Problème csrss.exe
Hg312
Messages postés
77
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai actuellement un problème avec un certain csrss.exe. Quand j'ouvre Windows 7 il me met qu'il manque un dll et après mon PC se porte bien mise à part de certains bug que je n'avais pas avant. J'espère que vous pourrez m'aider.
Merci pour vos futures réponses.
J'ai actuellement un problème avec un certain csrss.exe. Quand j'ouvre Windows 7 il me met qu'il manque un dll et après mon PC se porte bien mise à part de certains bug que je n'avais pas avant. J'espère que vous pourrez m'aider.
Merci pour vos futures réponses.
18 réponses
Salut, désolé je ne m'étais pas reconnecté depuis :/ le nom du dll manquant est :cscomp.dll. Merci de me répondre.
Attention : cet outil peut etre détecté à tort comme virus
Désactive toutes tes protections si possible , antivirus , sandbox , etc....
telecharge et enregistre Pre_Scan sur ton bureau :
http://forums-fec.be/gen-hackman/Pre_Scan.exe
http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan
Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.
si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"
si l'outil est bloqué par l'infection utilise cette version avec extension .pif :
http://forums-fec.be/gen-hackman/Pre_Scan.pif
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler
Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan
NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)
Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider
Désactive toutes tes protections si possible , antivirus , sandbox , etc....
telecharge et enregistre Pre_Scan sur ton bureau :
http://forums-fec.be/gen-hackman/Pre_Scan.exe
http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan
Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.
si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"
si l'outil est bloqué par l'infection utilise cette version avec extension .pif :
http://forums-fec.be/gen-hackman/Pre_Scan.pif
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler
Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan
NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)
Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour, j'ai acheté mon PC chez Boulanger, j'ai pris une garantie de 3 ans donc j'ai appellé un informaticien de chez eux et ceux-ci m'ont dit de lancer ce logiciel. Après je ne sait pas... Je ne suis pas bon en informatique.
Cordialement
Cordialement
En fait, je n'ai pas eu de rapport .txt sur mon bireau. Dès que j'ouvre l'application g3n-h@ckm@n windows me dit directement qu'elle a cessé de fonctionner. Je n'ai donc pas le temps de faire de scan.
/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\
__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================
▶ Surtout , à l'enregistrement change le nom de Combofix en "cequetuveux" avant qu'il soit enregistré sur ton disque dur
clique droit sur ce lien : Combofix =>enregistrer la cible sous....=> sur ton bureau => du nom que tu veux
Avant d'utiliser ComboFix :
Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\
Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau
▶ Lance le
Une fenêtre apparait : clique sur "Disable"
▶ Fais redémarrer l'ordinateur si l'outil te le demande
Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"
_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur combofix renommé
¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
▶▶▶ Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur
Bonjour, voici le rapport (et là je me demande ce qu'est ce "MINODLOGIN" ) :
ComboFix 12-07-08.02 - Hugo 09/07/2012 22:55:26.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8102.5289 [GMT 2:00]
Lancé depuis: c:\users\Hugo\Desktop\Mouahahaha.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.jar
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\program files (x86)\Your Product\lua5.1.dll
c:\program files (x86)\Your Product\Uninstall
c:\program files (x86)\Your Product\Uninstall\IRIMG1.JPG
c:\program files (x86)\Your Product\Uninstall\IRIMG2.JPG
c:\program files (x86)\Your Product\Uninstall\uninstall.dat
c:\program files (x86)\Your Product\Uninstall\uninstall.xml
c:\programdata\FullRemove.exe
c:\users\Hugo\AppData\Roaming\chrtmp
c:\users\Hugo\AppData\Roaming\Hugolog.dat
c:\users\Hugo\AppData\Roaming\system\Server.exe
c:\users\Hugo\AppData\Roaming\Windows
c:\users\Hugo\AppData\Roaming\Windows\vbc.exe
c:\windows\SysWow64\lua5.1.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\SETB4FF.tmp
c:\windows\SysWow64\SETBBDA.tmp
c:\windows\SysWow64\SETBE8D.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-06-09 au 2012-07-09 ))))))))))))))))))))))))))))))))))))
.
.
2012-07-09 21:01 . 2012-07-09 21:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-09 21:01 . 2012-07-09 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-09 20:32 . 2012-07-09 20:32 -------- d-----w- c:\users\Hugo\AppData\Local\Macromedia
2012-07-09 18:34 . 2012-07-09 18:34 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F08D6E9-3E37-4B5E-8F34-D365ECAEFE4A}\offreg.dll
2012-07-09 12:22 . 2012-07-09 12:22 -------- d-----w- c:\users\Hugo\AppData\Roaming\.minecraft
2012-07-06 07:13 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F08D6E9-3E37-4B5E-8F34-D365ECAEFE4A}\mpengine.dll
2012-07-03 14:01 . 2012-07-03 14:01 -------- d-----w- c:\users\Hugo\AppData\Local\Realmware
2012-07-01 11:23 . 2012-03-06 15:19 3953632 ----a-w- c:\windows\SysWow64\GameMon.des
2012-07-01 11:22 . 2012-02-02 22:50 4774 ----a-w- c:\windows\SysWow64\npptNT2.sys
2012-07-01 11:22 . 2012-02-02 22:50 5265 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2012-07-01 11:22 . 2012-07-01 11:22 -------- d-----w- c:\program files\Common Files\INCA Shared
2012-06-29 19:04 . 2012-07-09 11:17 -------- d-----w- c:\program files (x86)\Steam
2012-06-29 18:55 . 2012-06-29 18:55 1474628 ----a-w- c:\windows\SysWow64\steamui.dll
2012-06-25 17:39 . 2012-07-03 14:41 168864 ----a-w- c:\program files\Common Files\WireHelpSvc.exe
2012-06-25 17:39 . 2012-06-25 17:39 -------- d-----w- c:\programdata\ESL Wire
2012-06-22 12:22 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 12:22 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 12:22 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 12:22 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 12:22 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 12:22 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 12:22 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 12:22 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 12:22 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 11:47 . 2012-06-17 11:47 -------- d-----w- c:\program files (x86)\Oracle
2012-06-14 15:40 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 15:40 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 15:40 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-09 18:41 . 2012-05-21 16:23 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-09 18:41 . 2011-10-29 14:19 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-09 18:41 . 2011-10-29 12:06 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-09 18:15 . 2012-05-26 16:22 955840 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-09 18:15 . 2012-05-26 16:22 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-09 11:14 . 2011-08-31 17:04 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-07-03 14:41 . 2012-05-06 16:21 147472 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2012-06-30 16:30 . 2012-04-01 19:08 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-30 16:30 . 2011-11-15 17:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 06:11 . 2012-05-21 16:23 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-02 17:49 . 2012-06-02 17:49 3461120 ----a-w- c:\windows\SysWow64\steam.dll
2012-05-31 10:25 . 2012-01-24 17:05 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-21 16:17 . 2012-05-21 16:23 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-05-15 10:48 . 2012-03-27 18:30 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2012-03-27 18:30 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2012-03-27 18:30 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2011-11-08 18:20 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2011-11-08 18:20 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-05-15 10:48 . 2011-11-08 18:20 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2011-07-30 10:48 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2011-07-30 10:48 818496 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-05-15 10:48 . 2011-07-30 10:48 246592 ----a-w- c:\windows\system32\nvinitx.dll
2012-05-15 10:48 . 2011-07-30 10:48 202048 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-05-15 10:48 . 2011-07-30 10:48 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2011-07-30 10:48 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-05-15 09:29 . 2011-05-27 16:38 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-05-27 16:38 858944 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-05-15 09:29 . 2011-05-27 16:38 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-05-27 16:38 55616 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-05-15 09:29 . 2011-05-27 16:38 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-05-27 16:38 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-05-27 16:38 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-05-15 09:29 . 2011-05-27 16:38 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-05-27 16:38 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-05-07 11:29 . 2012-05-07 11:29 719832 ----a-w- c:\windows\SysWow64\mozcrt19.dll
2012-05-07 11:15 . 2012-05-07 11:15 801752 ----a-w- c:\windows\SysWow64\mozsqlite3.dll
2012-05-07 11:02 . 2012-05-07 11:02 43960 ----a-w- c:\windows\SysWow64\mozglue.dll
2012-05-05 17:43 . 2012-04-02 16:43 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 17:29 . 2012-05-26 13:46 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-04 17:29 . 2011-09-17 08:48 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\NewShortcut20_806BB6F0A56345D28AB47A9E3FB4BDA5.exe
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\NewShortcut18_C59D52EB374A4A20BBE596AA8AFFFDB1.exe
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\NewShortcut16_3E2E97E7BD954F6297C2CA9F6DA81222.exe
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\ARPPRODUCTICON.exe
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-08-01 958352]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-08-01 3507088]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-01 20880]
"Akamai NetSession Interface"="c:\users\Hugo\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2012-07-04 3407536]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-05-03 17355912]
"ESL Wire"="c:\program files\EslWire\wire.exe" [2012-07-03 3890176]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-06-29 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorSysTray.exe" [2011-06-03 979360]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-02-17 296056]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2012-1-16 12862]
Mise à jour des licences ESET.lnk - c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/07/30 04:09;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 257224]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [2012-01-24 25528]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 161280]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 128000]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-05-15 249152]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-06-02 64128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [2012-07-03 147472]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe [2011-05-10 338208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 WireHelpSvc;WireHelpSvc;c:\program files\Common Files\WireHelpSvc.exe [2012-07-03 168864]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-01-27 125416]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
Contenu du dossier 'Tâches planifiées'
.
2012-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:30]
.
2012-06-27 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-05-07 15:48]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-263561614-1276740493-1168064910-1001Core.job
- c:\users\Hugo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-26 14:09]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-263561614-1276740493-1168064910-1001UA.job
- c:\users\Hugo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-26 14:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-12 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-12 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-12 416024]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2011-01-24 148280]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=;ftp=;https=;
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Hugo\AppData\Roaming\Mozilla\Firefox\Profiles\u946d8ra.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
Toolbar-Locked - (no file)
Toolbar-{6596e107-8944-4a8c-8045-62fda3697008} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-MiNODLogin - c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-07-09 23:04:00
ComboFix-quarantined-files.txt 2012-07-09 21:04
.
Avant-CF: 167 232 913 408 octets libres
Après-CF: 167 208 611 840 octets libres
.
- - End Of File - - 5BC41E39A0A234E00B40BC5C7F033E58
ComboFix 12-07-08.02 - Hugo 09/07/2012 22:55:26.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8102.5289 [GMT 2:00]
Lancé depuis: c:\users\Hugo\Desktop\Mouahahaha.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.jar
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\program files (x86)\Your Product\lua5.1.dll
c:\program files (x86)\Your Product\Uninstall
c:\program files (x86)\Your Product\Uninstall\IRIMG1.JPG
c:\program files (x86)\Your Product\Uninstall\IRIMG2.JPG
c:\program files (x86)\Your Product\Uninstall\uninstall.dat
c:\program files (x86)\Your Product\Uninstall\uninstall.xml
c:\programdata\FullRemove.exe
c:\users\Hugo\AppData\Roaming\chrtmp
c:\users\Hugo\AppData\Roaming\Hugolog.dat
c:\users\Hugo\AppData\Roaming\system\Server.exe
c:\users\Hugo\AppData\Roaming\Windows
c:\users\Hugo\AppData\Roaming\Windows\vbc.exe
c:\windows\SysWow64\lua5.1.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\SETB4FF.tmp
c:\windows\SysWow64\SETBBDA.tmp
c:\windows\SysWow64\SETBE8D.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-06-09 au 2012-07-09 ))))))))))))))))))))))))))))))))))))
.
.
2012-07-09 21:01 . 2012-07-09 21:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-09 21:01 . 2012-07-09 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-09 20:32 . 2012-07-09 20:32 -------- d-----w- c:\users\Hugo\AppData\Local\Macromedia
2012-07-09 18:34 . 2012-07-09 18:34 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F08D6E9-3E37-4B5E-8F34-D365ECAEFE4A}\offreg.dll
2012-07-09 12:22 . 2012-07-09 12:22 -------- d-----w- c:\users\Hugo\AppData\Roaming\.minecraft
2012-07-06 07:13 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F08D6E9-3E37-4B5E-8F34-D365ECAEFE4A}\mpengine.dll
2012-07-03 14:01 . 2012-07-03 14:01 -------- d-----w- c:\users\Hugo\AppData\Local\Realmware
2012-07-01 11:23 . 2012-03-06 15:19 3953632 ----a-w- c:\windows\SysWow64\GameMon.des
2012-07-01 11:22 . 2012-02-02 22:50 4774 ----a-w- c:\windows\SysWow64\npptNT2.sys
2012-07-01 11:22 . 2012-02-02 22:50 5265 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2012-07-01 11:22 . 2012-07-01 11:22 -------- d-----w- c:\program files\Common Files\INCA Shared
2012-06-29 19:04 . 2012-07-09 11:17 -------- d-----w- c:\program files (x86)\Steam
2012-06-29 18:55 . 2012-06-29 18:55 1474628 ----a-w- c:\windows\SysWow64\steamui.dll
2012-06-25 17:39 . 2012-07-03 14:41 168864 ----a-w- c:\program files\Common Files\WireHelpSvc.exe
2012-06-25 17:39 . 2012-06-25 17:39 -------- d-----w- c:\programdata\ESL Wire
2012-06-22 12:22 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 12:22 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 12:22 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 12:22 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 12:22 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 12:22 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 12:22 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 12:22 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 12:22 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 11:47 . 2012-06-17 11:47 -------- d-----w- c:\program files (x86)\Oracle
2012-06-14 15:40 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 15:40 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 15:40 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-09 18:41 . 2012-05-21 16:23 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-09 18:41 . 2011-10-29 14:19 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-09 18:41 . 2011-10-29 12:06 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-09 18:15 . 2012-05-26 16:22 955840 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-09 18:15 . 2012-05-26 16:22 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-09 11:14 . 2011-08-31 17:04 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-07-03 14:41 . 2012-05-06 16:21 147472 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2012-06-30 16:30 . 2012-04-01 19:08 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-30 16:30 . 2011-11-15 17:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 06:11 . 2012-05-21 16:23 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-02 17:49 . 2012-06-02 17:49 3461120 ----a-w- c:\windows\SysWow64\steam.dll
2012-05-31 10:25 . 2012-01-24 17:05 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-21 16:17 . 2012-05-21 16:23 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-05-15 10:48 . 2012-03-27 18:30 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2012-03-27 18:30 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2012-03-27 18:30 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2011-11-08 18:20 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2011-11-08 18:20 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-05-15 10:48 . 2011-11-08 18:20 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2011-07-30 10:48 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2011-07-30 10:48 818496 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-05-15 10:48 . 2011-07-30 10:48 246592 ----a-w- c:\windows\system32\nvinitx.dll
2012-05-15 10:48 . 2011-07-30 10:48 202048 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-05-15 10:48 . 2011-07-30 10:48 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2011-07-30 10:48 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-05-15 09:29 . 2011-05-27 16:38 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-05-27 16:38 858944 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-05-15 09:29 . 2011-05-27 16:38 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-05-27 16:38 55616 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-05-15 09:29 . 2011-05-27 16:38 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-05-27 16:38 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-05-27 16:38 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-05-15 09:29 . 2011-05-27 16:38 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-05-27 16:38 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-05-07 11:29 . 2012-05-07 11:29 719832 ----a-w- c:\windows\SysWow64\mozcrt19.dll
2012-05-07 11:15 . 2012-05-07 11:15 801752 ----a-w- c:\windows\SysWow64\mozsqlite3.dll
2012-05-07 11:02 . 2012-05-07 11:02 43960 ----a-w- c:\windows\SysWow64\mozglue.dll
2012-05-05 17:43 . 2012-04-02 16:43 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 17:29 . 2012-05-26 13:46 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-04 17:29 . 2011-09-17 08:48 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\NewShortcut20_806BB6F0A56345D28AB47A9E3FB4BDA5.exe
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\NewShortcut18_C59D52EB374A4A20BBE596AA8AFFFDB1.exe
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\NewShortcut16_3E2E97E7BD954F6297C2CA9F6DA81222.exe
2012-04-27 21:08 . 2011-08-31 19:21 136568 ----a-r- c:\users\Hugo\AppData\Roaming\Microsoft\Installer\{C05905B9-775A-4894-A4DF-B57C15250958}\ARPPRODUCTICON.exe
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-08-01 958352]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-08-01 3507088]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-01 20880]
"Akamai NetSession Interface"="c:\users\Hugo\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2012-07-04 3407536]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-05-03 17355912]
"ESL Wire"="c:\program files\EslWire\wire.exe" [2012-07-03 3890176]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-06-29 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorSysTray.exe" [2011-06-03 979360]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-02-17 296056]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2012-1-16 12862]
Mise à jour des licences ESET.lnk - c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/07/30 04:09;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 257224]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [2012-01-24 25528]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-11-25 311928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 161280]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 128000]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-05-15 249152]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-06-02 64128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [2012-07-03 147472]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe [2011-05-10 338208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 WireHelpSvc;WireHelpSvc;c:\program files\Common Files\WireHelpSvc.exe [2012-07-03 168864]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-01-27 125416]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
Contenu du dossier 'Tâches planifiées'
.
2012-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:30]
.
2012-06-27 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2012-05-07 15:48]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-263561614-1276740493-1168064910-1001Core.job
- c:\users\Hugo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-26 14:09]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-263561614-1276740493-1168064910-1001UA.job
- c:\users\Hugo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-26 14:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-12 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-12 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-12 416024]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2011-01-24 148280]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=;ftp=;https=;
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Hugo\AppData\Roaming\Mozilla\Firefox\Profiles\u946d8ra.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
Toolbar-Locked - (no file)
Toolbar-{6596e107-8944-4a8c-8045-62fda3697008} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-MiNODLogin - c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-07-09 23:04:00
ComboFix-quarantined-files.txt 2012-07-09 21:04
.
Avant-CF: 167 232 913 408 octets libres
Après-CF: 167 208 611 840 octets libres
.
- - End Of File - - 5BC41E39A0A234E00B40BC5C7F033E58
