Sujet Précédent Sujet Suivant

Mon pc fonctionne au ralentit !

Fermé
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012 - 8 août 2012 à 03:44
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 20 août 2012 à 18:45
Bonjour,

Je sollicite votre aide pour me dire les actions à suivre car mon pc rame au démarrage et quand je me connecte sur internet. C un ordinateur qui a 6-7ans, il est sous vista. Je viens de changer d'antivirus, je suis passé d'avast à antivir mais il rame toujours. Je vous poste le rapport d'hijackthis que je viens de faire, merci d'avance.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:34:20, on 08/08/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19272)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [rslnyl] c:\users\françois\appdata\local\microsoft\rslnyl.exe rslnyl
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1105662260-2671531112-2980138692-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: MyPok - {1C94AB6B-3DAF-43DA-8564-3ECE51D5EBF1} - C:\Microgaming\Poker\mypokfr\MPPoker.exe (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
A voir également:

24 réponses

  • 1
  • 2
Réponse 1 / 24
SWAGMAN Messages postés 9 Date d'inscription dimanche 5 août 2012 Statut Membre Dernière intervention 16 juin 2013
8 août 2012 à 04:00
SA ne sert a rien de poster le rapport..., si ton pc beug, essaye de telecharger des logiciel qui corrige les érreur, PERSO j'utilise TuneUpUtilities. (Avast n'est pas le meilleur antivirus.., je te conseille Panda antivirus.
0
Réponse 2 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
8 août 2012 à 08:52
Bonjour,
* Télécharge sur le bureau RogueKiller (par tigzy)
https://www.luanagames.com/index.fr.html
* ( Sous Vista/Seven,clique droit, lancer en tant qu'administrateur )
* Quitte tous tes programmes en cours
* Lance RogueKiller.exe
Si l'infection bloque le programme, il faut le relancer plusieurs fois ou le renommer en winlogon.exe
* Laisse le prescan se terminer, clique sur Scan
* Clique sur Rapport pour l'ouvrir puis copie/colle le sur le dans ton prochain message
0
Réponse 3 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
8 août 2012 à 22:14
Salut, merci pour ton aide.

Voici le rapport:

RogueKiller V7.6.5 [03/08/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: François [Droits d'admin]
Mode: Recherche -- Date: 08/08/2012 22:07:11

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 6 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : rslnyl (c:\users\françois\appdata\local\microsoft\rslnyl.exe rslnyl) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-1105662260-2671531112-2980138692-1000[...]\Run : rslnyl (c:\users\françois\appdata\local\microsoft\rslnyl.exe rslnyl) -> FOUND
[SUSP PATH] BFGLaunch_agathachristiedeath_s5_l4_gF1551T1L4_d176983289[1].job @ : C:\Users\FRANOI~1\AppData\Local\Temp\agathachristiedeath_s5_l4_gF1551T1L4_d176983289[1].exe -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[FILEASSO] HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command : (C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe) -> FOUND

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤
SSDT[75] : NtCreateSection @ 0x82C48DE5 -> HOOKED (Unknown @ 0x88EBCE66)
SSDT[276] : NtRequestWaitReplyPort @ 0x82C5AF90 -> HOOKED (Unknown @ 0x88EBCE70)
SSDT[289] : NtSetContextThread @ 0x82CAA06F -> HOOKED (Unknown @ 0x88EBCE6B)
SSDT[314] : NtSetSecurityObject @ 0x82BD7038 -> HOOKED (Unknown @ 0x88EBCE75)
SSDT[332] : NtSystemDebugControl @ 0x82C0FEC1 -> HOOKED (Unknown @ 0x88EBCE7A)
SSDT[334] : NtTerminateProcess @ 0x82C08143 -> HOOKED (Unknown @ 0x88EBCE07)
S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x88EBCE8E)
S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x88EBCE93)

¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: WDC WD16 00JS-22NCB1 SCSI Disk Device +++++
--- User ---
[MBR] ef2cf03f6ec0e3083ba167bca37d7f4a
[BSP] 562ddeb6bf495b718b05d7ccdb080671 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 6997 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 14329980 | Size: 72990 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 163814805 | Size: 72637 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[1].txt >>
RKreport[1].txt
0
Réponse 4 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
9 août 2012 à 00:08
Salut,
1/
Relance RogueKiller puis choisis "suppression" et poste le rapport stp
<<<<<<<< AIDE ICI >>>>>>>>

2/
/!\ ATTENTION : cette analyse peut durer quelques heures /!\

* Télécharge MBAM et installe le selon l'emplacement par défaut
https://www.malwarebytes.com/mwb-download/
* Installe-le puis configure-le comme indiqué : <<< ICI >>>
* si tu n'as rien modifié fais directement quitter sinon enregistrer
* Lance Malwarebytes' Anti-Malware

=================================
Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

==> Ce logiciel gratuit est à garder.

=================================

* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

* Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"

* Copie/colle le rapport dans le prochain message


Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
9 août 2012 à 22:55
RogueKiller V7.6.5 [03/08/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: François [Droits d'admin]
Mode: Recherche -- Date: 09/08/2012 01:55:12

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤
SSDT[75] : NtCreateSection @ 0x82C48DE5 -> HOOKED (Unknown @ 0x88EBCE66)
SSDT[276] : NtRequestWaitReplyPort @ 0x82C5AF90 -> HOOKED (Unknown @ 0x88EBCE70)
SSDT[289] : NtSetContextThread @ 0x82CAA06F -> HOOKED (Unknown @ 0x88EBCE6B)
SSDT[314] : NtSetSecurityObject @ 0x82BD7038 -> HOOKED (Unknown @ 0x88EBCE75)
SSDT[332] : NtSystemDebugControl @ 0x82C0FEC1 -> HOOKED (Unknown @ 0x88EBCE7A)
SSDT[334] : NtTerminateProcess @ 0x82C08143 -> HOOKED (Unknown @ 0x88EBCE07)
S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x88EBCE8E)
S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x88EBCE93)

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: WDC WD16 00JS-22NCB1 SCSI Disk Device +++++
--- User ---
[MBR] ef2cf03f6ec0e3083ba167bca37d7f4a
[BSP] 562ddeb6bf495b718b05d7ccdb080671 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 6997 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 14329980 | Size: 72990 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 163814805 | Size: 72637 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[1].txt >>
RKreport[1].txt



Malwarebytes Anti-Malware (Essai) 1.62.0.1300
www.malwarebytes.org

Version de la base de données: v2012.08.08.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
François :: PC-DE-MOMO [administrateur]

Protection: Activé

09/08/2012 05:52:02
mbam-log-2012-08-09 (05-52-02).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 368057
Temps écoulé: 1 heure(s), 7 minute(s), 41 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 15
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Données: ;áÃzÊ;XA³0öm»Áµ -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Données: VShareTB -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Données: -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Données: -> Mis en quarantaine et supprimé avec succès.

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 1
C:\Program Files\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.

(fin)

Le pc est un peu plus rapide par intermitence, mais rame encore!
0
Réponse 6 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
9 août 2012 à 23:47
Re,
On n'a pas encore terminé! :-)
==================
* Télécharge puis enregistre sur le bureau de ton PC ZHPDiag
(de Nicolas Coolman) à partir : ce lien
* Lance-le, (Clic droit "exécuter en tant qu'administrateur" si tu es sous Vista/7)
* Clique sur l'icône en forme de loupe pour lancer le diagnostique
* Héberge le rapport ZHPDiag.txt de ton bureau sur : malekal.com ou cjoint.com
* Fais copier/coller le lien fourni dans ta prochaine réponse
* Aide ZHPDiag : <<< ICI >>>
0
Réponse 7 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
10 août 2012 à 04:57
Re,

problème de lancement de ZHPDiag en mode normal et sans échec (message indiquant violation d'accès........), j'ai installer TDSSKiller (j'ai vu que c'est ce tu indiquais sur un autre post pour même type de problème, j'espère avoir bien fait), voilà ou j'en suis rendu, voici le rapport de TDSSKiller , à bientôt !

03:33:44.0115 2436 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
03:33:44.0393 2436 ============================================================
03:33:44.0393 2436 Current date / time: 2012/08/10 03:33:44.0393
03:33:44.0393 2436 SystemInfo:
03:33:44.0393 2436
03:33:44.0393 2436 OS Version: 6.0.6002 ServicePack: 2.0
03:33:44.0393 2436 Product type: Workstation
03:33:44.0393 2436 ComputerName: PC-DE-MOMO
03:33:44.0393 2436 UserName: François
03:33:44.0393 2436 Windows directory: C:\Windows
03:33:44.0393 2436 System windows directory: C:\Windows
03:33:44.0393 2436 Processor architecture: Intel x86
03:33:44.0393 2436 Number of processors: 1
03:33:44.0393 2436 Page size: 0x1000
03:33:44.0393 2436 Boot type: Normal boot
03:33:44.0393 2436 ============================================================
03:34:49.0380 2436 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
03:35:05.0727 2436 ============================================================
03:35:05.0727 2436 \Device\Harddisk0\DR0:
03:35:08.0781 2436 MBR partitions:
03:35:08.0781 2436 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0xDAA87C, BlocksNum 0x8E8F519
03:35:08.0781 2436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C39D95, BlocksNum 0x8DDED2C
03:35:08.0781 2436 ============================================================
03:35:35.0170 2436 C: <-> \Device\Harddisk0\DR0\Partition0
03:36:14.0209 2436 D: <-> \Device\Harddisk0\DR0\Partition1
03:36:14.0209 2436 ============================================================
03:36:14.0209 2436 Initialize success
03:36:14.0209 2436 ============================================================
03:37:38.0125 4600 ============================================================
03:37:38.0125 4600 Scan started
03:37:38.0125 4600 Mode: Manual;
03:37:38.0125 4600 ============================================================
03:38:02.0118 4600 AcerMemUsageCheckService (23a1768e026a0fe499363e60151939b7) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
03:38:02.0185 4600 AcerMemUsageCheckService - ok
03:38:02.0340 4600 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
03:38:02.0383 4600 ACPI - ok
03:38:02.0433 4600 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
03:38:02.0568 4600 adp94xx - ok
03:38:02.0647 4600 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
03:38:03.0990 4600 adpahci - ok
03:38:04.0020 4600 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
03:38:04.0148 4600 adpu160m - ok
03:38:06.0495 4600 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
03:38:06.0694 4600 adpu320 - ok
03:38:07.0502 4600 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
03:38:07.0504 4600 AeLookupSvc - ok
03:38:14.0468 4600 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
03:38:14.0594 4600 AFD - ok
03:38:14.0722 4600 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
03:38:15.0355 4600 agp440 - ok
03:38:15.0528 4600 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
03:38:15.0626 4600 aic78xx - ok
03:38:16.0434 4600 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
03:38:16.0453 4600 ALG - ok
03:38:18.0277 4600 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
03:38:20.0129 4600 aliide - ok
03:38:21.0118 4600 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
03:38:22.0024 4600 amdagp - ok
03:38:23.0168 4600 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
03:38:24.0087 4600 amdide - ok
03:38:25.0803 4600 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
03:38:27.0053 4600 AmdK7 - ok
03:38:27.0977 4600 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
03:38:28.0518 4600 AmdK8 - ok
03:38:32.0905 4600 AntiVirSchedulerService (27c9a4e1ef31c7a64de8fbc0aa568503) C:\Program Files\Avira\AntiVir Desktop\sched.exe
03:38:32.0967 4600 AntiVirSchedulerService - ok
03:38:33.0189 4600 AntiVirService (e491888d529410d7bd8fbbad825795c8) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
03:38:33.0265 4600 AntiVirService - ok
03:38:33.0462 4600 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
03:38:33.0487 4600 Appinfo - ok
03:38:33.0663 4600 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
03:38:33.0777 4600 arc - ok
03:38:33.0879 4600 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
03:38:33.0903 4600 arcsas - ok
03:38:33.0968 4600 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
03:38:33.0970 4600 AsyncMac - ok
03:38:34.0037 4600 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
03:38:34.0287 4600 atapi - ok
03:38:34.0475 4600 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
03:38:34.0551 4600 AudioEndpointBuilder - ok
03:38:34.0566 4600 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
03:38:34.0575 4600 Audiosrv - ok
03:38:34.0784 4600 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
03:38:34.0874 4600 avgntflt - ok
03:38:36.0735 4600 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
03:38:37.0197 4600 avipbb - ok
03:38:37.0377 4600 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
03:38:38.0518 4600 avkmgr - ok
03:38:39.0819 4600 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
03:38:40.0074 4600 Beep - ok
03:38:42.0503 4600 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
03:38:42.0520 4600 BFE - ok
03:38:42.0612 4600 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
03:38:42.0658 4600 BITS - ok
03:38:42.0671 4600 blbdrive - ok
03:38:42.0894 4600 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
03:38:42.0937 4600 Bonjour Service - ok
03:38:42.0991 4600 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
03:38:43.0711 4600 bowser - ok
03:38:43.0843 4600 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
03:38:43.0889 4600 BrFiltLo - ok
03:38:43.0927 4600 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
03:38:43.0943 4600 BrFiltUp - ok
03:38:43.0969 4600 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
03:38:43.0973 4600 Browser - ok
03:38:44.0012 4600 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
03:38:44.0052 4600 Brserid - ok
03:38:44.0095 4600 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
03:38:44.0143 4600 BrSerWdm - ok
03:38:44.0632 4600 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
03:38:44.0681 4600 BrUsbMdm - ok
03:38:44.0716 4600 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
03:38:44.0736 4600 BrUsbSer - ok
03:38:44.0778 4600 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
03:38:44.0811 4600 BTHMODEM - ok
03:38:44.0854 4600 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
03:38:44.0856 4600 cdfs - ok
03:38:44.0912 4600 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
03:38:44.0914 4600 cdrom - ok
03:38:44.0965 4600 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
03:38:44.0966 4600 CertPropSvc - ok
03:38:45.0006 4600 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
03:38:45.0061 4600 circlass - ok
03:38:45.0337 4600 CLCapSvc (0e235b002f8fe58da92566ae53df6681) C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
03:38:45.0349 4600 CLCapSvc - ok
03:38:45.0448 4600 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
03:38:45.0560 4600 CLFS - ok
03:38:46.0119 4600 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:38:46.0180 4600 clr_optimization_v2.0.50727_32 - ok
03:38:46.0277 4600 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:38:46.0292 4600 clr_optimization_v4.0.30319_32 - ok
03:38:46.0331 4600 CLSched (cc8e19bf16b69dcf04f5b4c609aa7cd6) C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
03:38:46.0335 4600 CLSched - ok
03:38:46.0910 4600 CLTNetCnService - ok
03:38:46.0945 4600 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
03:38:46.0986 4600 cmdide - ok
03:38:48.0050 4600 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
03:38:48.0113 4600 Compbatt - ok
03:38:48.0125 4600 COMSysApp - ok
03:38:48.0172 4600 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
03:38:48.0204 4600 crcdisk - ok
03:38:48.0256 4600 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
03:38:48.0825 4600 Crusoe - ok
03:38:48.0895 4600 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
03:38:48.0901 4600 CryptSvc - ok
03:38:48.0955 4600 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
03:38:48.0990 4600 DcomLaunch - ok
03:38:49.0365 4600 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
03:38:49.0370 4600 DfsC - ok
03:38:49.0511 4600 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
03:38:50.0303 4600 DFSR - ok
03:38:53.0413 4600 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
03:38:53.0433 4600 Dhcp - ok
03:38:53.0493 4600 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
03:38:54.0031 4600 disk - ok
03:38:54.0083 4600 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
03:38:54.0090 4600 Dnscache - ok
03:38:54.0136 4600 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
03:38:55.0316 4600 dot3svc - ok
03:38:55.0833 4600 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
03:38:55.0854 4600 DPS - ok
03:38:55.0891 4600 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
03:38:55.0966 4600 drmkaud - ok
03:38:56.0521 4600 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
03:38:56.0686 4600 DXGKrnl - ok
03:38:56.0745 4600 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
03:38:56.0783 4600 E1G60 - ok
03:38:57.0276 4600 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
03:38:57.0280 4600 EapHost - ok
03:38:57.0347 4600 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
03:38:57.0895 4600 Ecache - ok
03:38:58.0506 4600 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
03:39:01.0429 4600 elxstor - ok
03:39:01.0512 4600 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
03:39:01.0547 4600 EMDMgmt - ok
03:39:01.0620 4600 eRecoveryService (f841f6ed752cc5f346039d5551931a7b) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
03:39:01.0621 4600 eRecoveryService - ok
03:39:01.0669 4600 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
03:39:01.0731 4600 EventSystem - ok
03:39:01.0780 4600 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
03:39:01.0813 4600 exfat - ok
03:39:01.0865 4600 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
03:39:01.0870 4600 fastfat - ok
03:39:01.0900 4600 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
03:39:01.0948 4600 fdc - ok
03:39:01.0975 4600 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
03:39:02.0002 4600 fdPHost - ok
03:39:02.0036 4600 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
03:39:02.0039 4600 FDResPub - ok
03:39:02.0067 4600 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
03:39:02.0620 4600 FileInfo - ok
03:39:03.0096 4600 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
03:39:03.0127 4600 Filetrace - ok
03:39:03.0745 4600 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
03:39:03.0770 4600 flpydisk - ok
03:39:03.0822 4600 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
03:39:03.0828 4600 FltMgr - ok
03:39:03.0935 4600 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
03:39:03.0962 4600 FontCache - ok
03:39:04.0048 4600 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
03:39:04.0087 4600 FontCache3.0.0.0 - ok
03:39:04.0133 4600 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
03:39:04.0289 4600 fssfltr - ok
03:39:05.0025 4600 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
03:39:05.0156 4600 fsssvc - ok
03:39:05.0411 4600 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
03:39:05.0448 4600 Fs_Rec - ok
03:39:05.0503 4600 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
03:39:06.0008 4600 gagp30kx - ok
03:39:06.0100 4600 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:39:06.0136 4600 GEARAspiWDM - ok
03:39:06.0832 4600 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
03:39:06.0855 4600 gpsvc - ok
03:39:06.0967 4600 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
03:39:06.0988 4600 gupdate - ok
03:39:07.0005 4600 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
03:39:07.0007 4600 gupdatem - ok
03:39:07.0062 4600 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
03:39:07.0136 4600 HdAudAddService - ok
03:39:07.0393 4600 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
03:39:07.0411 4600 HDAudBus - ok
03:39:07.0896 4600 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
03:39:07.0924 4600 HidBth - ok
03:39:08.0042 4600 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
03:39:08.0069 4600 HidIr - ok
03:39:08.0110 4600 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
03:39:08.0114 4600 hidserv - ok
03:39:08.0139 4600 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
03:39:08.0186 4600 HidUsb - ok
03:39:08.0787 4600 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
03:39:08.0790 4600 hkmsvc - ok
03:39:08.0808 4600 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
03:39:08.0828 4600 HpCISSs - ok
03:39:09.0068 4600 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
03:39:09.0136 4600 HTTP - ok
03:39:09.0192 4600 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
03:39:09.0214 4600 i2omp - ok
03:39:09.0263 4600 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
03:39:09.0265 4600 i8042prt - ok
03:39:09.0548 4600 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
03:39:09.0592 4600 iaStorV - ok
03:39:10.0257 4600 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:39:10.0470 4600 idsvc - ok
03:39:10.0916 4600 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
03:39:10.0948 4600 iirsp - ok
03:39:11.0010 4600 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
03:39:11.0034 4600 IKEEXT - ok
03:39:11.0575 4600 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
03:39:11.0660 4600 int15 - ok
03:39:11.0787 4600 IntcAzAudAddService (a47b2875680ad67b35c6150bd0203056) C:\Windows\system32\drivers\RTKVHDA.sys
03:39:11.0928 4600 IntcAzAudAddService - ok
03:39:12.0052 4600 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
03:39:12.0091 4600 intelide - ok
03:39:12.0639 4600 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
03:39:12.0682 4600 intelppm - ok
03:39:12.0731 4600 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
03:39:12.0755 4600 IPBusEnum - ok
03:39:12.0774 4600 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:39:12.0797 4600 IpFilterDriver - ok
03:39:12.0834 4600 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
03:39:12.0881 4600 iphlpsvc - ok
03:39:12.0887 4600 IpInIp - ok
03:39:12.0908 4600 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
03:39:12.0945 4600 IPMIDRV - ok
03:39:12.0988 4600 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
03:39:12.0995 4600 IPNAT - ok
03:39:13.0091 4600 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
03:39:13.0110 4600 iPod Service - ok
03:39:13.0134 4600 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
03:39:13.0157 4600 IRENUM - ok
03:39:13.0187 4600 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
03:39:13.0213 4600 isapnp - ok
03:39:13.0252 4600 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
03:39:13.0300 4600 iScsiPrt - ok
03:39:13.0316 4600 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
03:39:13.0339 4600 iteatapi - ok
03:39:13.0802 4600 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
03:39:13.0828 4600 iteraid - ok
03:39:13.0863 4600 ivnmae - ok
03:39:13.0897 4600 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
03:39:13.0927 4600 kbdclass - ok
03:39:13.0978 4600 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
03:39:14.0009 4600 kbdhid - ok
03:39:14.0066 4600 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
03:39:14.0069 4600 KeyIso - ok
03:39:14.0174 4600 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
03:39:14.0276 4600 KSecDD - ok
03:39:14.0328 4600 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
03:39:14.0377 4600 KtmRm - ok
03:39:14.0427 4600 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
03:39:14.0442 4600 LanmanServer - ok
03:39:14.0490 4600 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
03:39:14.0504 4600 LanmanWorkstation - ok
03:39:14.0611 4600 LightScribeService (6e5dac168d1ff9843e84a59d51d31107) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
03:39:14.0613 4600 LightScribeService - ok
03:39:14.0816 4600 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
03:39:15.0062 4600 LiveUpdate - ok
03:39:15.0687 4600 LiveUpdate Notice Service (c837d17de0b349539aa527ee750ebe2a) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
03:39:15.0738 4600 LiveUpdate Notice Service - ok
03:39:16.0199 4600 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
03:39:16.0232 4600 lltdio - ok
03:39:16.0269 4600 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
03:39:16.0340 4600 lltdsvc - ok
03:39:16.0402 4600 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
03:39:16.0406 4600 lmhosts - ok
03:39:16.0953 4600 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
03:39:16.0980 4600 LSI_FC - ok
03:39:17.0012 4600 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
03:39:17.0053 4600 LSI_SAS - ok
03:39:17.0491 4600 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
03:39:17.0627 4600 LSI_SCSI - ok
03:39:17.0660 4600 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
03:39:18.0887 4600 luafv - ok
03:39:18.0928 4600 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
03:39:19.0431 4600 MBAMProtector - ok
03:39:19.0521 4600 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
03:39:19.0583 4600 MBAMService - ok
03:39:19.0624 4600 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
03:39:19.0672 4600 megasas - ok
03:39:20.0242 4600 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
03:39:20.0249 4600 MMCSS - ok
03:39:20.0277 4600 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
03:39:20.0317 4600 Modem - ok
03:39:20.0818 4600 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
03:39:20.0823 4600 monitor - ok
03:39:20.0855 4600 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
03:39:20.0899 4600 mouclass - ok
03:39:21.0385 4600 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
03:39:21.0472 4600 mouhid - ok
03:39:21.0955 4600 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
03:39:22.0020 4600 MountMgr - ok
03:39:22.0082 4600 MozillaMaintenance (5bafd39abd0ef8c2430e49da3b69087d) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
03:39:22.0564 4600 MozillaMaintenance - ok
03:39:22.0613 4600 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
03:39:22.0650 4600 mpio - ok
03:39:22.0685 4600 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
03:39:22.0749 4600 mpsdrv - ok
03:39:23.0214 4600 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
03:39:23.0237 4600 MpsSvc - ok
03:39:23.0707 4600 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
03:39:23.0754 4600 Mraid35x - ok
03:39:23.0798 4600 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
03:39:23.0872 4600 MRxDAV - ok
03:39:23.0913 4600 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
03:39:23.0959 4600 mrxsmb - ok
03:39:24.0463 4600 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:39:24.0551 4600 mrxsmb10 - ok
03:39:24.0570 4600 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:39:25.0005 4600 mrxsmb20 - ok
03:39:25.0029 4600 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
03:39:25.0126 4600 msahci - ok
03:39:25.0156 4600 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
03:39:25.0225 4600 msdsm - ok
03:39:25.0256 4600 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
03:39:25.0355 4600 MSDTC - ok
03:39:25.0470 4600 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
03:39:25.0499 4600 Msfs - ok
03:39:25.0614 4600 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
03:39:25.0689 4600 msisadrv - ok
03:39:26.0156 4600 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
03:39:26.0256 4600 MSiSCSI - ok
03:39:26.0268 4600 msiserver - ok
03:39:26.0723 4600 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
03:39:26.0746 4600 MSKSSRV - ok
03:39:27.0332 4600 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
03:39:27.0351 4600 MSPCLOCK - ok
03:39:27.0385 4600 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
03:39:27.0403 4600 MSPQM - ok
03:39:27.0789 4600 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
03:39:27.0851 4600 MsRPC - ok
03:39:28.0397 4600 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
03:39:28.0400 4600 mssmbios - ok
03:39:28.0944 4600 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
03:39:28.0974 4600 MSTEE - ok
03:39:29.0023 4600 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
03:39:29.0063 4600 Mup - ok
03:39:29.0155 4600 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
03:39:29.0172 4600 napagent - ok
03:39:29.0296 4600 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
03:39:29.0346 4600 NativeWifiP - ok
03:39:29.0837 4600 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
03:39:29.0867 4600 NDIS - ok
03:39:29.0906 4600 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
03:39:29.0939 4600 NdisTapi - ok
03:39:29.0972 4600 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
03:39:30.0004 4600 Ndisuio - ok
03:39:30.0047 4600 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
03:39:30.0073 4600 NdisWan - ok
03:39:30.0652 4600 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
03:39:30.0702 4600 NDProxy - ok
03:39:31.0228 4600 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
03:39:31.0276 4600 NetBIOS - ok
03:39:31.0336 4600 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
03:39:31.0342 4600 netbt - ok
03:39:31.0815 4600 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
03:39:31.0821 4600 Netlogon - ok
03:39:31.0956 4600 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
03:39:32.0007 4600 Netman - ok
03:39:32.0060 4600 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
03:39:32.0073 4600 netprofm - ok
03:39:32.0151 4600 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:39:32.0213 4600 NetTcpPortSharing - ok
03:39:32.0247 4600 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
03:39:32.0705 4600 nfrd960 - ok
03:39:32.0753 4600 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
03:39:32.0789 4600 NlaSvc - ok
03:39:32.0840 4600 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
03:39:33.0315 4600 Npfs - ok
03:39:33.0337 4600 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
03:39:33.0342 4600 nsi - ok
03:39:33.0387 4600 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
03:39:33.0861 4600 nsiproxy - ok
03:39:33.0986 4600 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
03:39:34.0018 4600 Ntfs - ok
03:39:34.0038 4600 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
03:39:34.0070 4600 NTIDrvr - ok
03:39:34.0095 4600 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
03:39:34.0114 4600 ntrigdigi - ok
03:39:34.0811 4600 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
03:39:34.0856 4600 Null - ok
03:39:35.0245 4600 nvlddmkm (ff58c7a7da6116c1f71e883cb088d598) C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:39:36.0048 4600 nvlddmkm - ok
03:39:36.0552 4600 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
03:39:36.0697 4600 nvraid - ok
03:39:36.0723 4600 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\DRIVERS\nvstor.sys
03:39:36.0788 4600 nvstor - ok
03:39:36.0826 4600 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\drivers\nvstor32.sys
03:39:36.0827 4600 nvstor32 - ok
03:39:36.0871 4600 nvsvc (56407b8616e4206ee02892a2ac712ef3) C:\Windows\system32\nvvsvc.exe
03:39:36.0878 4600 nvsvc - ok
03:39:37.0336 4600 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
03:39:37.0396 4600 nv_agp - ok
03:39:37.0403 4600 NwlnkFlt - ok
03:39:37.0415 4600 NwlnkFwd - ok
03:39:37.0445 4600 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
03:39:37.0447 4600 ohci1394 - ok
03:39:37.0544 4600 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:39:37.0693 4600 ose - ok
03:39:38.0192 4600 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
03:39:38.0592 4600 p2pimsvc - ok
03:39:38.0631 4600 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
03:39:38.0640 4600 p2psvc - ok
03:39:39.0082 4600 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
03:39:39.0084 4600 Parport - ok
03:39:39.0116 4600 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
03:39:39.0240 4600 partmgr - ok
03:39:39.0257 4600 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
03:39:39.0389 4600 Parvdm - ok
03:39:39.0412 4600 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
03:39:39.0415 4600 PcaSvc - ok
03:39:40.0991 4600 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
03:39:41.0061 4600 pci - ok
03:39:41.0107 4600 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
03:39:41.0134 4600 pciide - ok
03:39:41.0188 4600 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
03:39:41.0300 4600 pcmcia - ok
03:39:41.0368 4600 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
03:39:41.0521 4600 PEAUTH - ok
03:39:42.0736 4600 pgsql-8.3 (adb28aa98d876afc1cd693570032fe81) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
03:39:42.0742 4600 pgsql-8.3 - ok
03:39:42.0913 4600 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
03:39:42.0984 4600 pla - ok
03:39:43.0441 4600 Planificateur LiveUpdate automatique (b5d974c1fd078a68c7536c561b031d39) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
03:39:43.0592 4600 Planificateur LiveUpdate automatique - ok
03:39:44.0131 4600 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
03:39:44.0161 4600 PlugPlay - ok
03:39:44.0238 4600 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
03:39:44.0251 4600 PNRPAutoReg - ok
03:39:44.0274 4600 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
03:39:44.0287 4600 PNRPsvc - ok
03:39:44.0506 4600 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
03:39:44.0531 4600 PolicyAgent - ok
03:39:44.0787 4600 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
03:39:44.0848 4600 PptpMiniport - ok
03:39:44.0875 4600 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
03:39:44.0918 4600 Processor - ok
03:39:44.0985 4600 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
03:39:44.0998 4600 ProfSvc - ok
03:39:45.0042 4600 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
03:39:45.0046 4600 ProtectedStorage - ok
03:39:45.0679 4600 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
03:39:45.0688 4600 PSched - ok
03:39:45.0771 4600 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
03:39:45.0918 4600 ql2300 - ok
03:39:46.0426 4600 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
03:39:46.0501 4600 ql40xx - ok
03:39:46.0562 4600 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
03:39:46.0655 4600 QWAVE - ok
03:39:47.0084 4600 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
03:39:47.0152 4600 QWAVEdrv - ok
03:39:47.0186 4600 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
03:39:47.0208 4600 RasAcd - ok
03:39:47.0240 4600 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
03:39:47.0300 4600 RasAuto - ok
03:39:47.0342 4600 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
03:39:47.0344 4600 Rasl2tp - ok
03:39:47.0385 4600 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
03:39:47.0460 4600 RasMan - ok
03:39:47.0860 4600 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
03:39:47.0873 4600 RasPppoe - ok
03:39:47.0991 4600 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
03:39:48.0033 4600 RasSstp - ok
03:39:48.0085 4600 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
03:39:48.0158 4600 rdbss - ok
03:39:48.0184 4600 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
03:39:48.0209 4600 RDPCDD - ok
03:39:48.0254 4600 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
03:39:48.0308 4600 rdpdr - ok
03:39:48.0346 4600 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
03:39:48.0365 4600 RDPENCDD - ok
03:39:48.0407 4600 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
03:39:48.0457 4600 RDPWD - ok
03:39:48.0925 4600 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
03:39:48.0964 4600 RemoteAccess - ok
03:39:49.0004 4600 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
03:39:49.0076 4600 RemoteRegistry - ok
03:39:49.0144 4600 RichVideo (c1c132455200ad4704142442c89d0fa4) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
03:39:49.0152 4600 RichVideo - ok
03:39:49.0164 4600 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
03:39:49.0196 4600 RpcLocator - ok
03:39:49.0250 4600 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
03:39:49.0256 4600 RpcSs - ok
03:39:49.0276 4600 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
03:39:49.0286 4600 rspndr - ok
03:39:49.0315 4600 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
03:39:49.0317 4600 SamSs - ok
03:39:49.0347 4600 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
03:39:49.0368 4600 sbp2port - ok
03:39:49.0421 4600 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
03:39:49.0485 4600 SCardSvr - ok
03:39:49.0543 4600 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
03:39:50.0000 4600 Schedule - ok
03:39:50.0036 4600 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
03:39:50.0037 4600 SCPolicySvc - ok
03:39:50.0064 4600 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
03:39:50.0141 4600 SDRSVC - ok
03:39:50.0231 4600 SeaPort (271077b91d7ad1b616f8afdfe8e3f981) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
03:39:50.0242 4600 SeaPort - ok
03:39:50.0274 4600 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
03:39:50.0313 4600 secdrv - ok
03:39:50.0353 4600 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
03:39:50.0358 4600 seclogon - ok
03:39:50.0370 4600 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
03:39:50.0374 4600 SENS - ok
03:39:50.0408 4600 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
03:39:50.0431 4600 Serenum - ok
03:39:50.0488 4600 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
03:39:50.0538 4600 Serial - ok
03:39:50.0569 4600 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
03:39:50.0591 4600 sermouse - ok
03:39:51.0125 4600 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
03:39:51.0132 4600 SessionEnv - ok
03:39:51.0182 4600 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
03:39:51.0221 4600 sffdisk - ok
03:39:51.0255 4600 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
03:39:51.0279 4600 sffp_mmc - ok
03:39:51.0303 4600 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
03:39:51.0325 4600 sffp_sd - ok
03:39:51.0342 4600 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
03:39:51.0346 4600 sfloppy - ok
03:39:51.0383 4600 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
03:39:51.0425 4600 SharedAccess - ok
03:39:51.0471 4600 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
03:39:51.0486 4600 ShellHWDetection - ok
03:39:51.0508 4600 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
03:39:51.0543 4600 sisagp - ok
03:39:51.0561 4600 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
03:39:51.0589 4600 SiSRaid2 - ok
03:39:51.0617 4600 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
03:39:51.0648 4600 SiSRaid4 - ok
03:39:52.0404 4600 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
03:39:52.0494 4600 slsvc - ok
03:39:52.0605 4600 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
03:39:52.0638 4600 SLUINotify - ok
03:39:52.0701 4600 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
03:39:52.0703 4600 Smb - ok
03:39:52.0751 4600 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
03:39:52.0755 4600 SNMPTRAP - ok
03:39:52.0792 4600 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
03:39:52.0809 4600 spldr - ok
03:39:52.0836 4600 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
03:39:52.0884 4600 Spooler - ok
03:39:52.0927 4600 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
03:39:53.0015 4600 srv - ok
03:39:53.0061 4600 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
03:39:53.0104 4600 srv2 - ok
03:39:53.0646 4600 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
03:39:53.0686 4600 srvnet - ok
03:39:53.0722 4600 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
03:39:53.0748 4600 SSDPSRV - ok
03:39:53.0771 4600 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
03:39:53.0813 4600 ssmdrv - ok
03:39:53.0846 4600 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
03:39:53.0851 4600 SstpSvc - ok
03:39:53.0916 4600 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
03:39:53.0934 4600 stisvc - ok
03:39:53.0956 4600 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
03:39:53.0982 4600 swenum - ok
03:39:54.0543 4600 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
03:39:54.0592 4600 swprv - ok
03:39:54.0620 4600 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
03:39:54.0663 4600 Symc8xx - ok
03:39:54.0699 4600 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
03:39:54.0747 4600 Sym_hi - ok
03:39:55.0192 4600 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
03:39:55.0234 4600 Sym_u3 - ok
03:39:55.0295 4600 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
03:39:55.0326 4600 SysMain - ok
03:39:55.0363 4600 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
03:39:55.0377 4600 TabletInputService - ok
03:39:55.0419 4600 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
03:39:55.0479 4600 TapiSrv - ok
03:39:55.0697 4600 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
03:39:56.0171 4600 TBS - ok
03:39:56.0278 4600 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
03:39:56.0380 4600 Tcpip - ok
03:39:56.0411 4600 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
03:39:56.0425 4600 Tcpip6 - ok
03:39:56.0828 4600 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
03:39:56.0853 4600 tcpipreg - ok
03:39:57.0015 4600 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
03:39:57.0041 4600 TDPIPE - ok
03:39:57.0067 4600 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
03:39:57.0105 4600 TDTCP - ok
03:39:57.0139 4600 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
03:39:57.0146 4600 tdx - ok
03:39:57.0182 4600 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
03:39:57.0234 4600 TermDD - ok
03:39:57.0283 4600 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
03:39:57.0311 4600 TermService - ok
03:39:57.0363 4600 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
03:39:57.0367 4600 Themes - ok
03:39:57.0391 4600 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
03:39:57.0393 4600 THREADORDER - ok
03:39:57.0431 4600 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
03:39:57.0435 4600 TrkWks - ok
03:39:57.0475 4600 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
03:39:57.0493 4600 TrueSight - ok
03:39:57.0550 4600 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
03:39:57.0577 4600 TrustedInstaller - ok
03:39:57.0608 4600 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
03:39:57.0636 4600 tssecsrv - ok
03:39:57.0666 4600 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
03:39:57.0678 4600 tunmp - ok
03:39:57.0698 4600 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
03:39:57.0724 4600 tunnel - ok
03:39:57.0760 4600 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
03:39:57.0791 4600 uagp35 - ok
03:39:58.0238 4600 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\Windows\system32\drivers\UBHelper.sys
03:39:58.0276 4600 UBHelper - ok
03:39:58.0335 4600 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
03:39:58.0355 4600 udfs - ok
03:39:58.0593 4600 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
03:39:58.0790 4600 UI0Detect - ok
03:39:58.0826 4600 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
03:39:58.0904 4600 uliagpkx - ok
03:39:58.0937 4600 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
03:39:58.0982 4600 uliahci - ok
03:39:59.0011 4600 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
03:39:59.0036 4600 UlSata - ok
03:39:59.0067 4600 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
03:39:59.0117 4600 ulsata2 - ok
03:39:59.0135 4600 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
03:39:59.0157 4600 umbus - ok
03:39:59.0241 4600 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
03:39:59.0248 4600 upnphost - ok
03:39:59.0269 4600 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
03:39:59.0290 4600 usbccgp - ok
03:39:59.0312 4600 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
03:39:59.0342 4600 usbcir - ok
03:39:59.0384 4600 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
03:39:59.0413 4600 usbehci - ok
03:39:59.0445 4600 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
03:39:59.0491 4600 usbhub - ok
03:39:59.0545 4600 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
03:39:59.0567 4600 usbohci - ok
03:39:59.0601 4600 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
03:39:59.0622 4600 usbprint - ok
03:39:59.0657 4600 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:39:59.0684 4600 USBSTOR - ok
03:40:00.0126 4600 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
03:40:00.0141 4600 usbuhci - ok
03:40:00.0194 4600 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
03:40:00.0209 4600 UxSms - ok
03:40:00.0270 4600 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
03:40:00.0343 4600 vds - ok
03:40:00.0891 4600 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
03:40:00.0919 4600 vga - ok
03:40:00.0958 4600 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
03:40:00.0991 4600 VgaSave - ok
03:40:01.0025 4600 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
03:40:01.0069 4600 viaagp - ok
03:40:01.0094 4600 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
03:40:01.0143 4600 ViaC7 - ok
03:40:01.0171 4600 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
03:40:01.0222 4600 viaide - ok
03:40:01.0257 4600 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
03:40:01.0334 4600 volmgr - ok
03:40:01.0834 4600 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
03:40:01.0919 4600 volmgrx - ok
03:40:01.0960 4600 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
03:40:02.0012 4600 volsnap - ok
03:40:02.0046 4600 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
03:40:02.0096 4600 vsmraid - ok
03:40:02.0184 4600 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
03:40:02.0218 4600 VSS - ok
03:40:02.0266 4600 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
03:40:02.0328 4600 W32Time - ok
03:40:02.0365 4600 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
03:40:02.0389 4600 WacomPen - ok
03:40:02.0427 4600 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
03:40:02.0465 4600 Wanarp - ok
03:40:02.0471 4600 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
03:40:02.0472 4600 Wanarpv6 - ok
03:40:02.0967 4600 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
03:40:02.0994 4600 wcncsvc - ok
03:40:03.0020 4600 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
03:40:03.0051 4600 WcsPlugInService - ok
03:40:03.0076 4600 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
03:40:03.0110 4600 Wd - ok
03:40:03.0171 4600 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
03:40:03.0218 4600 Wdf01000 - ok
03:40:03.0244 4600 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
03:40:03.0253 4600 WdiServiceHost - ok
03:40:03.0261 4600 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
03:40:03.0265 4600 WdiSystemHost - ok
03:40:03.0297 4600 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
03:40:03.0311 4600 WebClient - ok
03:40:03.0349 4600 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
03:40:03.0397 4600 Wecsvc - ok
03:40:03.0432 4600 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
03:40:03.0458 4600 wercplsupport - ok
03:40:03.0495 4600 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
03:40:03.0502 4600 WerSvc - ok
03:40:03.0595 4600 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
03:40:03.0609 4600 WinDefend - ok
03:40:03.0621 4600 WinHttpAutoProxySvc - ok
03:40:04.0105 4600 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
03:40:04.0153 4600 Winmgmt - ok
03:40:04.0242 4600 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
03:40:04.0373 4600 WinRM - ok
03:40:04.0834 4600 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
03:40:05.0011 4600 Wlansvc - ok
03:40:05.0185 4600 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:40:05.0263 4600 wlidsvc - ok
03:40:05.0439 4600 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
03:40:05.0466 4600 WmiAcpi - ok
03:40:05.0540 4600 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
03:40:05.0607 4600 wmiApSrv - ok
03:40:06.0132 4600 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
03:40:06.0277 4600 WMPNetworkSvc - ok
03:40:06.0312 4600 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
03:40:06.0392 4600 WPCSvc - ok
03:40:06.0425 4600 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
03:40:06.0432 4600 WPDBusEnum - ok
03:40:06.0579 4600 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
03:40:06.0601 4600 WPFFontCache_v0400 - ok
03:40:06.0651 4600 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
03:40:06.0673 4600 ws2ifsl - ok
03:40:07.0108 4600 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
03:40:07.0124 4600 wscsvc - ok
03:40:07.0140 4600 WSearch - ok
03:40:07.0342 4600 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
03:40:07.0406 4600 wuauserv - ok
03:40:07.0519 4600 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
03:40:07.0528 4600 WUDFRd - ok
03:40:07.0562 4600 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
03:40:07.0577 4600 wudfsvc - ok
03:40:08.0046 4600 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
03:40:08.0091 4600 yukonwlh - ok
03:40:08.0121 4600 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
03:40:11.0472 4600 \Device\Harddisk0\DR0 - ok
03:40:11.0482 4600 Boot (0x1200) (eae51ea2375e509eab778ba89456bd18) \Device\Harddisk0\DR0\Partition0
03:40:11.0484 4600 \Device\Harddisk0\DR0\Partition0 - ok
03:40:11.0764 4600 Boot (0x1200) (e7dff7df4b5964e0150798dfbc761bce) \Device\Harddisk0\DR0\Partition1
03:40:11.0765 4600 \Device\Harddisk0\DR0\Partition1 - ok
03:40:11.0770 4600 ============================================================
03:40:11.0770 4600 Scan finished
03:40:11.0770 4600 ============================================================
03:40:11.0793 5616 Detected object count: 0
03:40:11.0793 5616 Actual detected object count: 0
03:42:07.0044 1036 ============================================================
03:42:07.0044 1036 Scan started
03:42:07.0044 1036 Mode: Manual;
03:42:07.0044 1036 ============================================================
03:42:12.0865 1036 AcerMemUsageCheckService (23a1768e026a0fe499363e60151939b7) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
03:42:12.0868 1036 AcerMemUsageCheckService - ok
03:42:12.0903 1036 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
03:42:12.0907 1036 ACPI - ok
03:42:12.0967 1036 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
03:42:12.0974 1036 adp94xx - ok
03:42:13.0021 1036 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
03:42:13.0026 1036 adpahci - ok
03:42:13.0069 1036 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
03:42:13.0071 1036 adpu160m - ok
03:42:13.0132 1036 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
03:42:13.0134 1036 adpu320 - ok
03:42:13.0169 1036 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
03:42:13.0170 1036 AeLookupSvc - ok
03:42:13.0229 1036 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
03:42:13.0236 1036 AFD - ok
03:42:13.0265 1036 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
03:42:13.0266 1036 agp440 - ok
03:42:13.0313 1036 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
03:42:13.0314 1036 aic78xx - ok
03:42:13.0340 1036 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
03:42:13.0341 1036 ALG - ok
03:42:13.0363 1036 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
03:42:13.0364 1036 aliide - ok
03:42:13.0395 1036 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
03:42:13.0396 1036 amdagp - ok
03:42:13.0416 1036 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
03:42:13.0417 1036 amdide - ok
03:42:13.0429 1036 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
03:42:13.0430 1036 AmdK7 - ok
03:42:13.0459 1036 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
03:42:13.0460 1036 AmdK8 - ok
03:42:13.0541 1036 AntiVirSchedulerService (27c9a4e1ef31c7a64de8fbc0aa568503) C:\Program Files\Avira\AntiVir Desktop\sched.exe
03:42:13.0542 1036 AntiVirSchedulerService - ok
03:42:13.0603 1036 AntiVirService (e491888d529410d7bd8fbbad825795c8) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
03:42:13.0605 1036 AntiVirService - ok
03:42:13.0809 1036 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
03:42:13.0810 1036 Appinfo - ok
03:42:13.0844 1036 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
03:42:13.0849 1036 arc - ok
03:42:13.0883 1036 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
03:42:13.0884 1036 arcsas - ok
03:42:13.0911 1036 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
03:42:13.0912 1036 AsyncMac - ok
03:42:13.0938 1036 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
03:42:13.0939 1036 atapi - ok
03:42:13.0971 1036 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
03:42:13.0975 1036 AudioEndpointBuilder - ok
03:42:13.0981 1036 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
03:42:13.0985 1036 Audiosrv - ok
03:42:14.0010 1036 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
03:42:14.0011 1036 avgntflt - ok
03:42:14.0047 1036 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
03:42:14.0048 1036 avipbb - ok
03:42:14.0070 1036 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
03:42:14.0071 1036 avkmgr - ok
03:42:14.0105 1036 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
03:42:14.0106 1036 Beep - ok
03:42:14.0148 1036 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
03:42:14.0155 1036 BFE - ok
03:42:14.0252 1036 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
03:42:14.0268 1
0
Réponse 8 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
10 août 2012 à 08:50
Bonjour,
Avant d'utiliser ComboFix :

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix

* Télécharge Defogger (de jpshortstuff) sur ton Bureau
* Lance le

* Une fenêtre apparait : clique sur "Disable"

* Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

===================================================

Attention, avant de commencer, lis attentivement la procédure

********************************************************

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEUREUX /!\

* Fais un clic droit sur ce lien, enregistre le dans ton bureau sous un autre nom exemple « ton pseudo.exe »
Voici Aide combofix

* /!\ Déconnecte-toi du net et ARRÊTE TES LOGICIELS DE PROTECTION /!\


*Double-clique sur ComboFix.exe (ou exécuter en tant qu'administrateur pour vista et seven)

Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

** SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

? Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

*En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

** /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

*Note : Le rapport se trouve également là : C:\ComboFix.txt
0
Réponse 9 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
11 août 2012 à 20:49
Bonsoir,

voici le rapport de combofix:

ComboFix 12-08-09.01 - François 11/08/2012 19:06:02.1.1 - x86
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.767.312 [GMT 2:00]
Lancé depuis: c:\users\Franþois\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Conditions générales.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Confidentialité.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.lnk
c:\programdata\Storm
c:\programdata\Storm\update\aac_ps.ax
c:\programdata\Storm\update\aasc32.dll
c:\programdata\Storm\Update\ac3filter.ax
c:\programdata\Storm\update\asusasv1.dll
c:\programdata\Storm\update\asusasv2.dll
c:\programdata\Storm\Update\atidvdv.ax
c:\programdata\Storm\update\ativcr2.dll
c:\programdata\Storm\Update\avidavicodec.dll
c:\programdata\Storm\Update\AviSplitter.ax
c:\programdata\Storm\update\binkw32.dll
c:\programdata\Storm\Update\cddareader.ax
c:\programdata\Storm\update\cdxareader.ax
c:\programdata\Storm\update\CLRVIDDC.DLL
c:\programdata\Storm\Update\clrviddd.dll
c:\programdata\Storm\Update\Codec\RadGtSplitter.ax
c:\programdata\Storm\Update\com.apple.QuickTime.plist
c:\programdata\Storm\update\CoreAVC.ax
c:\programdata\Storm\update\ctrl_ver.ini
c:\programdata\Storm\Update\DECVW_32.DLL
c:\programdata\Storm\update\DmoDec.dll
c:\programdata\Storm\update\dxr.dll
c:\programdata\Storm\update\ff_kerneldeint.dll
c:\programdata\Storm\Update\ff_liba52.dll
c:\programdata\Storm\update\ff_libdts.dll
c:\programdata\Storm\Update\ff_realaac.dll
c:\programdata\Storm\Update\ff_samplerate.dll
c:\programdata\Storm\Update\ff_tremor.dll
c:\programdata\Storm\Update\ff_vfw.dll
c:\programdata\Storm\update\ff_vfw.dll.manifest
c:\programdata\Storm\update\ffdshow.ax
c:\programdata\Storm\update\ffdshow.ax.manifest
c:\programdata\Storm\Update\FLAC.ax
c:\programdata\Storm\Update\FLVSplitter.ax
c:\programdata\Storm\Update\frapsvid.dll
c:\programdata\Storm\update\i263_32.drv
c:\programdata\Storm\Update\icmw_32.dll
c:\programdata\Storm\Update\keys.dat
c:\programdata\Storm\Update\l3codeca.acm
c:\programdata\Storm\Update\l3codecp.acm
c:\programdata\Storm\update\l3codecx.ax
c:\programdata\Storm\Update\languages\ffdshow.1033.en
c:\programdata\Storm\update\languages\ffdshow.2052.sc
c:\programdata\Storm\update\LCodcCMP.dll
c:\programdata\Storm\Update\libavcodec.dll
c:\programdata\Storm\Update\libmplayer.dll
c:\programdata\Storm\update\lsvxdec.dll
c:\programdata\Storm\update\MACDec.dll
c:\programdata\Storm\Update\MASource.ax
c:\programdata\Storm\Update\media.dll
c:\programdata\Storm\Update\mkunicode.dll
c:\programdata\Storm\Update\mkx.dll
c:\programdata\Storm\Update\mkzlib.dll
c:\programdata\Storm\update\mp4.dll
c:\programdata\Storm\Update\MP4Splitter.ax
c:\programdata\Storm\Update\MpaSplitter.ax
c:\programdata\Storm\update\MpegSplitter.ax
c:\programdata\Storm\Update\mpg2splt.ax
c:\programdata\Storm\update\msvcr71.dll
c:\programdata\Storm\update\MZP4_DEC.DLL
c:\programdata\Storm\update\ogm.dll
c:\programdata\Storm\update\Plugins\nppl3260.dll
c:\programdata\Storm\update\Plugins\nppl3260.xpt
c:\programdata\Storm\Update\Plugins\npqtplugin.dll
c:\programdata\Storm\Update\Plugins\nprpjplug.dll
c:\programdata\Storm\update\Plugins\nsIQTScriptablePlugin.xpt
c:\programdata\Storm\update\Plugins\nsJSRealPlayerPlugin.xpt
c:\programdata\Storm\update\Plugins\QuickTimePlugin.class
c:\programdata\Storm\update\PmpSplt.ax
c:\programdata\Storm\Update\pncrt.dll
c:\programdata\Storm\update\pndx5016.dll
c:\programdata\Storm\Update\pndx5032.dll
c:\programdata\Storm\update\qt.p2p
c:\programdata\Storm\Update\QTSystem\CFCharacterSetBitmaps.bitmap
c:\programdata\Storm\update\QTSystem\CoreVideo.qtx
c:\programdata\Storm\update\QTSystem\CoreVideo.Resources\CoreVideo.qtr
c:\programdata\Storm\update\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.qtr
c:\programdata\Storm\update\QTSystem\CoreVideo.Resources\zh_CN.lproj\CoreVideoLocalized.qtr
c:\programdata\Storm\update\QTSystem\QTCheck.ocx
c:\programdata\Storm\Update\QTSystem\QTPlugin.ocx
c:\programdata\Storm\Update\QTSystem\QuickTime.cpl
c:\programdata\Storm\Update\QTSystem\QuickTime.qts
c:\programdata\Storm\Update\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll
c:\programdata\Storm\update\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.qtr
c:\programdata\Storm\update\QTSystem\QuickTime.Resources\QuickTime.dll
c:\programdata\Storm\update\QTSystem\QuickTime.Resources\QuickTime.qtr
c:\programdata\Storm\Update\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.dll
c:\programdata\Storm\Update\QTSystem\QuickTime.Resources\zh_CN.lproj\QuickTimeLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTime3GPP.qtx
c:\programdata\Storm\update\QTSystem\QuickTime3GPP.Resources\en.lproj\QuickTime3GPPLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTime3GPP.Resources\QuickTime3GPP.qtr
c:\programdata\Storm\Update\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\QuickTime3GPPLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeAudioSupport.qtx
c:\programdata\Storm\update\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.dll
c:\programdata\Storm\Update\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeAudioSupport.Resources\QuickTimeAudioSupport.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.dll
c:\programdata\Storm\Update\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\QuickTimeAudioSupportLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeEssentials.qtx
c:\programdata\Storm\update\QTSystem\QuickTimeEssentials.Resources\en.lproj\QuickTimeEssentialsLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeEssentials.Resources\QuickTimeEssentials.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\QuickTimeEssentialsLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeH264.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeH264.Resources\en.lproj\QuickTimeH264Localized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeH264.Resources\QuickTimeH264.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\QuickTimeH264Localized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeInternetExtras.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\QuickTimeInternetExtrasLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeInternetExtras.Resources\QuickTimeInternetExtras.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\QuickTimeInternetExtrasLocalized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeMPEG4.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeMPEG4.Resources\en.lproj\QuickTimeMPEG4Localized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeMPEG4.Resources\QuickTimeMPEG4.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\QuickTimeMPEG4Localized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeStreaming.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.dll
c:\programdata\Storm\update\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeStreaming.Resources\QuickTimeStreaming.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.dll
c:\programdata\Storm\Update\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\QuickTimeStreamingLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeStreamingExtras.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\QuickTimeStreamingExtrasLocalized.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeStreamingExtras.Resources\QuickTimeStreamingExtras.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\QuickTimeStreamingExtrasLocalized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeVR.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeVR.Resources\en.lproj\QuickTimeVRLocalized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeVR.Resources\QuickTimeVR.qtr
c:\programdata\Storm\Update\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\QuickTimeVRLocalized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeWebHelper.qtx
c:\programdata\Storm\Update\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.dll
c:\programdata\Storm\update\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.dll
c:\programdata\Storm\Update\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.qtr
c:\programdata\Storm\update\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.dll
c:\programdata\Storm\update\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\QuickTimeWebHelperLocalized.qtr
c:\programdata\Storm\Update\QuickTime.qts
c:\programdata\Storm\update\QuickTimeVR.qtx
c:\programdata\Storm\update\Real\Codecs\14_43260.dll
c:\programdata\Storm\Update\Real\Codecs\28_83260.dll
c:\programdata\Storm\Update\Real\Codecs\atrc.dll
c:\programdata\Storm\update\Real\Codecs\cook.dll
c:\programdata\Storm\Update\Real\Codecs\ddnt3260.dll
c:\programdata\Storm\update\Real\Codecs\dnet3260.dll
c:\programdata\Storm\Update\Real\Codecs\drv1.dll
c:\programdata\Storm\update\Real\Codecs\drv2.dll
c:\programdata\Storm\Update\Real\Codecs\drvc.dll
c:\programdata\Storm\Update\Real\Codecs\hxltcolor.dll
c:\programdata\Storm\update\Real\Codecs\raac.dll
c:\programdata\Storm\update\Real\Codecs\ralf.dll
c:\programdata\Storm\Update\Real\Codecs\rv10.dll
c:\programdata\Storm\update\Real\Codecs\rv20.dll
c:\programdata\Storm\Update\Real\Codecs\rv30.dll
c:\programdata\Storm\Update\Real\Codecs\rv40.dll
c:\programdata\Storm\Update\Real\Codecs\sipr.dll
c:\programdata\Storm\Update\Real\Common\objb3201.dll
c:\programdata\Storm\Update\Real\Common\pnen3260.dll
c:\programdata\Storm\update\Real\Common\pngu3267.dll
c:\programdata\Storm\Update\Real\Common\pnrs3260.dll
c:\programdata\Storm\Update\Real\Common\rppr3260.dll
c:\programdata\Storm\update\Real\Plugins\audplin.dll
c:\programdata\Storm\update\Real\Plugins\authmgr.dll
c:\programdata\Storm\update\Real\Plugins\clbascauth.dll
c:\programdata\Storm\update\Real\Plugins\clntxres.dll
c:\programdata\Storm\Update\Real\Plugins\ExtResources\coreres.xrs
c:\programdata\Storm\Update\Real\Plugins\fpsechnd.dll
c:\programdata\Storm\update\Real\Plugins\httpfsys.dll
c:\programdata\Storm\update\Real\Plugins\hxsdp.dll
c:\programdata\Storm\update\Real\Plugins\hxxml.dll
c:\programdata\Storm\Update\Real\Plugins\imgrender.dll
c:\programdata\Storm\update\Real\Plugins\memfsys.dll
c:\programdata\Storm\update\Real\Plugins\mp3fformat.dll
c:\programdata\Storm\update\Real\Plugins\mp3render.dll
c:\programdata\Storm\update\Real\Plugins\mp4arender.dll
c:\programdata\Storm\Update\Real\Plugins\ntlmauth.dll
c:\programdata\Storm\update\Real\Plugins\oggfformat.dll
c:\programdata\Storm\update\Real\Plugins\pacplin.dll
c:\programdata\Storm\Update\Real\Plugins\plusplin.dll
c:\programdata\Storm\Update\Real\Plugins\pxcb3210.dll
c:\programdata\Storm\update\Real\Plugins\ramfformat.dll
c:\programdata\Storm\update\Real\Plugins\ramrender.dll
c:\programdata\Storm\update\Real\Plugins\rarender.dll
c:\programdata\Storm\Update\Real\Plugins\rmfformat.dll
c:\programdata\Storm\update\Real\Plugins\rmxfpln.dll
c:\programdata\Storm\Update\Real\Plugins\rmxrend.dll
c:\programdata\Storm\Update\Real\Plugins\rn5auth.dll
c:\programdata\Storm\Update\Real\Plugins\rtfformat.dll
c:\programdata\Storm\update\Real\Plugins\rtrender.dll
c:\programdata\Storm\update\Real\Plugins\rvrender.dll
c:\programdata\Storm\Update\Real\Plugins\sdpplin.dll
c:\programdata\Storm\update\Real\Plugins\security.dll
c:\programdata\Storm\update\Real\Plugins\smlfformat.dll
c:\programdata\Storm\update\Real\Plugins\smlrender.dll
c:\programdata\Storm\update\Real\Plugins\smmrender.dll
c:\programdata\Storm\update\Real\Plugins\smplfsys.dll
c:\programdata\Storm\update\Real\Plugins\stubdrm.dll
c:\programdata\Storm\update\Real\Plugins\tfilesys.dll
c:\programdata\Storm\update\Real\Plugins\vidplin.dll
c:\programdata\Storm\update\Real\Plugins\vidsite.dll
c:\programdata\Storm\update\Real\Plugins\vorbisrend.dll
c:\programdata\Storm\Update\Real\Plugins\vsrlocal.dll
c:\programdata\Storm\update\Real\rpplugins\cn\embed_cn.dll
c:\programdata\Storm\Update\Real\rpplugins\cn\rpclsvc_cn.dll
c:\programdata\Storm\Update\Real\rpplugins\embd3260.dll
c:\programdata\Storm\update\Real\rpplugins\rpcl3260.dll
c:\programdata\Storm\update\Real\rpplugins\rput3260.dll
c:\programdata\Storm\Update\RLMPCDec.ax
c:\programdata\Storm\Update\rmoc3260.dll
c:\programdata\Storm\Update\RMSplt.ax
c:\programdata\Storm\Update\scsource.ax
c:\programdata\Storm\update\SHNTrans.ax
c:\programdata\Storm\Update\smackw32.dll
c:\programdata\Storm\update\splitter.ax
c:\programdata\Storm\Update\storm.zip2.07.08.27
c:\programdata\Storm\Update\tomsmocomp_ff.dll
c:\programdata\Storm\Update\ts.dll
c:\programdata\Storm\update\tsccvid.dll
c:\programdata\Storm\update\TTASplt.ax
c:\programdata\Storm\Update\TTL2Dec.dll
c:\programdata\Storm\Update\v2k2_dec.dll
c:\programdata\Storm\Update\v2kdspde.dll
c:\programdata\Storm\update\VDODEC32.dll
c:\programdata\Storm\Update\vdowave.drv
c:\programdata\Storm\update\VgmAudio.ax
c:\programdata\Storm\update\vgmbgr.ax
c:\programdata\Storm\Update\VgmSplt.ax
c:\programdata\Storm\Update\vgmv2k2.ax
c:\programdata\Storm\Update\Vid1Dec.dll
c:\programdata\Storm\update\vmnc.dll
c:\programdata\Storm\update\vp6vfw.dll
c:\programdata\Storm\Update\vp7vfw.dll
c:\programdata\Storm\update\VSFilter.dll
c:\programdata\Storm\Update\xvid.ax
c:\programdata\Storm\update\xvidcore.dll
c:\programdata\Storm\update\xvidvfw.dll
c:\users\François\AppData\Local\syuwqqk.dat
c:\users\François\AppData\Local\syuwqqk_nav.dat
c:\users\François\AppData\Local\syuwqqk_navps.dat
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-07-11 au 2012-08-11 ))))))))))))))))))))))))))))))))))))
.
.
2012-08-11 17:20 . 2012-08-11 17:22 -------- d-----w- c:\users\François\AppData\Local\temp
2012-08-11 17:20 . 2012-08-11 17:20 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-08-11 17:20 . 2012-08-11 17:20 -------- d-----w- c:\users\postgres.PC-de-MOMO\AppData\Local\temp
2012-08-11 17:20 . 2012-08-11 17:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-11 17:20 . 2012-08-11 17:20 -------- d-----w- c:\users\Momochka\AppData\Local\temp
2012-08-11 14:38 . 2012-08-11 14:38 -------- d-----w- C:\found.001
2012-08-10 15:52 . 2012-08-10 15:55 -------- d-----w- c:\users\François\AppData\Local\{D15F80B2-7CA2-4E31-BD99-1E592F81352D}
2012-08-10 15:51 . 2012-08-10 15:52 -------- d-----w- c:\users\François\AppData\Local\{67FB93AB-ACA0-428E-8B3C-E9DD061ABA56}
2012-08-10 02:55 . 2012-08-11 16:24 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4AD73AB3-916D-4CF4-B461-2AB64E790D95}\offreg.dll
2012-08-10 00:04 . 2012-08-10 02:42 -------- d-----w- c:\program files\ZHPDiag
2012-08-10 00:04 . 2012-08-10 02:42 -------- d-----w- C:\ZHP
2012-08-09 20:30 . 2012-08-09 20:30 -------- d-----w- c:\users\François\AppData\Local\{B05572A4-F8B4-4035-8909-2F1D42C2436D}
2012-08-09 20:30 . 2012-08-09 20:30 -------- d-----w- c:\users\François\AppData\Local\{1DE447E8-CA7C-4D50-B61F-8A967C35F3A4}
2012-08-09 00:03 . 2012-08-09 00:03 -------- d-----w- c:\users\François\AppData\Roaming\Malwarebytes
2012-08-09 00:02 . 2012-08-09 00:02 -------- d-----w- c:\programdata\Malwarebytes
2012-08-09 00:02 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-09 00:02 . 2012-08-09 00:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-08 20:02 . 2012-08-08 20:02 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-08-08 00:59 . 2012-08-08 00:59 -------- d-----w- c:\program files\Trend Micro
2012-08-07 03:06 . 2012-08-07 03:06 -------- d-----w- c:\users\François\AppData\Local\{2DFF4ABD-FFC6-456D-8584-C70E91B3DE0C}
2012-08-07 03:05 . 2012-08-07 03:06 -------- d-----w- c:\users\François\AppData\Local\{CDCB3CA4-610D-4AF3-8B8C-C6413DE8F7E4}
2012-08-04 02:55 . 2012-08-04 02:55 -------- d-----w- c:\users\François\AppData\Roaming\Avira
2012-08-04 02:36 . 2011-09-16 14:11 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-08-04 02:36 . 2012-02-15 13:04 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-08-04 02:36 . 2012-02-15 13:04 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-08-04 02:36 . 2012-08-04 02:36 -------- d-----w- c:\programdata\Avira
2012-08-04 02:36 . 2012-08-04 02:36 -------- d-----w- c:\program files\Avira
2012-08-02 01:25 . 2012-08-02 01:25 -------- d-----w- c:\users\François\AppData\Local\{ADAE4ECC-E513-4B00-B744-6EC87EEA3D6F}
2012-08-02 01:25 . 2012-08-02 01:25 -------- d-----w- c:\users\François\AppData\Local\{E7127505-1751-4D9E-8D36-F2FF5B9FAEA4}
2012-07-31 01:28 . 2012-07-31 01:28 -------- d-----w- c:\users\François\AppData\Local\{BA8F2EC6-4C88-4D60-BB3F-BFF94828CBD0}
2012-07-31 01:28 . 2012-07-31 01:28 -------- d-----w- c:\users\François\AppData\Local\{33551DF9-4DFB-498E-93D4-6CB5B91EB578}
2012-07-28 20:45 . 2012-07-28 20:49 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7
2012-07-24 23:26 . 2012-07-24 23:26 -------- d-----w- c:\users\François\AppData\Local\{303EECE1-EA37-4E88-B380-1360204F8412}
2012-07-24 23:26 . 2012-07-24 23:26 -------- d-----w- c:\users\François\AppData\Local\{276EE099-214B-43FC-8E34-17AA1C54EB96}
2012-07-23 20:14 . 2012-07-23 20:14 -------- d-----w- c:\users\François\AppData\Local\{6DCE1DAA-BDF2-45CE-8817-619640081B72}
2012-07-23 20:14 . 2012-07-23 20:14 -------- d-----w- c:\users\François\AppData\Local\{88E3D36B-4F14-4131-ACF5-180DFEF70E48}
2012-07-21 00:14 . 2012-07-21 00:14 -------- d-----w- c:\users\François\AppData\Local\{111192B2-612C-4245-8549-6513D2B1F87B}
2012-07-21 00:13 . 2012-07-21 00:13 -------- d-----w- c:\users\François\AppData\Local\{768E0602-8B2E-4C32-938F-A33DA610C4F4}
2012-07-19 15:24 . 2012-07-19 15:24 -------- d-----w- c:\program files\BarrierePoker.fr
2012-07-15 18:14 . 2012-07-15 18:14 -------- d-----w- c:\users\François\AppData\Local\{6D1F61F3-5B50-4FCB-9D85-BCB591973C88}
2012-07-15 18:13 . 2012-07-15 18:14 -------- d-----w- c:\users\François\AppData\Local\{98B7B814-7DB8-4FD1-8A3E-B4AAAD3E0072}
2012-07-13 16:17 . 2012-07-13 16:17 -------- d-----w- c:\users\François\AppData\Local\{6AD56FC4-3271-4FA3-8D13-06D0CD40E546}
2012-07-13 16:16 . 2012-07-13 16:17 -------- d-----w- c:\users\François\AppData\Local\{AB17953F-9943-4B18-8F68-410C1F387BC5}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-22 21:37 . 2012-04-06 12:34 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-22 21:37 . 2011-05-17 16:20 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 16:21 . 2011-08-02 09:41 41224 ----a-w- c:\windows\avastSS.scr
2012-06-21 15:34 . 2012-06-21 15:35 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-21 15:34 . 2011-11-22 18:39 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-02 22:19 . 2012-07-05 18:23 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-05 18:23 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-05 18:22 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-05 18:22 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-07-05 18:23 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-07-05 18:23 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-07-05 18:22 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-05 18:21 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-07-05 18:21 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 03:41 . 2012-07-03 07:54 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4AD73AB3-916D-4CF4-B461-2AB64E790D95}\mpengine.dll
2012-05-15 19:51 . 2012-07-05 19:15 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-05-15 06:37 . 2012-07-05 19:17 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 06:32 . 2012-07-05 19:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-15 06:32 . 2012-07-05 19:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-15 06:31 . 2012-07-05 19:16 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-05-15 06:31 . 2012-07-05 19:16 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-05-15 05:01 . 2012-07-05 19:16 385024 ----a-w- c:\windows\system32\html.iec
2012-05-15 03:26 . 2012-07-05 19:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-15 03:23 . 2012-07-05 19:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-03 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALuNotify.exe" [2007-09-26 492912]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-19 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-19 92704]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-02-15 258512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\?????????]
??????????????e [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2012-08-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-03 14:06]
.
2012-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 19:23]
.
2012-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 19:23]
.
2012-08-11 c:\windows\Tasks\User_Feed_Synchronization-{6D8BFCEF-9E92-4DF9-AA37-788E54F76017}.job
- c:\windows\system32\msfeedssync.exe [2012-07-05 03:24]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = local;*.local
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{725EC34E-943C-4df6-B0B2-FBDE7F242276} - c:\programs\PartyFrance\PartyPokerFr\RunApp.exe
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programs\PartyGaming\PartyCasino\RunApp.exe
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=1dfcb2df-f9be-11e0-a7e7-0019215ae97f&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-ISUSPM Startup - c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-fjugqcnxju - c:\users\françois\appdata\local\microsoft\fjugqcnxju.exe
AddRemove-{08234a0d-cf39-4dca-99f0-0c5cb496da81} - c:\program files\Bing Bar Installer\InstallManager.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-11 19:21
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Heure de fin: 2012-08-11 19:44:57
ComboFix-quarantined-files.txt 2012-08-11 17:44
.
Avant-CF: 19 405 058 048 octets libres
Après-CF: 28 349 030 400 octets libres
.
- - End Of File - - 606DEA0758518FD4F43016B22170D74A
0
Réponse 10 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
11 août 2012 à 21:37
Salut,
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
-----------------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

* Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
* Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
* Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
__________________________________________________

KillAll::

DDS::
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

Firefox::
FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=1dfcb2df-f9be-11e0-a7e7-0019215ae97f&q=


__________________________________________________

* Enregistre ce fichier sous le nom CFScript
* Fait un glisser/déposer de ce fichier CFScript sur le fichier
ComboFix.exe comme sur : cette capture
* Combofix se lance, laisse toi guider..

* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
* Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis

* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
0
Réponse 11 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
14 août 2012 à 16:57
Re,

J'ai été obligé de désinstaller Antivir lors du lancement de Combofix( lorsqu'il me l'a demandé) car impossible de seulement arrêter l'antivirus car le bouton d'arrêt n'était plus en place ! Le pc a retrouvé sa rapidité lors de l'enregistrement du fichier mais apres la désinstallation de l'antivirus que je n'ai pa encore réinstaller ça continué à ramer( toutes les opérations que je demande mettent un temps fou à s'exécuter).
Voici le rapport Combofix:

ComboFix 12-08-09.01 - François 13/08/2012 18:40:09.2.1 - x86
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.767.286 [GMT 2:00]
Lancé depuis: c:\users\Franþois\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Franþois\Desktop\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-07-13 au 2012-08-13 ))))))))))))))))))))))))))))))))))))
.
.
2012-08-13 16:52 . 2012-08-13 16:53 -------- d-----w- c:\users\François\AppData\Local\temp
2012-08-13 16:52 . 2012-08-13 16:52 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-08-13 16:52 . 2012-08-13 16:52 -------- d-----w- c:\users\postgres.PC-de-MOMO\AppData\Local\temp
2012-08-13 16:52 . 2012-08-13 16:52 -------- d-----w- c:\users\Momochka\AppData\Local\temp
2012-08-13 16:52 . 2012-08-13 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-11 14:38 . 2012-08-11 14:38 -------- d-----w- C:\found.001
2012-08-10 15:52 . 2012-08-10 15:55 -------- d-----w- c:\users\François\AppData\Local\{D15F80B2-7CA2-4E31-BD99-1E592F81352D}
2012-08-10 15:51 . 2012-08-10 15:52 -------- d-----w- c:\users\François\AppData\Local\{67FB93AB-ACA0-428E-8B3C-E9DD061ABA56}
2012-08-10 02:55 . 2012-08-11 16:24 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4AD73AB3-916D-4CF4-B461-2AB64E790D95}\offreg.dll
2012-08-10 00:04 . 2012-08-10 02:42 -------- d-----w- c:\program files\ZHPDiag
2012-08-10 00:04 . 2012-08-10 02:42 -------- d-----w- C:\ZHP
2012-08-09 20:30 . 2012-08-09 20:30 -------- d-----w- c:\users\François\AppData\Local\{B05572A4-F8B4-4035-8909-2F1D42C2436D}
2012-08-09 20:30 . 2012-08-09 20:30 -------- d-----w- c:\users\François\AppData\Local\{1DE447E8-CA7C-4D50-B61F-8A967C35F3A4}
2012-08-09 00:03 . 2012-08-09 00:03 -------- d-----w- c:\users\François\AppData\Roaming\Malwarebytes
2012-08-09 00:02 . 2012-08-09 00:02 -------- d-----w- c:\programdata\Malwarebytes
2012-08-09 00:02 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-09 00:02 . 2012-08-09 00:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-08 20:02 . 2012-08-08 20:02 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-08-08 00:59 . 2012-08-08 00:59 -------- d-----w- c:\program files\Trend Micro
2012-08-07 03:06 . 2012-08-07 03:06 -------- d-----w- c:\users\François\AppData\Local\{2DFF4ABD-FFC6-456D-8584-C70E91B3DE0C}
2012-08-07 03:05 . 2012-08-07 03:06 -------- d-----w- c:\users\François\AppData\Local\{CDCB3CA4-610D-4AF3-8B8C-C6413DE8F7E4}
2012-08-04 02:36 . 2012-08-04 02:36 -------- d-----w- c:\program files\Avira
2012-08-02 01:25 . 2012-08-02 01:25 -------- d-----w- c:\users\François\AppData\Local\{ADAE4ECC-E513-4B00-B744-6EC87EEA3D6F}
2012-08-02 01:25 . 2012-08-02 01:25 -------- d-----w- c:\users\François\AppData\Local\{E7127505-1751-4D9E-8D36-F2FF5B9FAEA4}
2012-07-31 01:28 . 2012-07-31 01:28 -------- d-----w- c:\users\François\AppData\Local\{BA8F2EC6-4C88-4D60-BB3F-BFF94828CBD0}
2012-07-31 01:28 . 2012-07-31 01:28 -------- d-----w- c:\users\François\AppData\Local\{33551DF9-4DFB-498E-93D4-6CB5B91EB578}
2012-07-28 20:45 . 2012-07-28 20:49 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7
2012-07-24 23:26 . 2012-07-24 23:26 -------- d-----w- c:\users\François\AppData\Local\{303EECE1-EA37-4E88-B380-1360204F8412}
2012-07-24 23:26 . 2012-07-24 23:26 -------- d-----w- c:\users\François\AppData\Local\{276EE099-214B-43FC-8E34-17AA1C54EB96}
2012-07-23 20:14 . 2012-07-23 20:14 -------- d-----w- c:\users\François\AppData\Local\{6DCE1DAA-BDF2-45CE-8817-619640081B72}
2012-07-23 20:14 . 2012-07-23 20:14 -------- d-----w- c:\users\François\AppData\Local\{88E3D36B-4F14-4131-ACF5-180DFEF70E48}
2012-07-21 00:14 . 2012-07-21 00:14 -------- d-----w- c:\users\François\AppData\Local\{111192B2-612C-4245-8549-6513D2B1F87B}
2012-07-21 00:13 . 2012-07-21 00:13 -------- d-----w- c:\users\François\AppData\Local\{768E0602-8B2E-4C32-938F-A33DA610C4F4}
2012-07-19 15:24 . 2012-07-19 15:24 -------- d-----w- c:\program files\BarrierePoker.fr
2012-07-15 18:14 . 2012-07-15 18:14 -------- d-----w- c:\users\François\AppData\Local\{6D1F61F3-5B50-4FCB-9D85-BCB591973C88}
2012-07-15 18:13 . 2012-07-15 18:14 -------- d-----w- c:\users\François\AppData\Local\{98B7B814-7DB8-4FD1-8A3E-B4AAAD3E0072}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-22 21:37 . 2012-04-06 12:34 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-22 21:37 . 2011-05-17 16:20 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 16:21 . 2011-08-02 09:41 41224 ----a-w- c:\windows\avastSS.scr
2012-06-21 15:34 . 2012-06-21 15:35 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-21 15:34 . 2011-11-22 18:39 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-02 22:19 . 2012-07-05 18:23 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-05 18:23 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-05 18:22 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-05 18:22 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-07-05 18:23 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-07-05 18:23 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-07-05 18:22 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-05 18:21 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-07-05 18:21 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 03:41 . 2012-07-03 07:54 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4AD73AB3-916D-4CF4-B461-2AB64E790D95}\mpengine.dll
2012-05-15 19:51 . 2012-07-05 19:15 2045440 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-03 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALuNotify.exe" [2007-09-26 492912]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-19 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-19 92704]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\?????????]
??????????????e [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Autres Services/Pilotes en mémoire ---
.
*Deregistered* - avipbb
*Deregistered* - ssmdrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2012-08-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-03 14:06]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 19:23]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 19:23]
.
2012-08-13 c:\windows\Tasks\User_Feed_Synchronization-{6D8BFCEF-9E92-4DF9-AA37-788E54F76017}.job
- c:\windows\system32\msfeedssync.exe [2012-07-05 03:24]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = local;*.local
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{725EC34E-943C-4df6-B0B2-FBDE7F242276} - c:\programs\PartyFrance\PartyPokerFr\RunApp.exe
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programs\PartyGaming\PartyCasino\RunApp.exe
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=1dfcb2df-f9be-11e0-a7e7-0019215ae97f&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-13 18:53
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Heure de fin: 2012-08-13 19:15:47
ComboFix-quarantined-files.txt 2012-08-13 17:15
ComboFix2.txt 2012-08-11 17:44
.
Avant-CF: 28 494 794 752 octets libres
Après-CF: 28 490 211 328 octets libres
.
- - End Of File - - 7F4DE90BBC5E07DA60AFB3B30BA530D4
0
Réponse 12 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
Modifié par Fish66 le 14/08/2012 à 18:21
Salut,

1* Télécharge Avira antivir V12 à partir ce lien :
http://www.commentcamarche.net/download/telecharger-55-antivir
2* Télécharge avira-registrycleaner à partir ce lien :
https://www.avira.com/fr/download/product/avira-registry-cleaner
Exécute le en suivant les instructions
* Exécute le fichier téléchargé en 1* pour installation
(A ne pas cocher la case Askbar ) et en choisissant : la configuration optimale
=======================
Lance ZHPDiag depuis le bureau, clique sur la flèche verte (mise à jour)
Ensuite coche tout au tournevis puis lance l'analyse, ferme le et héberge le rapport. colle le lien dans ta prochaine réponse

_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 13 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
15 août 2012 à 00:35
Salut,

voici le rapport ZHPDiag:

Rapport de ZHPDiag v1.31.13 par Nicolas Coolman, Update du 31/07/2012
Run by François at 14/08/2012 23:56:28
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19272 (Defaut)
MFIE: Mozilla Firefox 15.0 v15.0

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 8QXTR
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 15 Model 95 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 766 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 25 GB (35%) free of 71 GB

---\\ Logged in mode
~ Computer Name: PC-DE-MOMO
~ User Name: François
~ All Users Names: postgres, Momochka, François, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\François\AppData\Roaming\
~ %Desktop% : C:\Users\François\Desktop\
~ %Favorites% : C:\Users\François\Favorites\
~ %LocalAppData% : C:\Users\François\AppData\Local\
~ %StartMenu% : C:\Users\François\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 71 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 71 Go of 71 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DEAF5B0677A6B864B8F4F41C127695DB] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/05/2012 - 07:37:49.) -- C:\Windows\System32\wininet.dll [916992]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 04s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/163
~ Mes musiques (My Musics) : 1/470
~ Mes Videos (My Videos) : 1/21
~ Mes Favoris (My Favorites) : 1/64
~ Mes Documents (My Documents) : 2/254
~ Mon Bureau (My Desktop) : 1/27
~ Menu demarrer (Programs) : 1/26
~ Scan Hidden Files in 00mn 09s



---\\ Processus lancés
[MD5.A503A47A5E7EA8024379A8CC6059B74A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [3784704] [PID.264]
[MD5.AE75328877578EABA536C9A7AEDAFFB3] - (.Symantec Corporation - Symantec ALUNotify Module.) -- C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.exe [492912] [PID.444]
[MD5.C837D17DE0B349539AA527EE750EBE2A] - (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [517768] [PID.456]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.584]
[MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1230704] [PID.540]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.1272]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [168960] [PID.3968]
[MD5.89C8EE7324463C2C155DED8F8DA9AFDA] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [973488] [PID.712]
[MD5.84DB35F319E5B67838A4877C11748866] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [462920] [PID.2220]
[MD5.9F0BE235A0136EA9E94CF9BD037C30EC] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664] [PID.2816]
[MD5.54E68482F5F87B1C6F46134339E2A563] - (.Avira Operations GmbH & Co. KG - Avira Control Center.) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe [391632] [PID.3736]
[MD5.9AC31470779A703021C337FD83D683EE] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638048] [PID.452]
[MD5.7317348C529B501C98330771F8109700] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe [686280] [PID.2140]
[MD5.7BEDD051B53821B040EAD42DB0724848] - (.Microsoft Corporation - Rapports de problèmes Windows.) -- C:\Windows\system32\werfault.exe [217088] [PID.4852]
[MD5.FCB13D9E3D55075C8FACA9CA3C55B263] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3763200] [PID.4172]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5068]
[MD5.DA8CCB1A765CA509666FB710E749902E] - (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\system32\msfeedssync.exe [13312] [PID.4808]
[MD5.56407B8616E4206EE02892A2AC712EF3] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) -- C:\Windows\system32\nvvsvc.exe [118784] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.23A1768E026A0FE499363E60151939B7] - (.Pas de propriétaire - MemCheck.Service.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [24576] [PID.]
[MD5.6E5DAC168D1FF9843E84A59D51D31107] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.]
[MD5.ADB28AA98D876AFC1CD693570032FE81] - (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [65536] [PID.]
[MD5.B894EBA4AFFDA1B4B6C874E5972C72FE] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe [3674112] [PID.]
[MD5.C1C132455200AD4704142442C89D0FA4] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247] [PID.]
[MD5.F841F6ED752CC5F346039D5551931A7B] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [45056] [PID.]
[MD5.9033D67B7112D23EDED6789BACDED128] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520] [PID.]
[MD5.43683E970F008C93C9429EF428147A54] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [655944] [PID.]
[MD5.CC3110EEF77AA0810CAA03741168BA8F] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032] [PID.]
[MD5.E869E31D3FD7B6314EEFEA4304C413CA] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [80336] [PID.]
~ Scan Processes Running in 00mn 08s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\François\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
G0 - GCSP: Preference [User Data\Default][HomePage] http://startsear.ch
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\prefs.js
M3 - MFPP: Plugins - [François] -- C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\searchplugins\startsear.xml
M3 - MFPP: Plugins - [François] -- C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\searchplugins\web-search.xml
M0 - MFSP: prefs.js [François - hsqwph9r.default] http://startsear.ch
M2 - MFEP: prefs.js [François - hsqwph9r.default\en-GB@dictionaries.addons.mozilla.org] [] British English Dictionary v1.19.1 (..)
M2 - MFEP: prefs.js [François - hsqwph9r.default\vshare@toolbar] [] vShare v2.0.0 (.vShare.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.3.4.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_33] - (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_33 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.19] - (.Veetle Inc - Version 0.9.19, Copyright 2006-2012 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.1".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 02s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.1".) (No version) -- (.not file.)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.1".) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} Clé orpheline
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [ALUAlert] . (.Symantec Corporation - Symantec ALUNotify Module.) -- C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] . (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1105662260-2671531112-2980138692-1005-1105662260-2671531112-2980138692-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1105662260-2671531112-2980138692-1005-1105662260-2671531112-2980138692-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\postgres\Desktop\PartyPoker.lnk . (...) -- C:\Programs\PartyGaming\PartyGaming.exe
O4 - Global Startup: C:\Users\postgres\Desktop\PokerTracker 3.lnk . (.PokerTracker Software, LLC..) -- C:\Program Files\PokerTracker 3\PokerTracker.exe
O4 - Global Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk . (...) -- C:\Programs\PartyGaming\PartyGaming.exe
O4 - Global Startup: C:\Users\Momochka\Desktop\GammonEmpire.lnk . (...) -- C:\Users\François\AppData\Local\GammonEmpire\GammonEmpire.exe (.not file.)
O4 - Global Startup: C:\Users\Momochka\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\Momochka\Desktop\PartyPoker.fr.lnk . (...) -- C:\Programs\PartyFrance\PartyFrance.exe
O4 - Global Startup: C:\Users\Momochka\Desktop\PokerTracker 3.lnk . (.PokerTracker Software, LLC..) -- C:\Program Files\PokerTracker 3\PokerTracker.exe
O4 - Global Startup: C:\Users\Momochka\Desktop\Sleepy.lnk . (.mehDiZsoft.) -- C:\Program Files\Sleepy\Sleepy.exe
O4 - Global Startup: C:\Users\François\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbopoker.fr.lnk . (.Playtech.) -- C:\Poker\Turbopoker.fr\casino.exe
O4 - Global Startup: C:\Users\François\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\François\Desktop\Partouche Poker.lnk . (...) -- C:\Users\François\AppData\Roaming\Partouche Poker\PartoucheFR.exe
O4 - Global Startup: C:\Users\François\Desktop\PokerTracker 3.lnk . (.PokerTracker Software, LLC..) -- C:\Program Files\PokerTracker 3\PokerTracker.exe
O4 - Global Startup: C:\Users\François\Desktop\Sleepy.lnk . (.mehDiZsoft.) -- C:\Program Files\Sleepy\Sleepy.exe
O4 - Global Startup: C:\Users\François\Desktop\spool - Raccourci.lnk . (...) -- C:\Windows\system32\spool
O4 - Global Startup: C:\Users\François\Desktop\vlc - Raccourci.lnk . (...) -- C:\Program Files\VLC\vlc.exe
O4 - Global Startup: C:\Users\François\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BarrierePoker.fr.lnk . (...) -- C:\Program Files\BarrierePoker.fr\BarrierePoker.fr.exe
O4 - Global Startup: C:\Users\François\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\François\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 7 (2).lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
O4 - Global Startup: C:\Users\François\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyPoker.fr.lnk . (...) -- C:\Programs\PartyFrance\PartyFrance.exe
O4 - Global Startup: C:\Users\François\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
~ Scan Global Startup in 57mn 18s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} . (...) -- C:\Programs\PartyFrance\PartyPokerFr\images\ppicon.ico
O9 - Extra button: PartyPoker.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} -- C:\Programs\PartyGaming\PartyCasino\images\PartyCasino.ico (.not file.)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} . (...) -- C:\Programs\PartyGaming\PartyPoker\images\ppicon.ico
~ Scan IE Extra Buttons in 00mn 01s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{4D2F1578-8B02-43B4-B591-559CD6616BC6}: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: dvd - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: its - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mhtml - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ms-its - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: tv - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: vbscript - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (...) --
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (...) --
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (...) --
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ePerformance Service (AcerMemUsageCheckService) . (.Pas de propriétaire - MemCheck.Service.) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CB (CLCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) . (.Pas de propriétaire - CLSched Module.) - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (...) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Planificateur LiveUpdate automatique (Planificateur LiveUpdate automatique) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
~ Scan Services in 00mn 13s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{6D8BFCEF-9E92-4DF9-AA37-788E54F76017}.job
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [BFGLaunch_bfgclient] (...) -- C:\Program Files\bfgclient\bfgclient.exe (.not file.)
[MD5.408DDD80EEDE47175F6844817B90213E] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task for VeohWebPlayer] (...) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{030A7F7C-BE5F-4920-88C0-57E610B4D6C9}] (...) -- C:\Users\François\Downloads\InstallGammonEmpire.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{062127FD-10B0-418B-99EA-002B95A3CA91}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAWDR6TS\PT-Install-v3.00.4.pgsql[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{06E8A3C4-C22A-44E3-8C0C-17C97D6742A8}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ULOHVJJ\PT-Install-v3.00.5.2[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{0DCC221B-C2BF-4237-991C-0CDF99B6746F}] (...) -- C:\Users\François\Downloads\InstallGammonEmpire(1).exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{229E2614-E417-4A32-80FB-247D43A308FC}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP5S912R\PT-Install-v3.00.4[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{2C813C27-4729-4940-BECD-465CCA729533}] (...) -- C:\Users\François\Documents\Downloads\Xvid.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{52F09CF5-E4A8-4513-B3E6-C84FCEDE1FA0}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MP5S912R\PT-Install-v3.00.4.pgsql[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{598845F1-A5C7-46D3-8569-6E6E9530CB18}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFH62XQ8\wmp11-windowsxp-x86-FR-FR[1].exe (.not file.)
[MD5.CBE9C3F27A217C3329C5D01F7B819466] [APT] [{7259CECE-4AEB-4FAE-8556-179768F5A2D4}] (...) -- C:\Users\François\Documents\PT-Install-v3.00.b30.7.exe
[MD5.00000000000000000000000000000000] [APT] [{8FB4709A-A587-4C06-B7FE-74A3488B5E00}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{959A9FAB-FB6C-4EC1-97FD-1BC2C69EA120}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFH62XQ8\MPSetup[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{9FB4CAC6-93D1-45B4-8535-28D1B23974A4}] (...) -- C:\Program Files\Alwil Software\Avast4\aswRundll.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C666ED84-9A2D-4825-97C8-2FE0CAD65E60}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z7V1QTXN\3d_chess_unlimited_share[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{D716197D-98F0-4EA4-BC90-8CDE5D04ECA2}] (...) -- C:\Program Files\bfgclient\Uninstall.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{F5E5E622-A680-4994-8E92-0EB782FA6901}] (...) -- C:\Users\François\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YC0JFR9Z\wmp11-windowsxp-x86-FR-FR[1].exe (.not file.)
~ Scan Scheduled Task in 00mn 25s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\swdir.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 05s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2}
O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35}
O42 - Logiciel: Acer eMode Management - (.Pas de propriétaire.) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer ePerformance Management - (.Acer Inc..) [HKLM] -- {D462BF9E-0C35-4705-BF9B-3DF9F3816643}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.5.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: BarrierePoker.fr - (.SOCIETE DE PRESTATIONS INTERNET SAS.) [HKLM] -- fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
O42 - Logiciel: BarrierePoker.fr - (.SOCIETE DE PRESTATIONS INTERNET SAS.) [HKLM] -- {6018FD0D-A7B0-0156-6492-F1A4D312261F}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
O42 - Logiciel: Eurosport Poker - (.SPS.) [HKLM] -- Eurosport Poker_is1
O42 - Logiciel: Everest Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker.fr
O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM] -- {13A5E785-5197-4EAD-8EE3-D660271E49BC}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Toolbar for Firefox - (.Google Inc..) [HKLM] -- {2CCBABCB-6427-4A55-B091-49864623C43F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Internet Banking Payment Assistant 2.2 - (.Citadel Commerce.) [HKCU] -- Internet Banking Payment Assistant
O42 - Logiciel: Java(TM) 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate
O42 - Logiciel: LiveUpdate Notice (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.62.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}
O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 15.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 15.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MyPok - (.Pas de propriétaire.) [HKLM] -- mypokfr (Poker)
O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenOffice.org 3.0 - (.OpenOffice.org.) [HKLM] -- {6860B340-530D-46B3-91F8-1AE1F70F7C33}
O42 - Logiciel: Partouche Poker - (.Partouche Poker.) [HKCU] -- Partouche Poker
O42 - Logiciel: PartyPoker - (.PartyGaming.) [HKLM] -- PartyPoker
O42 - Logiciel: PartyPoker.fr - (.PartyFrance.) [HKLM] -- PartyPokerFr
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr
O42 - Logiciel: PokerTracker 3 (remove only) - (.Pas de propriétaire.) [HKLM] -- PokerTracker3
O42 - Logiciel: PostgreSQL 8.3 - (.PostgreSQL Global Development Group.) [HKLM] -- {B823632F-3B72-4514-8861-B961CE263224}
O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Sleepy - (.Pas de propriétaire.) [HKLM] -- Sleepy
O42 - Logiciel: Turbopoker.fr - (.Pas de propriétaire.) [HKCU] -- Turbopoker.fr
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: Veetle TV - (.Veetle, Inc.) [HKLM] -- Veetle TV
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM] -- {0D3C01F2-3A39-0248-42A0-4F52DAE2302B}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {2D6E3D97-1FDF-4993-AC75-72F59EC445C5}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {9C05B2CC-68D0-4B46-A9C8-40CC4BF10C33}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D567
0
Réponse 14 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
15 août 2012 à 08:53
Bonjour,

* Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015

* Copie le lien dans ta prochaine réponse.
0
Réponse 15 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
16 août 2012 à 14:52
Salut,

voici le lien,

https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120816_o611x12l5e11
0
Réponse 16 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
16 août 2012 à 18:21
Salut,
1/
Désinstalle :
Logiciel: vShare Plugin

2/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)

0
Réponse 17 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
16 août 2012 à 23:55
Salut,

J'ai un message d'erreur quand j'ouvre AdwCleaner: "emplecement fichier incorrect.."
Esst ce que tu crois qu'on va y arrivé??!
0
Réponse 18 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
17 août 2012 à 00:53
Refais la procédure de ADWCleaner en mode sans échec avec prise en charge du réseau :
=======================
Démarrage en Mode sans échec avec prise en charge réseau :
Pour cela, tu tapotes la touche F8 dès le début de l'allumage du pc sans t'arrêter
Une fenêtre va s'ouvrir tu te déplaces avec les flèches du clavier sur >> démarrer en Mode sans échec avec prise en charge réseau
puis tape entrée.
Une fois sur le bureau s'il n'y a pas toutes les couleurs et autres c'est normal !
(Si F8 ne marche pas utilise la touche F5)

A demain
Bonne nuit
0
Réponse 19 / 24
fanfan72000 Messages postés 13 Date d'inscription jeudi 26 juillet 2012 Statut Membre Dernière intervention 20 août 2012
17 août 2012 à 03:37
Re,

# AdwCleaner v1.801 - Rapport créé le 17/08/2012 à 03:35:11
# Mis à jour le 14/08/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : François - PC-DE-MOMO
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\François\Desktop\adwcleaner.exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\François\AppData\LocalLow\vShare
Dossier Présent : C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\extensions\vshare@toolbar
Dossier Présent : C:\Program Files\vShare
Fichier Présent : C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\searchplugins\Startsear.xml
Fichier Présent : C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\searchplugins\web-search.xml

***** [Registre] *****

Clé Présente : HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\vShare
Clé Présente : HKCU\Software\Softonic
Clé Présente : HKCU\Software\StartSearch
Clé Présente : HKCU\Software\vShare
Clé Présente : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
Clé Présente : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
Clé Présente : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vShare

***** [Registre - GUID] *****

Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19272

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v15.0 (fr)

Nom du profil : default
Fichier : C:\Users\François\AppData\Roaming\Mozilla\Firefox\Profiles\hsqwph9r.default\prefs.js

Présente : user_pref("browser.search.defaultengine", "Web Search");
Présente : user_pref("browser.search.defaultenginename", "Web Search");
Présente : user_pref("browser.search.order.1", "Web Search");
Présente : user_pref("browser.startup.homepage", "hxxp://startsear.ch/?aff=1");
Présente : user_pref("extensions.vshare@toolbar.install-event-fired", true);
Présente : user_pref("keyword.URL", "hxxp://startsear.ch/?aff=1&src=sp&cf=1dfcb2df-f9be-11e0-a7e7-0019215ae97f&[...]
Présente : user_pref("vshare.install.date", "1297814400000");
Présente : user_pref("vshare.install.dumpFileCount", 0);
Présente : user_pref("vshare.install.dumpFileDisabled", false);
Présente : user_pref("vshare.install.finished", "1.0.2");
Présente : user_pref("vshare.install.guid", "{f4a83b19-7c6d-4ea0-ad38-d9883d7766aa}");
Présente : user_pref("vshare.install.isHidden", true);
Présente : user_pref("vshare.install.istoolbarhp", true);
Présente : user_pref("vshare.install.istoolbarsearch", true);
Présente : user_pref("vshare.install.laststatreq", "1299110400000");
Présente : user_pref("vshare.install.newtab", true);
Présente : user_pref("vshare.install.overlayVersion", 1);
Présente : user_pref("vshare.install.userHPSettings", "");
Présente : user_pref("vshare.install.userSPSettings", "");

Nom du profil : default
Fichier : C:\Users\Momochka\AppData\Roaming\Mozilla\Firefox\Profiles\y97jie3y.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\François\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente : "homepage": "hxxp://startsear.ch/?aff=1",

*************************

AdwCleaner[R1].txt - [4806 octets] - [17/08/2012 03:35:14]

########## EOF - C:\AdwCleaner[R1].txt - [4934 octets] ##########
0
Réponse 20 / 24
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
17 août 2012 à 09:02
Bonjour,
Tu as lancé ADWClaner en mode "Recherche" et non "Suppression"!
Relance le puis clique sur "Suppression" et poste le rapport stp
0