddca397351eabc13aa0 Supprimé : C:\8606a91d931cf304e12e3b4d1095c7 Supprimé : C:\Users\dell\AppData\Local\MediaGet2 ¤ ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows 7 Professional Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: Dell Inc. BIOS Manufacturer: Dell Inc. System Manufacturer: Dell Inc. System Product Name: Inspiron N5110 Logical Drives Mask: 0x0000009c Analysis of file "C:\Pre_Scan\MBR.bin": Windows 7 MBR code detected ¤ ¤¤¤¤¤¤¤¤¤¤ | Nettoyage disque Nettoyage du disque effectué ¤ Fin : 19:59:11 ¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤

dali0807 · Answer

Que dois-je faire maintenant ?

est ce que toutes les infections sont supprimé ?

g3n-h@ckm@n · Answer

je l'ai ouvert mais j'ai rien compris 

je te montre sur une ligne :

[MD5.0x67AF624CB3B38EA50B1BDB0F7EB51C67] - C:\Windows\Temp\IMTFBC8.tmp

en gras , c'est la signature numérique du fichier et ensuite c est le nom du fichier contrôlé

je vais utiliser ces signatures numeriques pour faire des recherches à d'autres endroits dans le pc pour supprimer la copie du fichier infectieux , si elle existe ailleurs ,avec un autre nom ^^

Windows 7 trop lent suite à une infection

54 réponses

Discussions similaires