Rapport HiJackThis

Résolu
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   -  
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,


J'ai un virus sur mon PC qui fait que celui ci ne reconnait pas mon accès a internet, alors que je suis en train de vous écrire avec Opera.

Par exemple, Internet Explorer refuse d'aller sur internet, skype me dit que je n'ai pas de conexion internet active, et les logiciels refusent de se mettre à jour tout seul.

J'ai vu sur d'autres post que ceci était du à un virus, et j'aurais voulu savoir comment l'éradiquer.

Merci d'avance

45 réponses

Précédent
Réponse 21 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Voilà pour Suppression

RogueKiller V8.4.2 _x64_ [Dec 31 2012] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Thibault [Droits d'admin]
Mode : Suppression -- Date : 05/01/2013 18:15:17

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 6 ¤¤¤
[HJ] HKLM\[...]\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2)
[HJ DESK] HKCU\[...]\Services\Microsoft\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
[...]


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ATA ST9750420AS SCSI Disk Device +++++
--- User ---
[MBR] 42d8f959e6f7d0ae2d14e55200af2199
[BSP] 9117ff385a533884843e3715d2d13ff8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[3]_D_05012013_181517.txt >>
RKreport[1]_S_05012013_170823.txt ; RKreport[2]_S_05012013_181451.txt ; RKreport[3]_D_05012013_181517.txt



Puis pour HOST RAZ


RogueKiller V8.4.2 _x64_ [Dec 31 2012] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Thibault [Droits d'admin]
Mode : HOSTS RAZ -- Date : 05/01/2013 18:16:02

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
[...]


¤¤¤ Nouveau fichier HOSTS: ¤¤¤


Termine : << RKreport[4]_H_05012013_181602.txt >>
RKreport[1]_S_05012013_170823.txt ; RKreport[2]_S_05012013_181451.txt ; RKreport[3]_D_05012013_181517.txt ; RKreport[4]_H_05012013_181602.txt



Voilà, merci de ton aide précieuse :p
0
Réponse 22 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
1/
Supprime les extensions inutiles de ton navigateur .
Aide : <<< ICI >>> ou encore : <<< ICI >>>

2/
Relance maintenant mbam, supprime tous ce qu'il trouve puis poste
le rapport stp

@+

¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 23 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Aucune menace détectée

Malwarebytes Anti-Malware (Essai) 1.70.0.1100
www.malwarebytes.org

Version de la base de données: v2013.01.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Thibault :: THIBAULT-PC [administrateur]

Protection: Désactivé

06/01/2013 11:38:30
mbam-log-2013-01-06 (11-38-30).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 466148
Temps écoulé: 52 minute(s), 15 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
0
Réponse 24 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Salut,
1/
* Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Personnalisation, copie-colle le texte en gras ci-dessous :

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c


* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le lien pjjoint ici ensuite pour pouvoir être consultés.

2/
Est ce que le problème existe encore ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
OTL.txt

https://pjjoint.malekal.com/files.php?id=OTL_20130106_s10t14g7m7t6

et extras.txt

https://pjjoint.malekal.com/files.php?id=OTL_Extras_20130106_c9f6e14k12x15

et oui toujoursle même problème :(
0
Réponse 26 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Bonsoir,

Relance OTL
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* Dans la partie "Personnalisation", copie/colle les instructions suivantes :

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
[2012/09/15 21:06:08 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}


:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[RESETHOSTS]
[Reboot]




* Clique sur le bouton Correction.
* Patiente pendant le travail de l'outil, il doit ensuite redémarrer le PC.
* Accepte en cliquant sur OK.
* Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément.

Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles

@+


¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 27 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
le rapport d'OTL en mode correction

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\Plugins folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\modules folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\META-INF folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\lib folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults\preferences folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\skin folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\sl folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\lib folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\core folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\404 folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\api folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\res folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\img folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\css folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284 folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome folder moved successfully.
C:\Users\Thibault\AppData\Roaming\Mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d} folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Thibault
->Temp folder emptied: 11982266 bytes
->Temporary Internet Files folder emptied: 557399 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 52217681 bytes
->Flash cache emptied: 1549 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6704 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 349095849 bytes

Total Files Cleaned = 395,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Thibault
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01062013_193737

Files\Folders moved on Reboot...
C:\Users\Thibault\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Bonne soirée :)
0
Réponse 28 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
D'accord!

Redémarre ton PC puis tiens moi s'il y'a de nouveau!

@+
0
Réponse 29 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Ben, c'est toujours pareil :/
0
Réponse 30 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Bonjour,

Avant d'utiliser ComboFix :

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix

* Télécharge Defogger (de jpshortstuff) sur ton Bureau
* Lance le

* Une fenêtre apparait : clique sur "Disable"

* Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

===================================================

Attention, avant de commencer, lis attentivement la procédure

********************************************************

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEUREUX /!\

* Fais un clic droit sur ce lien, enregistre le dans ton bureau sous un autre nom exemple « ton pseudo.exe »
Voici Aide combofix

* /!\ Déconnecte-toi du net et ARRÊTE TES LOGICIELS DE PROTECTION /!\


*Double-clique sur ComboFix.exe (ou exécuter en tant qu'administrateur pour vista et seven)

Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

** SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

? Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

*En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

** /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

*Note : Le rapport se trouve également là : C:\ComboFix.txt
0
Réponse 31 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Alors voilà le rapport

ComboFix 13-01-06.01 - Thibault 07/01/2013 9:56.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6030.4013 [GMT 1:00]
Lancé depuis: c:\users\Thibault\Desktop\Thibextra.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Public\sdelevURL.tmp
c:\users\Thibault\AppData\Roaming\Microsoft\~DFK11fec66.tmp
c:\users\Thibault\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Thibault\AppData\Roaming\Microsoft\bass.dll
c:\users\Thibault\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Thibault\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Thibault\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Thibault\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Thibault\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Thibault\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Thibault\pdf
c:\users\Thibault\pdf\Coolutils Total PDF Converter 2.1.210 + Serial.rar
c:\windows\msvcr71.dll
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-12-07 au 2013-01-07 ))))))))))))))))))))))))))))))))))))
.
.
2013-01-07 09:01 . 2013-01-07 09:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-07 08:52 . 2013-01-07 08:52 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEA2166C-ECA8-4A7E-AD51-7FB632D5B603}\offreg.dll
2013-01-06 23:41 . 2013-01-06 23:47 -------- d-----w- c:\users\Thibault\AppData\Roaming\Pamela
2013-01-06 23:41 . 2013-01-06 23:41 203264 ----a-w- c:\windows\SysWow64\RemoteControl.dll
2013-01-06 23:41 . 2013-01-06 23:41 -------- d-----w- c:\program files (x86)\Pamela
2013-01-06 18:37 . 2013-01-06 18:37 -------- d-----w- C:\_OTL
2013-01-05 10:17 . 2013-01-05 10:17 -------- d-----w- C:\_OTM
2013-01-05 08:33 . 2013-01-05 10:05 -------- d-----w- C:\UsbFix
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-01-04 22:13 . 2013-01-04 22:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2013-01-04 22:13 . 2013-01-04 22:13 -------- d-----w- c:\program files (x86)\QuickTime
2013-01-04 22:11 . 2013-01-04 22:12 -------- d-----w- c:\program files\CyberLink
2013-01-04 22:10 . 2013-01-04 22:10 -------- d-----w- c:\programdata\CLSK
2013-01-04 18:59 . 2013-01-05 12:50 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2013-01-04 15:05 . 2013-01-04 15:05 -------- d-----w- c:\users\Thibault\AppData\Roaming\Malwarebytes
2013-01-04 15:04 . 2013-01-04 15:04 -------- d-----w- c:\programdata\Malwarebytes
2013-01-04 15:04 . 2013-01-04 15:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-04 15:04 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-04 10:50 . 2013-01-05 12:50 -------- d-----w- c:\program files (x86)\ZHPDiag
2013-01-04 10:50 . 2013-01-05 12:45 -------- d-----w- C:\ZHP
2013-01-04 10:12 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEA2166C-ECA8-4A7E-AD51-7FB632D5B603}\mpengine.dll
2012-12-31 23:54 . 2012-12-31 23:54 -------- d-----w- c:\users\Thibault\AppData\Local\Rockstar Games
2012-12-31 23:53 . 2012-12-31 23:53 -------- d-sh--w- c:\programdata\SecuROM
2012-12-31 22:23 . 2012-12-31 23:36 -------- d-----w- c:\program files (x86)\Grand Theft Auto IV - Episodes From Liberty City
2012-12-31 19:13 . 2012-12-31 19:13 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-30 21:08 . 2013-01-06 19:49 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-30 21:08 . 2012-12-30 21:08 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-29 19:24 . 2012-12-29 19:53 -------- d-----w- c:\users\Thibault\AppData\Roaming\Youtube Downloader HD
2012-12-29 19:24 . 2012-12-29 19:24 -------- d-----w- c:\program files (x86)\Youtube Downloader HD
2012-12-26 17:19 . 2012-12-26 17:19 -------- d-----w- c:\program files (x86)\Telltale Games
2012-12-26 11:37 . 2012-12-26 11:37 -------- d-----w- c:\programdata\RELOADED
2012-12-26 11:34 . 2012-12-26 20:54 -------- d-----w- c:\program files (x86)\The Walking Dead
2012-12-23 20:16 . 2012-12-23 20:16 -------- d-----w- c:\users\Thibault\AppData\Local\Xara
2012-12-23 20:16 . 2012-12-23 20:16 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared
2012-12-21 23:43 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 23:43 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 23:43 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 23:43 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 16:46 . 2012-12-21 16:46 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2012-12-21 16:45 . 2012-12-21 17:11 -------- d-----w- c:\users\Thibault\AppData\Local\Pinnacle
2012-12-21 16:45 . 2012-12-21 16:45 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2012-12-21 16:39 . 2012-12-21 16:44 -------- d-----w- c:\programdata\Pinnacle
2012-12-21 16:39 . 2012-12-21 16:41 -------- d-----w- c:\program files (x86)\Pinnacle
2012-12-21 15:32 . 2012-12-21 15:33 -------- d-----w- c:\users\Thibault\AppData\Roaming\avidemux
2012-12-21 10:29 . 2012-12-21 10:29 -------- d-----w- c:\users\Thibault\AppData\Roaming\Media Player Classic
2012-12-21 10:07 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll
2012-12-21 10:06 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax
2012-12-21 10:06 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll
2012-12-21 10:01 . 2012-12-21 10:02 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2012-12-19 17:53 . 2012-12-19 17:53 1187697 ----a-w- c:\windows\unins000.exe
2012-12-19 17:48 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-19 17:48 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-19 17:48 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-19 17:47 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-19 17:47 . 2012-10-30 22:51 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-12-19 17:47 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-19 17:47 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-19 17:47 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-19 17:47 . 2012-10-30 22:50 227648 ------w- c:\windows\SysWow64\aswBoot.exe
2012-12-18 22:16 . 2012-11-19 11:10 652344 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2012-12-18 22:16 . 2012-11-19 11:10 28216 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2012-12-18 13:00 . 2012-12-18 13:00 -------- d-----w- c:\program files (x86)\Bigasoft
2012-12-18 09:51 . 2012-12-18 09:51 -------- d-----w- c:\windows\SysWow64\NV
2012-12-18 09:51 . 2012-12-18 09:51 -------- d-----w- c:\windows\system32\NV
2012-12-18 09:43 . 2013-01-05 08:32 -------- d-----w- c:\users\UpdatusUser
2012-12-18 09:43 . 2013-01-07 08:36 -------- d-----w- c:\programdata\NVIDIA
2012-12-18 09:42 . 2012-12-01 05:49 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-18 09:42 . 2012-12-01 05:49 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-18 09:42 . 2012-12-01 05:49 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-18 09:42 . 2012-12-01 05:49 877928 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-18 09:42 . 2012-12-01 05:48 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-18 09:42 . 2012-12-01 05:49 3663213 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-18 09:42 . 2012-12-01 05:49 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-18 09:42 . 2012-12-01 05:49 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-18 09:42 . 2012-12-01 05:48 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-18 09:42 . 2012-12-18 09:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-16 11:34 . 2012-12-16 11:34 -------- d-----w- c:\windows\system32\Plug-In Settings
2012-12-15 11:59 . 2012-12-15 13:11 -------- d-----w- c:\users\Thibault\portal2
2012-12-13 12:08 . 2012-12-13 12:08 -------- d-----w- c:\users\Thibault\looper
2012-12-12 22:21 . 2012-12-12 22:21 -------- d-----w- c:\program files (x86)\2K Games
2012-12-12 15:47 . 2012-12-12 15:47 -------- d-----w- c:\users\Thibault\Fable
2012-12-12 00:10 . 2012-12-12 00:10 -------- d-----w- c:\users\Thibault\farenheit
2012-12-11 23:37 . 2012-12-11 23:37 -------- d-----w- c:\program files (x86)\Remedy Entertainment
2012-12-11 15:09 . 2013-01-06 12:09 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-10 14:24 . 2012-12-10 14:24 -------- d-----w- c:\users\Thibault\the dark knight ost
2012-12-09 19:06 . 2012-12-09 19:06 -------- d-----w- c:\program files (x86)\ElcomSoft
2012-12-09 18:43 . 2012-12-09 18:43 -------- d-----w- c:\users\Thibault\elcomsoft
2012-12-09 17:32 . 2012-12-20 15:24 -------- d-----w- c:\users\Thibault\skyfall
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-07 08:37 . 2012-08-24 21:10 380 ----a-w- c:\users\Thibault\AppData\Roaming\sp_data.sys
2013-01-06 19:49 . 2012-11-24 15:48 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-05 10:05 . 2013-01-05 10:05 1590008 ----a-w- C:\UsbFix_Upload_Me_THIBAULT-PC.zip
2012-12-14 01:01 . 2012-08-24 21:19 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-13 16:56 . 2012-08-25 12:56 73656 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 16:56 . 2012-08-25 12:56 697272 ------w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 21:43 . 2012-11-30 21:43 438632 ------w- c:\windows\SysWow64\nvStreaming.exe
2012-10-30 22:50 . 2012-08-25 08:11 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-22 16:40 . 2012-10-22 16:40 277024 ------w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-22 16:40 . 2012-10-22 16:40 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-10-22 16:40 . 2012-10-22 16:40 195584 ------w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-10-22 16:40 . 2012-10-22 16:40 598780 ----a-w- c:\windows\system32\igvpkrng700.bin
2012-10-22 16:40 . 2012-10-22 16:40 513056 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-22 16:40 . 2012-10-22 16:40 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-22 16:40 . 2012-10-22 16:40 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-22 16:40 . 2012-10-22 16:40 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-22 16:40 . 2012-10-22 16:40 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-22 16:40 . 2012-10-22 16:40 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-22 16:40 . 2012-10-22 16:40 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-22 16:40 . 2012-10-22 16:40 116224 ----a-w- c:\windows\system32\igfxCoIn_v2875.dll
2012-10-22 16:40 . 2012-08-24 20:16 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-22 16:40 . 2012-10-22 16:40 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-22 16:40 . 2012-10-22 16:40 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-22 16:40 . 2012-10-22 16:40 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-22 16:40 . 2012-10-22 16:40 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-22 16:40 . 2012-10-22 16:40 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-22 16:40 . 2012-10-22 16:40 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-22 16:40 . 2012-10-22 16:40 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-22 16:40 . 2012-10-22 16:40 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-22 16:40 . 2012-10-22 16:40 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-22 16:40 . 2012-08-24 20:16 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-22 16:40 . 2012-10-22 16:40 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-22 16:40 . 2012-10-22 16:40 640512 ------w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-22 16:40 . 2012-10-22 16:40 518656 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-22 16:40 . 2012-10-22 16:40 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-22 16:40 . 2012-10-22 16:40 441344 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-22 16:40 . 2012-10-22 16:40 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-22 16:40 . 2012-10-22 16:40 3510784 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-22 16:40 . 2012-10-22 16:40 330240 ------w- c:\windows\SysWow64\igfxdv32.dll
2012-10-22 16:40 . 2012-10-22 16:40 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-22 16:40 . 2012-10-22 16:40 25088 ------w- c:\windows\SysWow64\igfxexps32.dll
2012-10-22 16:40 . 2012-10-22 16:40 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-22 16:40 . 2012-10-22 16:40 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-22 16:40 . 2012-09-28 10:51 384512 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-22 16:40 . 2012-08-24 20:16 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-22 16:40 . 2012-10-22 16:40 483840 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-22 16:40 . 2012-10-22 16:40 459264 ------w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-22 16:40 . 2012-10-22 16:40 3121152 ------w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-22 16:40 . 2012-08-24 20:16 12615168 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-22 16:40 . 2012-08-24 20:16 11049472 ------w- c:\windows\SysWow64\igdumd32.dll
2012-10-22 16:40 . 2012-10-22 16:40 27664896 ----a-w- c:\windows\system32\igdrcl64.dll
2012-10-22 16:40 . 2012-10-22 16:40 27643904 ------w- c:\windows\SysWow64\igdrcl32.dll
2012-10-22 16:40 . 2012-10-22 16:40 5332896 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-22 16:40 . 2012-10-22 16:40 27418112 ----a-w- c:\windows\system32\igdfcl64.dll
2012-10-22 16:40 . 2012-10-22 16:40 21810688 ------w- c:\windows\SysWow64\igdfcl32.dll
2012-10-22 16:40 . 2012-10-22 16:40 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-22 16:40 . 2012-10-22 16:40 64512 ------w- c:\windows\SysWow64\igdde32.dll
2012-10-22 16:40 . 2012-10-22 16:40 3580928 ----a-w- c:\windows\system32\igdbcl64.dll
2012-10-22 16:40 . 2012-10-22 16:40 2898944 ------w- c:\windows\SysWow64\igdbcl32.dll
2012-10-22 16:40 . 2012-08-24 20:16 12854272 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-22 16:40 . 2012-10-22 16:40 11171840 ------w- c:\windows\SysWow64\igd10umd32.dll
2012-10-22 16:40 . 2012-10-22 16:40 755048 ----a-w- c:\windows\system32\igcodeckrng700.bin
2012-10-22 16:40 . 2012-10-22 16:40 11594240 ----a-w- c:\windows\system32\ig7icd64.dll
2012-10-22 16:39 . 2012-10-22 16:39 8579584 ------w- c:\windows\SysWow64\ig7icd32.dll
2012-10-22 16:39 . 2012-10-22 16:39 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-22 16:39 . 2012-10-22 16:39 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-22 16:39 . 2012-10-22 16:39 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-22 16:39 . 2012-08-24 20:16 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-22 16:39 . 2012-10-22 16:39 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-16 15:53 . 2012-11-04 19:02 791608 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2012-10-16 15:53 . 2012-11-04 19:02 358456 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2012-10-16 15:53 . 2012-11-04 19:02 20024 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2012-10-16 15:52 . 2012-02-26 19:00 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2012-10-16 08:38 . 2012-11-28 13:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 13:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 13:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 16:09 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 16:09 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 16:09 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 16:09 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-11-24 968592]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Spotify Web Helper"="c:\users\Thibault\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-26 1199576]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-09-10 59280]
"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-09-05 59280]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2010-09-16 3366200]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE" [2012-02-29 283232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-10-16 291648]
"ASUS InstantKey"="c:\program files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe" [2012-02-20 20456]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2012-08-24 3058304]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2011-12-30 222504]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-07-06 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-07-17 178848]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_MX_Premium_Version_a_telecharger\TrayServer_fr.exe" [2008-09-01 90112]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [2010-04-14 45736]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2012-07-17 198144]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;d:\i386\AsPrOb64.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
R3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\DRIVERS\libusb0.sys [2007-03-20 16896]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2012-10-28 427976]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 128000]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-24 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-09-13 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-25 1255736]
R3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys [2011-11-17 29288]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-11-19 652344]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-11-19 28216]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-03 30056]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-25 283200]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-12-03 284008]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 659472]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-16 277120]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-21 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-21 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-07-30 119632]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-11 135824]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 IAStorDataMgrSvc;Technologie de stockage Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-19 14904]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe [2010-04-14 1052328]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2012-03-29 386344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-04-05 2143552]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-08-23 3342640]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
S3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-17 198144]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-24 29288]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys [2011-12-21 35968]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys [2011-11-07 16512]
S3 ATP;ASUS PS/2 Port Input Device;c:\windows\system32\DRIVERS\AsusTP.sys [2012-09-11 56704]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-21 1304912]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-07-30 20552]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-10-16 358456]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-10-16 791608]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys [2012-09-24 111256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-03-29 11856]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
.
.
Contenu du dossier 'Tâches planifiées'
.
2013-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 16:56]
.
2013-01-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
2013-01-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78234974-0C4B-4111-BDEB-D9A104418772}]
2012-09-11 07:43 23424 ----a-w- c:\program files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-30 13192848]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-17 1215632]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-17 361984]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-21 11406608]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-23 770728]
"ASUSQuickGesture(x86)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe" [2012-09-11 20352]
"ASUSTPLoader(x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" [2012-09-11 169856]
"ASUSQuickGesture(x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe" [2012-09-11 22400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-22 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-22 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-22 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\9ndlwe4s.default\
FF - ExtSQL: 2012-12-19 18:54; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2012-12-23 23:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Thibault\AppData\Roaming\Mozilla\Firefox\Profiles\9ndlwe4s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
.
------- Associations de fichier -------
.
.reg does not exist!
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_~\00\00~\00\00\00\00\14\00JKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~~\00\00~\00\00\00\00~\00\00\00\00\00\00\00\00\01\00Z"
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="PhotoManagerDeluxe.8.alb"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-2813007007-3457386607-2108643950-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:af,0a,37,5d,84,87,c4,7e,d5,55,6c,a2,d5,b2,52,12,09,26,03,14,9f,da,64,
8f,8e,84,c9,93,87,58,a9,e3,78,71,35,88,44,7b,1e,36,41,de,65,4b,30,d1,6d,39,\
"??"=hex:6e,28,07,38,68,fe,77,4e,32,be,20,dd,2d,15,86,a3
.
[HKEY_USERS\S-1-5-21-2813007007-3457386607-2108643950-1000\Software\SecuROM\License information*]
"datasecu"=hex:bf,3c,d0,db,6b,59,9e,7c,70,1b,9a,04,6c,55,ad,58,d8,9f,2e,30,8f,
93,c0,58,f6,bf,ce,6b,d1,2c,b3,d1,bf,97,70,04,34,75,02,75,c9,a9,b1,2e,fd,98,\
"rkeysecu"=hex:d0,5c,5e,58,97,c4,30,01,7f,a2,16,0f,56,5a,75,a4
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-01-07 10:03:15
ComboFix-quarantined-files.txt 2013-01-07 09:03
.
Avant-CF: 264 506 384 384 octets libres
Après-CF: 264 341 831 680 octets libres
.
- - End Of File - - 25D2B4FD2ECB9DCF08D43A2BD70865B1


Toujours les même problème, et en plus Opéra medit qu'il y a une erreur de communication interne maintenant :@
0
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Opéra est redevenu normal, mais sinon rien n'a changé...
0
Réponse 32 / 45
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Salut padawan fish matte l'event viewer sur extras.txt : 

Error - 05/01/2013 18:48:22 | Computer Name = Thibault-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 15

Error - 05/01/2013 12:08:17 | Computer Name = Thibault-PC | Source = Service Control Manager | ID = 7031
Description = Le service avast! Antivirus s'est terminé de manière inattendue. Ceci
 s'est produit 1 fois. L'action corrective suivante va être effectuée dans 5000 
millisecondes : Redémarrer le service.

Error - 05/01/2013 13:01:43 | Computer Name = Thibault-PC | Source = Service Control Manager | ID = 7000
Description = Le service lxeaCATSCustConnectService n'a pas pu démarrer en raison
 de l'erreur :   %%1053

Error - 06/01/2013 10:05:46 | Computer Name = Thibault-PC | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
 du cliché instantané n'a pas pu s'agrandir en raison d'une limite utilisateur.

0
Réponse 33 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Bonsoir à tous!

1/
* Ouvre ton menu démarrer

-> Si tu es sur XP, ouvre exécuter, tape cmd et valide par pression sur la touche Enter

-> Sur Vista/Seven, dans le champ "Recherche" tape cmd , sur le résultat qui apparait, clic droit > exécuter en tant qu'administrateur

* Dans la fenêtre noire, tape sfc /scannow et laisse Windows réparer les fichiers.

2/
Sans vider la restauration du système, utilise : ce lien pour voir tous les points de restauration qui existent.
Est ce qu'il existe un point de restauration correspondant à une date antérieure avant l'apparition du problème ?

@+
0
Réponse 34 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Voilà c'est fait, j'attend qu'il ait finit.

Et par contre je ne sais plus exactement quand le problème a existé, j'ai posté ici une fois que j'en ai eu marre...
0
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
D'accord, tiens nous au courant! :-)

@+
0
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
"Le programme de correction des ressources n'a trouvé aucune violation 'intégrité" me dit CMD.

Merci encore de votre aide :)
0
Réponse 35 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Re,
Désinstalle : Bonjour et iTunes , tu peux les réinstaller après avoir vérifié s'ils sont l'origine du problème!

@+
0
Réponse 36 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Je risque pas de perdre mes bibliothèques itunes ??
0
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Tu peux lire : sauvegarder votre bibliothèque iTunes
Autre lien si besoin : https://fr.copytrans.net/copytranstuneswift/
0
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Ok, et bien, rien n'a fonctioné, même après redémarrage :(
0
Réponse 37 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Bonjour,

Est ce que tu as désinstallé puis réinstallé Firefox pour vérification ?
0
Réponse 38 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Tuoujours pas, même après redémarrage...
0
Réponse 39 / 45
Fish66 Messages postés 17505 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 318
 
Il reste une autre procédure à effectuer :

*Télécharge Dr Web CureIt sur ton Bureau
* Exécute le.
*Alerte "protection renforcée" cliquer sur >> OK
*Clique sur "mettre à jour" et ensuite sur "commencer le scan", patiente et laisse travailler l'outil durant l'analyse
*Si détection >> Quarantaine
*Clique sur "fichier" et "enregistrer le rapport", poste le dans ta prochaine réponse
*Sers-toi du tutoriel ci-dessous pour l'utilisation de Dr Web
Tutoriel
-----------------------------------------------------------------------
Voici : un tutoriel explicatif
-----------------------------------------------------------------------
0
Réponse 40 / 45
thibextra Messages postés 203 Date d'inscription   Statut Membre Dernière intervention   9
 
Aucune menace détectée...
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Tableau croisé dynamique
Joh67 -
Joh67 -

2 réponses