Rapport HiJackThis - Page 2

Résolu
Précédent
  • 1
  • 2
  • 3
Réponse 21 / 45
thibextra Messages postés 227 Statut Membre 11
 
Voilà pour Suppression

RogueKiller V8.4.2 _x64_ [Dec 31 2012] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Thibault [Droits d'admin]
Mode : Suppression -- Date : 05/01/2013 18:15:17

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 6 ¤¤¤
[HJ] HKLM\[...]\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2)
[HJ DESK] HKCU\[...]\Services\Microsoft\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
[...]

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ATA ST9750420AS SCSI Disk Device +++++
--- User ---
[MBR] 42d8f959e6f7d0ae2d14e55200af2199
[BSP] 9117ff385a533884843e3715d2d13ff8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[3]_D_05012013_181517.txt >>
RKreport[1]_S_05012013_170823.txt ; RKreport[2]_S_05012013_181451.txt ; RKreport[3]_D_05012013_181517.txt

Puis pour HOST RAZ

RogueKiller V8.4.2 _x64_ [Dec 31 2012] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Thibault [Droits d'admin]
Mode : HOSTS RAZ -- Date : 05/01/2013 18:16:02

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
[...]

¤¤¤ Nouveau fichier HOSTS: ¤¤¤

Termine : << RKreport[4]_H_05012013_181602.txt >>
RKreport[1]_S_05012013_170823.txt ; RKreport[2]_S_05012013_181451.txt ; RKreport[3]_D_05012013_181517.txt ; RKreport[4]_H_05012013_181602.txt

Voilà, merci de ton aide précieuse :p
0
Réponse 22 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
1/
Supprime les extensions inutiles de ton navigateur .
Aide : <<< ICI >>> ou encore : <<< ICI >>>

2/
Relance maintenant mbam, supprime tous ce qu'il trouve puis poste
le rapport stp

@+

¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 23 / 45
thibextra Messages postés 227 Statut Membre 11
 
Aucune menace détectée

Malwarebytes Anti-Malware (Essai) 1.70.0.1100
www.malwarebytes.org

Version de la base de données: v2013.01.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Thibault :: THIBAULT-PC [administrateur]

Protection: Désactivé

06/01/2013 11:38:30
mbam-log-2013-01-06 (11-38-30).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 466148
Temps écoulé: 52 minute(s), 15 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
0
Réponse 24 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Salut,
1/
* Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Personnalisation, copie-colle le texte en gras ci-dessous :

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c

* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le lien pjjoint ici ensuite pour pouvoir être consultés.

2/
Est ce que le problème existe encore ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 45
thibextra Messages postés 227 Statut Membre 11
 
OTL.txt

https://pjjoint.malekal.com/files.php?id=OTL_20130106_s10t14g7m7t6

et extras.txt

https://pjjoint.malekal.com/files.php?id=OTL_Extras_20130106_c9f6e14k12x15

et oui toujoursle même problème :(
0
Réponse 26 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Bonsoir,

Relance OTL
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* Dans la partie "Personnalisation", copie/colle les instructions suivantes :

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
[2012/09/15 21:06:08 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[RESETHOSTS]
[Reboot]

* Clique sur le bouton Correction.
* Patiente pendant le travail de l'outil, il doit ensuite redémarrer le PC.
* Accepte en cliquant sur OK.
* Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément.

Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles

@+

¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 27 / 45
thibextra Messages postés 227 Statut Membre 11
 
le rapport d'OTL en mode correction

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\Plugins folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\modules folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\META-INF folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\lib folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults\preferences folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\skin folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\sl folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\lib folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\core folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\404 folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\api folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\res folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284 folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d} folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Thibault
->Temp folder emptied: 11982266 bytes
->Temporary Internet Files folder emptied: 557399 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 52217681 bytes
->Flash cache emptied: 1549 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6704 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 349095849 bytes

Total Files Cleaned = 395,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Thibault
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01062013_193737

Files\Folders moved on Reboot...
C:\Users\Thibault\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Bonne soirée :)
0
Réponse 28 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
D'accord!

Redémarre ton PC puis tiens moi s'il y'a de nouveau!

@+
0
Réponse 29 / 45
thibextra Messages postés 227 Statut Membre 11
 
Ben, c'est toujours pareil :/
0
Réponse 30 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Bonjour,

Avant d'utiliser ComboFix :

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix

* Télécharge Defogger (de jpshortstuff) sur ton Bureau
* Lance le

* Une fenêtre apparait : clique sur "Disable"

* Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

===================================================

Attention, avant de commencer, lis attentivement la procédure

********************************************************

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEUREUX /!\

* Fais un clic droit sur ce lien, enregistre le dans ton bureau sous un autre nom exemple « ton pseudo.exe »
Voici Aide combofix

* /!\ Déconnecte-toi du net et ARRÊTE TES LOGICIELS DE PROTECTION /!\


*Double-clique sur ComboFix.exe (ou exécuter en tant qu'administrateur pour vista et seven)

Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

** SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

? Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

*En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

** /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

*Note : Le rapport se trouve également là : C:\ComboFix.txt
0
Réponse 31 / 45
thibextra Messages postés 227 Statut Membre 11
 
Alors voilà le rapport

ComboFix 13-01-06.01 - Thibault 07/01/2013 9:56.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6030.4013 [GMT 1:00]
Lancé depuis: c:\users\Thibault\Desktop\Thibextra.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Public\sdelevURL.tmp
c:\users\Thibault\AppData\Roaming\Microsoft\~DFK11fec66.tmp
c:\users\Thibault\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Thibault\AppData\Roaming\Microsoft\bass.dll
c:\users\Thibault\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Thibault\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Thibault\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Thibault\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Thibault\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Thibault\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Thibault\pdf
c:\users\Thibault\pdf\Coolutils Total PDF Converter 2.1.210 + Serial.rar
c:\windows\msvcr71.dll
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-12-07 au 2013-01-07 ))))))))))))))))))))))))))))))))))))
.
.
2013-01-07 09:01 . 2013-01-07 09:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-07 08:52 . 2013-01-07 08:52 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEA2166C-ECA8-4A7E-AD51-7FB632D5B603}\offreg.dll
2013-01-06 23:41 . 2013-01-06 23:47 -------- d-----w- c:\users\Thibault\AppData\Roaming\Pamela
2013-01-06 23:41 . 2013-01-06 23:41 203264 ----a-w- c:\windows\SysWow64\RemoteControl.dll
2013-01-06 23:41 . 2013-01-06 23:41 -------- d-----w- c:\program files (x86)\Pamela
2013-01-06 18:37 . 2013-01-06 18:37 -------- d-----w- C:\_OTL
2013-01-05 10:17 . 2013-01-05 10:17 -------- d-----w- C:\_OTM
2013-01-05 08:33 . 2013-01-05 10:05 -------- d-----w- C:\UsbFix
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2013-01-04 22:13 . 2013-01-04 22:13 -------- d-----w- c:\program files (x86)\QuickTime
2013-01-04 22:11 . 2013-01-04 22:12 -------- d-----w- c:\program files\CyberLink
2013-01-04 22:10 . 2013-01-04 22:10 -------- d-----w- c:\programdata\CLSK
2013-01-04 18:59 . 2013-01-05 12:50 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2013-01-04 15:05 . 2013-01-04 15:05 -------- d-----w- c:\users\Thibault\AppData\Roaming\Malwarebytes
2013-01-04 15:04 . 2013-01-04 15:04 -------- d-----w- c:\programdata\Malwarebytes
2013-01-04 15:04 . 2013-01-04 15:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-04 15:04 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-04 10:50 . 2013-01-05 12:50 -------- d-----w- c:\program files (x86)\ZHPDiag
2013-01-04 10:50 . 2013-01-05 12:45 -------- d-----w- C:\ZHP
2013-01-04 10:12 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEA2166C-ECA8-4A7E-AD51-7FB632D5B603}\mpengine.dll
2012-12-31 23:54 . 2012-12-31 23:54 -------- d-----w- c:\users\Thibault\AppData\Local\Rockstar Games
2012-12-31 23:53 . 2012-12-31 23:53 -------- d-sh--w- c:\programdata\SecuROM
2012-12-31 22:23 . 2012-12-31 23:36 -------- d-----w- c:\program files (x86)\Grand Theft Auto IV - Episodes From Liberty City
2012-12-31 19:13 . 2012-12-31 19:13 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-30 21:08 . 2013-01-06 19:49 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-30 21:08 . 2012-12-30 21:08 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-29 19:24 . 2012-12-29 19:53 -------- d-----w- c:\users\Thibault\AppData\Roaming\Youtube Downloader HD
2012-12-29 19:24 . 2012-12-29 19:24 -------- d-----w- c:\program files (x86)\Youtube Downloader HD
2012-12-26 17:19 . 2012-12-26 17:19 -------- d-----w- c:\program files (x86)\Telltale Games
2012-12-26 11:37 . 2012-12-26 11:37 -------- d-----w- c:\programdata\RELOADED
2012-12-26 11:34 . 2012-12-26 20:54 -------- d-----w- c:\program files (x86)\The Walking Dead
2012-12-23 20:16 . 2012-12-23 20:16 -------- d-----w- c:\users\Thibault\AppData\Local\Xara
2012-12-23 20:16 . 2012-12-23 20:16 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared
2012-12-21 23:43 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 23:43 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 23:43 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 23:43 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 16:46 . 2012-12-21 16:46 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2012-12-21 16:45 . 2012-12-21 17:11 -------- d-----w- c:\users\Thibault\AppData\Local\Pinnacle
2012-12-21 16:45 . 2012-12-21 16:45 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2012-12-21 16:39 . 2012-12-21 16:44 -------- d-----w- c:\programdata\Pinnacle
2012-12-21 16:39 . 2012-12-21 16:41 -------- d-----w- c:\program files (x86)\Pinnacle
2012-12-21 15:32 . 2012-12-21 15:33 -------- d-----w- c:\users\Thibault\AppData\Roaming\avidemux
2012-12-21 10:29 . 2012-12-21 10:29 -------- d-----w- c:\users\Thibault\AppData\Roaming\Media Player Classic
2012-12-21 10:07 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll
2012-12-21 10:06 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax
2012-12-21 10:06 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll
2012-12-21 10:01 . 2012-12-21 10:02 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2012-12-19 17:53 . 2012-12-19 17:53 1187697 ----a-w- c:\windows\unins000.exe
2012-12-19 17:48 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-19 17:48 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-19 17:48 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-19 17:47 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-19 17:47 . 2012-10-30 22:51 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-12-19 17:47 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-19 17:47 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-19 17:47 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-19 17:47 . 2012-10-30 22:50 227648 ------w- c:\windows\SysWow64\aswBoot.exe
2012-12-18 22:16 . 2012-11-19 11:10 652344 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2012-12-18 22:16 . 2012-11-19 11:10 28216 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2012-12-18 13:00 . 2012-12-18 13:00 -------- d-----w- c:\program files (x86)\Bigasoft
2012-12-18 09:51 . 2012-12-18 09:51 -------- d-----w- c:\windows\SysWow64\NV
2012-12-18 09:51 . 2012-12-18 09:51 -------- d-----w- c:\windows\system32\NV
2012-12-18 09:43 . 2013-01-05 08:32 -------- d-----w- c:\users\UpdatusUser
2012-12-18 09:43 . 2013-01-07 08:36 -------- d-----w- c:\programdata\NVIDIA
2012-12-18 09:42 . 2012-12-01 05:49 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-18 09:42 . 2012-12-01 05:49 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-18 09:42 . 2012-12-01 05:49 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-18 09:42 . 2012-12-01 05:49 877928 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-18 09:42 . 2012-12-01 05:48 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-18 09:42 . 2012-12-01 05:49 3663213 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-18 09:42 . 2012-12-01 05:49 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-18 09:42 . 2012-12-01 05:49 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-18 09:42 . 2012-12-01 05:48 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-18 09:42 . 2012-12-18 09:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-16 11:34 . 2012-12-16 11:34 -------- d-----w- c:\windows\system32\Plug-In Settings
2012-12-15 11:59 . 2012-12-15 13:11 -------- d-----w- c:\users\Thibault\portal2
2012-12-13 12:08 . 2012-12-13 12:08 -------- d-----w- c:\users\Thibault\looper
2012-12-12 22:21 . 2012-12-12 22:21 -------- d-----w- c:\program files (x86)\2K Games
2012-12-12 15:47 . 2012-12-12 15:47 -------- d-----w- c:\users\Thibault\Fable
2012-12-12 00:10 . 2012-12-12 00:10 -------- d-----w- c:\users\Thibault\farenheit
2012-12-11 23:37 . 2012-12-11 23:37 -------- d-----w- c:\program files (x86)\Remedy Entertainment
2012-12-11 15:09 . 2013-01-06 12:09 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-10 14:24 . 2012-12-10 14:24 -------- d-----w- c:\users\Thibault\the dark knight ost
2012-12-09 19:06 . 2012-12-09 19:06 -------- d-----w- c:\program files (x86)\ElcomSoft
2012-12-09 18:43 . 2012-12-09 18:43 -------- d-----w- c:\users\Thibault\elcomsoft
2012-12-09 17:32 . 2012-12-20 15:24 -------- d-----w- c:\users\Thibault\skyfall
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-07 08:37 . 2012-08-24 21:10 380 ----a-w- c:\users\Thibault\AppData\Roaming\sp_data.sys
2013-01-06 19:49 . 2012-11-24 15:48 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-05 10:05 . 2013-01-05 10:05 1590008 ----a-w- C:\UsbFix_Upload_Me_THIBAULT-PC.zip
2012-12-14 01:01 . 2012-08-24 21:19 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-13 16:56 . 2012-08-25 12:56 73656 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 16:56 . 2012-08-25 12:56 697272 ------w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 21:43 . 2012-11-30 21:43 438632 ------w- c:\windows\SysWow64\nvStreaming.exe
2012-10-30 22:50 . 2012-08-25 08:11 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-22 16:40 . 2012-10-22 16:40 277024 ------w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-22 16:40 . 2012-10-22 16:40 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-10-22 16:40 . 2012-10-22 16:40 195584 ------w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-10-22 16:40 . 2012-10-22 16:40 598780 ----a-w- c:\windows\system32\igvpkrng700.bin
2012-10-22 16:40 . 2012-10-22 16:40 513056 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-22 16:40 . 2012-10-22 16:40 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-22 16:40 . 2012-10-22 16:40 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-22 16:40 . 2012-10-22 16:40 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-22 16:40 . 2012-10-22 16:40 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-22 16:40 . 2012-10-22 16:40 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-22 16:40 . 2012-10-22 16:40 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-22 16:40 . 2012-10-22 16:40 116224 ----a-w- c:\windows\system32\igfxCoIn_v2875.dll
2012-10-22 16:40 . 2012-08-24 20:16 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-22 16:40 . 2012-10-22 16:40 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-22 16:40 . 2012-10-22 16:40 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-22 16:40 . 2012-10-22 16:40 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-22 16:40 . 2012-10-22 16:40 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-22 16:40 . 2012-10-22 16:40 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-22 16:40 . 2012-10-22 16:40 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-22 16:40 . 2012-10-22 16:40 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-22 16:40 . 2012-08-24 20:16 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-22 16:40 . 2012-10-22 16:40 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-22 16:40 . 2012-10-22 16:40 640512 ------w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-22 16:40 . 2012-10-22 16:40 518656 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-22 16:40 . 2012-10-22 16:40 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-22 16:40 . 2012-10-22 16:40 441344 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-22 16:40 . 2012-10-22 16:40 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-22 16:40 . 2012-10-22 16:40 3510784 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-22 16:40 . 2012-10-22 16:40 330240 ------w- c:\windows\SysWow64\igfxdv32.dll
2012-10-22 16:40 . 2012-10-22 16:40 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-22 16:40 . 2012-10-22 16:40 25088 ------w- c:\windows\SysWow64\igfxexps32.dll
2012-10-22 16:40 . 2012-10-22 16:40 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-22 16:40 . 2012-10-22 16:40 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-22 16:40 . 2012-09-28 10:51 384512 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-22 16:40 . 2012-08-24 20:16 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-22 16:40 . 2012-10-22 16:40 483840 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-22 16:40 . 2012-10-22 16:40 459264 ------w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-22 16:40 . 2012-10-22 16:40 3121152 ------w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-22 16:40 . 2012-08-24 20:16 12615168 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-22 16:40 . 2012-08-24 20:16 11049472 ------w- c:\windows\SysWow64\igdumd32.dll
2012-10-22 16:40 . 2012-10-22 16:40 27664896 ----a-w- c:\windows\system32\igdrcl64.dll
2012-10-22 16:40 . 2012-10-22 16:40 27643904 ------w- c:\windows\SysWow64\igdrcl32.dll
2012-10-22 16:40 . 2012-10-22 16:40 5332896 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-22 16:40 . 2012-10-22 16:40 27418112 ----a-w- c:\windows\system32\igdfcl64.dll
2012-10-22 16:40 . 2012-10-22 16:40 21810688 ------w- c:\windows\SysWow64\igdfcl32.dll
2012-10-22 16:40 . 2012-10-22 16:40 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-22 16:40 . 2012-10-22 16:40 64512 ------w- c:\windows\SysWow64\igdde32.dll
2012-10-22 16:40 . 2012-10-22 16:40 3580928 ----a-w- c:\windows\system32\igdbcl64.dll
2012-10-22 16:40 . 2012-10-22 16:40 2898944 ------w- c:\windows\SysWow64\igdbcl32.dll
2012-10-22 16:40 . 2012-08-24 20:16 12854272 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-22 16:40 . 2012-10-22 16:40 11171840 ------w- c:\windows\SysWow64\igd10umd32.dll
2012-10-22 16:40 . 2012-10-22 16:40 755048 ----a-w- c:\windows\system32\igcodeckrng700.bin
2012-10-22 16:40 . 2012-10-22 16:40 11594240 ----a-w- c:\windows\system32\ig7icd64.dll
2012-10-22 16:39 . 2012-10-22 16:39 8579584 ------w- c:\windows\SysWow64\ig7icd32.dll
2012-10-22 16:39 . 2012-10-22 16:39 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-22 16:39 . 2012-10-22 16:39 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-22 16:39 . 2012-10-22 16:39 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-22 16:39 . 2012-08-24 20:16 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-22 16:39 . 2012-10-22 16:39 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-16 15:53 . 2012-11-04 19:02 791608 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2012-10-16 15:53 . 2012-11-04 19:02 358456 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2012-10-16 15:53 . 2012-11-04 19:02 20024 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2012-10-16 15:52 . 2012-02-26 19:00 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2012-10-16 08:38 . 2012-11-28 13:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 13:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 13:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 16:09 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 16:09 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 16:09 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 16:09 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-11-24 968592]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Spotify Web Helper"="c:\users\Thibault\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-26 1199576]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-09-10 59280]
"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-09-05 59280]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2010-09-16 3366200]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE" [2012-02-29 283232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-10-16 291648]
"ASUS InstantKey"="c:\program files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe" [2012-02-20 20456]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2012-08-24 3058304]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2011-12-30 222504]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-07-06 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-07-17 178848]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_MX_Premium_Version_a_telecharger\TrayServer_fr.exe" [2008-09-01 90112]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [2010-04-14 45736]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2012-07-17 198144]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;d:\i386\AsPrOb64.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
R3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\DRIVERS\libusb0.sys [2007-03-20 16896]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2012-10-28 427976]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 128000]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-24 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-09-13 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-25 1255736]
R3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys [2011-11-17 29288]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-11-19 652344]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-11-19 28216]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-03 30056]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-25 283200]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-12-03 284008]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 659472]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-16 277120]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-21 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-21 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-07-30 119632]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-11 135824]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 IAStorDataMgrSvc;Technologie de stockage Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-19 14904]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe [2010-04-14 1052328]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2012-03-29 386344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-04-05 2143552]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-08-23 3342640]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
S3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-17 198144]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-24 29288]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2011-12-21 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2011-11-07 16512]
S3 ATP;ASUS PS/2 Port Input Device;c:\windows\system32\DRIVERS\AsusTP.sys [2012-09-11 56704]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-21 1304912]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-07-30 20552]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-10-16 358456]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-10-16 791608]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys [2012-09-24 111256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-03-29 11856]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
.
.
Contenu du dossier 'Tâches planifiées'
.
2013-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 16:56]
.
2013-01-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
2013-01-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78234974-0C4B-4111-BDEB-D9A104418772}]
2012-09-11 07:43 23424 ----a-w- c:\program files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-30 13192848]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-17 1215632]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-17 361984]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-21 11406608]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-23 770728]
"ASUSQuickGesture(x86)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe" [2012-09-11 20352]
"ASUSTPLoader(x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" [2012-09-11 169856]
"ASUSQuickGesture(x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe" [2012-09-11 22400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-22 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-22 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-22 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\9ndlwe4s.default\
FF - ExtSQL: 2012-12-19 18:54; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2012-12-23 23:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\9ndlwe4s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
.
------- Associations de fichier -------
.
.reg does not exist!
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_~\00\00~\00\00\00\00\14\00JKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~~\00\00~\00\00\00\00~\00\00\00\00\00\00\00\00\01\00Z"
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="PhotoManagerDeluxe.8.alb"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:af,0a,37,5d,84,87,c4,7e,d5,55,6c,a2,d5,b2,52,12,09,26,03,14,9f,da,64,
8f,8e,84,c9,93,87,58,a9,e3,78,71,35,88,44,7b,1e,36,41,de,65,4b,30,d1,6d,39,\
"??"=hex:6e,28,07,38,68,fe,77,4e,32,be,20,dd,2d,15,86,a3
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\SecuROM\License information*]
"datasecu"=hex:bf,3c,d0,db,6b,59,9e,7c,70,1b,9a,04,6c,55,ad,58,d8,9f,2e,30,8f,
93,c0,58,f6,bf,ce,6b,d1,2c,b3,d1,bf,97,70,04,34,75,02,75,c9,a9,b1,2e,fd,98,\
"rkeysecu"=hex:d0,5c,5e,58,97,c4,30,01,7f,a2,16,0f,56,5a,75,a4
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-01-07 10:03:15
ComboFix-quarantined-files.txt 2013-01-07 09:03
.
Avant-CF: 264 506 384 384 octets libres
Après-CF: 264 341 831 680 octets libres
.
- - End Of File - - 25D2B4FD2ECB9DCF08D43A2BD70865B1

Toujours les même problème, et en plus Opéra medit qu'il y a une erreur de communication interne maintenant :@
0
thibextra Messages postés 227 Statut Membre 11
 
Opéra est redevenu normal, mais sinon rien n'a changé...
0
Réponse 32 / 45
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Salut padawan fish matte l'event viewer sur extras.txt : 

Error - 05/01/2013 18:48:22 | Computer Name = Thibault-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 15

Error - 05/01/2013 12:08:17 | Computer Name = Thibault-PC | Source = Service Control Manager | ID = 7031
Description = Le service avast! Antivirus s'est terminé de manière inattendue. Ceci
 s'est produit 1 fois. L'action corrective suivante va être effectuée dans 5000 
millisecondes : Redémarrer le service.

Error - 05/01/2013 13:01:43 | Computer Name = Thibault-PC | Source = Service Control Manager | ID = 7000
Description = Le service lxeaCATSCustConnectService n'a pas pu démarrer en raison
 de l'erreur :   %%1053

Error - 06/01/2013 10:05:46 | Computer Name = Thibault-PC | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
 du cliché instantané n'a pas pu s'agrandir en raison d'une limite utilisateur.

0
Réponse 33 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Bonsoir à tous!

1/
* Ouvre ton menu démarrer

-> Si tu es sur XP, ouvre exécuter, tape cmd et valide par pression sur la touche Enter

-> Sur Vista/Seven, dans le champ "Recherche" tape cmd , sur le résultat qui apparait, clic droit > exécuter en tant qu'administrateur

* Dans la fenêtre noire, tape sfc /scannow et laisse Windows réparer les fichiers.

2/
Sans vider la restauration du système, utilise : ce lien pour voir tous les points de restauration qui existent.
Est ce qu'il existe un point de restauration correspondant à une date antérieure avant l'apparition du problème ?

@+
0
Réponse 34 / 45
thibextra Messages postés 227 Statut Membre 11
 
Voilà c'est fait, j'attend qu'il ait finit.

Et par contre je ne sais plus exactement quand le problème a existé, j'ai posté ici une fois que j'en ai eu marre...
0
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
D'accord, tiens nous au courant! :-)

@+
0
thibextra Messages postés 227 Statut Membre 11
 
"Le programme de correction des ressources n'a trouvé aucune violation 'intégrité" me dit CMD.

Merci encore de votre aide :)
0
Réponse 35 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Re,
Désinstalle : Bonjour et iTunes , tu peux les réinstaller après avoir vérifié s'ils sont l'origine du problème!

@+
0
Réponse 36 / 45
thibextra Messages postés 227 Statut Membre 11
 
Je risque pas de perdre mes bibliothèques itunes ??
0
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Tu peux lire : sauvegarder votre bibliothèque iTunes
Autre lien si besoin : https://fr.copytrans.net/copytranstuneswift/
0
thibextra Messages postés 227 Statut Membre 11
 
Ok, et bien, rien n'a fonctioné, même après redémarrage :(
0
Réponse 37 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Bonjour,

Est ce que tu as désinstallé puis réinstallé Firefox pour vérification ?
0
Réponse 38 / 45
thibextra Messages postés 227 Statut Membre 11
 
Tuoujours pas, même après redémarrage...
0
Réponse 39 / 45
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Il reste une autre procédure à effectuer :

*Télécharge Dr Web CureIt sur ton Bureau
* Exécute le.
*Alerte "protection renforcée" cliquer sur >> OK
*Clique sur "mettre à jour" et ensuite sur "commencer le scan", patiente et laisse travailler l'outil durant l'analyse
*Si détection >> Quarantaine
*Clique sur "fichier" et "enregistrer le rapport", poste le dans ta prochaine réponse
*Sers-toi du tutoriel ci-dessous pour l'utilisation de Dr Web
Tutoriel
-----------------------------------------------------------------------
Voici : un tutoriel explicatif
-----------------------------------------------------------------------
0
Réponse 40 / 45
thibextra Messages postés 227 Statut Membre 11
 
Aucune menace détectée...
0
Précédent
  • 1
  • 2
  • 3

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses