Fermeture inopinée du navigateur, un virus ?

Fermé
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019 - 24 mars 2014 à 11:35
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019 - 24 mars 2014 à 16:12
Bonjour, quelqu'un peut il m'aider sur ce sujet,
Merci d'avance

8 réponses

Utilisateur anonyme
24 mars 2014 à 11:51
Bonjour

Le navigateur se ferme a chaque ouverture?
Quel navigateur?

Télécharge la version FRST de Farbar, compatible avec ton système et enregistre le fichier sur ton Bureau <== Important

Pour un système en 32 bits ==> FRST de Farbar
Pour un système en 64 bits ==> FRST de Farbar
Comment savoir quelle version 32 bits ou 64 bits est exécutée sur mon système ?

Patiente le temps que ton navigateur te propose le téléchargement à enregistrer, sans cliquer nulle part, surtout pas sur les sponsors de la page.


Ferme toutes les applications, y compris ton navigateur
Double-clique sur FRST.exe et clique sur Oui pour accepter le Disclaimer
/!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal coche la case Addition.txt et clique sur Scan et patiente le temps de l'analyse
A la fin du scan, les rapports FRST.txt et Addition.txt sont créés.
Les rapports sont enregistrés au même emplacement que l'outil et sous C:\FRST\Logs
Héberge les rapports sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum


Sous IE9, IE10 ou IE11, le filtre SmartScreen déclenche une alerte. Cliquer sur Actions puis sur Exécuter quand même
0
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019
24 mars 2014 à 12:31
Voilà le rapport en copie simple, je ne sais plus comment utiliser Cjoint Réponse Google Chrome

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by azerty (administrator) on E5400 on 24-03-2014 12:25:23
Running from C:\Documents and Settings\azerty\Mes documents\Downloads
Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) c:\program files\idt\wdm\stacsv.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apache Software Foundation) c:\dolibarr\bin\apache\apache2.2.11\bin\httpd.exe
() c:\dolibarr\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Apache Software Foundation) C:\dolibarr\bin\apache\apache2.2.11\bin\httpd.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\Connectivity.exe
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
() C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Lavasoft) C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Wakoopa) C:\Documents and Settings\azerty\Local Settings\Application Data\Toluna Panel Application\Toluna Panel Application.exe
(Smart PC Solutions) C:\Program Files\PC Speed Maximizer\SPMSmartScan.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
(Dropbox, Inc.) C:\Documents and Settings\azerty\Application Data\Dropbox\bin\Dropbox.exe
() C:\Program Files\Amazon Browser Bar\search_protect.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [155648 2012-07-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-09] (IDT, Inc.)
HKLM\...\Run: [AESTFltr] - C:\WINDOWS\system32\AESTFltr.exe [737280 2009-07-07] (Andrea Electronics Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [fst_fr_10] - [X]
HKLM\...\Run: [upfst_fr_10.exe] - C:\Documents and Settings\azerty\Local Settings\Application Data\fst_fr_10\upfst_fr_10.exe -runhelper
HKLM\...\Run: [PopUpKiller] - C:\Program Files\PopUp Killer\popupkiller.EXE [108032 2002-02-26] (xFX JumpStart)
HKLM\...\Run: [fst_fr_13] - [X]
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [98304 2013-03-11] (Apple Computer, Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\.DEFAULT\...\Run: [SearchProtect] - C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\bin\cltmng.exe
HKU\.DEFAULT\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-57989841-329068152-725345543-1003\...\Run: [PC Speed Maximizer] - C:\Program Files\PC Speed Maximizer\SPMLauncher.exe [135792 2013-10-30] (Smart PC Solutions)
HKU\S-1-5-21-57989841-329068152-725345543-1003\...\Run: [Toluna Panel Application] - C:\Documents and Settings\azerty\Local Settings\Application Data\Toluna Panel Application\Toluna Panel Application.exe [971104 2013-12-05] (Wakoopa)
HKU\S-1-5-21-57989841-329068152-725345543-1003\...\Run: [GoogleChromeAutoLaunch_5D799C7B2FE4C4EF304A3915D4FFDE7A] - C:\Documents and Settings\azerty\Local Settings\Application Data\Yappyz\Application\yappyz.exe [1266496 2013-08-06] (The Yappyz Authors)
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant de configuration NETGEAR WNA1100.lnk
ShortcutTarget: Assistant de configuration NETGEAR WNA1100.lnk -> C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\Documents and Settings\azerty\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\azerty\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_fr_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_ie_sp_
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103aw&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtByB0A0A0E0EtCzytAyDtN0D0Tzu0CyByCtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370365780&ir=
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_fr_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-fr-ie-21&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103aw&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtByB0A0A0E0EtCzytAyDtN0D0Tzu0CyByCtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370365780&ir=
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_fr_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-fr-ie-21&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_ie_ds_&query={searchTerms}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: No Name - {3a6a191a-0560-4d07-9c5b-d77c5f464331} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
BHO: Toluna Panel Application - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Documents and Settings\azerty\Local Settings\Application Data\Wakoopa Shared\WakoopaBHO.dll (Wakoopa)
Toolbar: HKLM - No Name - {3a6a191a-0560-4d07-9c5b-d77c5f464331} - No File
Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Liens - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default
FF user.js: detected! => C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\user.js
FF NewTab: hxxp://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_fr_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_ff_nt_
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: Amazon
FF Homepage: hxxp://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_fr_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_ff_sp_
FF DefaultSearchEngine: Mysearchdial
FF Keyword.URL: hxxp://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_fr_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-fr-ff-21&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: Giant Savings Extension - C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\Extensions\extension21810@extension21810.com [2013-05-29]
FF Extension: No Name - C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\Extensions\staged [2014-01-31]
FF Extension: No Name - C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\Extensions\trash [2013-11-14]
FF Extension: HomeTab - C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\Extensions\{7b070f8a-7fa0-4d43-b57d-c2b2fa8849f5} [2013-11-05]
FF Extension: Amazon 1Button App for Firefox - C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\Extensions\abb@amazon.com.xpi [2013-09-04]
FF Extension: RightSurf - C:\Documents and Settings\azerty\Application Data\Mozilla\Firefox\Profiles\8f5wn9gd.default\Extensions\{b9a19c25-a741-47e5-91a2-0b62bef307ff}.xpi [2014-01-30]
FF Extension: FrameFox - C:\Program Files\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF} [2013-10-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-07]
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff

Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR RestoreOnStartup: "about:newtab?source=home", "hxxp://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p07_serp_cr_fr_display?ie=UTF8&tagbase=bds-p07&tbrId=v1_abb-channel-7_d35ecb8e6b9e420b8d71d995ffc7d383_30_46_20131112_FR_cr_sp_IS0", "hxxp://start.mysearchdial.com/?f=1&a=irmsd0103aw&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtByB0A0A0E0EtCzytAyDtN0D0Tzu0CyByCtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370365780&ir=", "hxxp://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_fr_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_d4aced2dcc8c46ebbd00b4c71c3e3479_39_1007_20140220_FR_cr_sp_"
CHR Extension: (Documents Google) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-21]
CHR Extension: (YouTube) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-21]
CHR Extension: (Toluna Panel Application) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cohoeemkhefkjkhniomokfcpiaefianh [2014-02-15]
CHR Extension: (Iminent) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-02-07]
CHR Extension: (Google Wallet) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Lavasoft NewTab) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2013-10-03]
CHR Extension: (https://www.google.fr/ - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\panhfjbapmcigaeaebakhnfjocpelhmm [2013-11-24]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-02-20]
CHR Extension: (Gmail) - C:\Documents and Settings\azerty\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-21]
CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx [2013-11-21]
CHR HKLM\...\Chrome\Extension: [inijogebjcbencgchadlocnjgfllaghc] - C:\Program Files\HomeTab\chrome\HomeTab.crx [2013-11-21]
CHR HKLM\...\Chrome\Extension: [kbjlipmgfoamgjaogmbihaffnpkpjajp] - C:\Program Files\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx [2013-11-21]
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-08-08]
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2014-01-11]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-07-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 ACS; C:\WINDOWS\system32\acs.exe [495700 2009-02-20] (Atheros)
S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-11] ()
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
R2 doliwampapache; c:\dolibarr\bin\apache\apache2.2.11\bin\httpd.exe [24636 2008-12-10] (Apache Software Foundation)
R2 doliwampmysqld; c:\dolibarr\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe [5730304 2007-07-06] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S3 jswpsapi; C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe [360529 2009-11-05] (Atheros Communications, Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-13] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
S2 RemoteEngineService; C:\Program Files\VuuPC\remoteengine.exe [2967568 2014-02-10] (ClickMeIn Limited)
R2 STacSV; c:\program files\idt\wdm\stacsv.exe [229458 2010-03-09] (IDT, Inc.)
R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
R2 VuuPCConnectivity; C:\Program Files\VuuPC\Connectivity.exe [4747280 2014-02-10] (ClickMeIn Limited)
R2 WSWNA1100; C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] ()
S2 Util RightSurf; "C:\Program Files\RightSurf\bin\utilRightSurf.exe" [X]
S4 vToolbarUpdater15.3.0; C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-04-21] (Andrea Electronics Corporation)
S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1759584 2010-09-30] (Atheros Communications, Inc.)
S4 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-06-27] (AVG Technologies)
S3 d553bus; C:\WINDOWS\System32\DRIVERS\d553bus.sys [281216 2008-12-19] (MCCI Corporation)
S3 d553card; C:\WINDOWS\System32\DRIVERS\d553card.sys [356352 2008-12-19] (MCCI Corporation)
S3 d553gps; C:\WINDOWS\System32\DRIVERS\d553gps.sys [77352 2009-01-08] (Dell)
S3 d553mdfl; C:\WINDOWS\System32\DRIVERS\d553mdfl.sys [14976 2008-12-19] (MCCI Corporation)
S3 d553mdfl2; C:\WINDOWS\System32\DRIVERS\d553mdfl2.sys [14976 2008-12-19] (MCCI Corporation)
S3 d553mdm; C:\WINDOWS\System32\DRIVERS\d553mdm.sys [365312 2008-12-19] (MCCI Corporation)
S3 d553mdm2; C:\WINDOWS\System32\DRIVERS\d553mdm2.sys [409216 2008-12-19] (MCCI Corporation)
S3 d553nd5; C:\WINDOWS\System32\DRIVERS\d553nd5.sys [25984 2008-12-19] (MCCI Corporation)
S3 d553scard; C:\WINDOWS\System32\DRIVERS\d553scard.sys [49192 2009-04-06] (Dell)
S3 d553unic; C:\WINDOWS\System32\DRIVERS\d553unic.sys [375424 2008-12-19] (MCCI Corporation)
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [43368 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [13560 2013-10-03] (GFI Software)
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210688 2008-06-24] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [985728 2008-06-24] (Conexant Systems, Inc.)
R3 JSWSCIMD; C:\WINDOWS\System32\DRIVERS\jswscimd.sys [57440 2008-09-25] (Atheros Communications, Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 NETwNx32; C:\WINDOWS\System32\DRIVERS\NETwNx32.sys [7477760 2012-01-23] (Intel Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2001-08-28] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-28] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
R1 RapportCerberus_59849; C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2014-03-12] ()
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1656499 2010-03-09] (IDT, Inc.)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2009-01-30] (Atheros Communications, Inc.)
S4 IntelIde; No ImagePath
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 3\ProcObsrv.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-24 12:21 - 2014-03-24 12:25 - 00000000 ____D () C:\FRST
2014-03-23 18:50 - 2014-03-23 18:50 - 00065536 _____ () C:\WINDOWS\Minidump\Mini032314-01.dmp
2014-03-21 22:16 - 2014-03-21 22:16 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
2014-03-19 21:27 - 2014-03-19 21:27 - 00107256 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2014-03-18 10:57 - 2014-03-18 10:57 - 00065536 _____ () C:\WINDOWS\Minidump\Mini031814-01.dmp
2014-03-13 03:01 - 2014-03-13 03:02 - 00012791 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-13 03:01 - 2014-03-13 03:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-13 03:01 - 2014-03-13 03:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-12 10:37 - 2014-03-23 18:42 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Trusteer Sécurité des points d'accès
2014-03-12 10:37 - 2014-03-12 10:37 - 00000000 ____D () C:\Program Files\Trusteer
2014-03-12 05:29 - 2014-03-13 03:01 - 00012856 _____ () C:\WINDOWS\KB2930275.log
2014-03-12 05:29 - 2014-03-13 03:01 - 00011329 _____ () C:\WINDOWS\KB2929961.log
2014-03-11 22:33 - 2014-03-21 14:06 - 00030442 _____ () C:\Documents and Settings\azerty\Bureau\PW2014Mar11.ods
2014-03-05 16:09 - 2014-03-07 09:25 - 00014684 _____ () C:\Documents and Settings\azerty\Bureau\Tarifs Paris Ville(s).odt
2014-03-05 11:14 - 2014-03-05 11:14 - 00001542 _____ () C:\Documents and Settings\All Users\Bureau\iTunes.lnk
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-05 11:14 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-03-05 11:13 - 2014-03-21 22:16 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-03-05 11:13 - 2014-03-05 11:13 - 00001830 _____ () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Documents and Settings\azerty\Local Settings\Application Data\Apple
2014-03-05 11:12 - 2014-03-05 11:14 - 00000000 ____D () C:\Program Files\Fichiers communs\Apple
2014-03-05 11:12 - 2014-03-05 11:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-03-03 17:06 - 2014-03-03 18:40 - 00020239 _____ () C:\Documents and Settings\azerty\Bureau\Idées My moto taxi.odt
2014-02-28 09:05 - 2014-02-28 10:14 - 00052202 _____ () C:\Documents and Settings\azerty\Bureau\Prixtel2013.ods
2014-02-26 21:53 - 2014-02-26 21:53 - 00078028 _____ () C:\Documents and Settings\azerty\Bureau\Logo MSF course des héros Paris 2014.ods
2014-02-24 13:54 - 2014-02-24 17:20 - 00030388 _____ () C:\Documents and Settings\azerty\Bureau\PW2014Fev24.ods

==================== One Month Modified Files and Folders =======

2014-03-24 12:25 - 2014-03-24 12:21 - 00000000 ____D () C:\FRST
2014-03-24 12:04 - 2013-04-22 15:25 - 00001056 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 11:50 - 2014-01-31 10:50 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job
2014-03-24 11:47 - 2013-02-15 22:16 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-24 11:02 - 2013-08-04 10:02 - 00001882 _____ () C:\WINDOWS\Tasks\Pricora 1.1-chromeinstaller.job
2014-03-24 11:02 - 2013-08-04 10:02 - 00001808 _____ () C:\WINDOWS\Tasks\Pricora 1.1-firefoxinstaller.job
2014-03-24 11:02 - 2013-08-04 10:02 - 00001188 _____ () C:\WINDOWS\Tasks\Pricora 1.1-codedownloader.job
2014-03-24 11:02 - 2013-08-04 10:02 - 00001184 _____ () C:\WINDOWS\Tasks\Pricora 1.1-updater.job
2014-03-24 11:02 - 2013-08-04 10:02 - 00001088 _____ () C:\WINDOWS\Tasks\Pricora 1.1-enabler.job
2014-03-24 10:53 - 2012-12-14 13:09 - 01274881 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-24 10:50 - 2014-01-31 10:50 - 00000282 _____ () C:\WINDOWS\Tasks\VuuPCUpdate.job
2014-03-24 10:31 - 2012-12-14 13:12 - 00000000 ____D () C:\Documents and Settings\azerty\Bureau
2014-03-24 09:45 - 2014-02-17 13:36 - 00000000 ___RD () C:\Documents and Settings\azerty\Mes documents\Dropbox
2014-03-24 09:45 - 2014-02-17 13:31 - 00000000 ____D () C:\Documents and Settings\azerty\Application Data\Dropbox
2014-03-24 07:15 - 2013-02-15 21:41 - 00000434 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{BF60AB44-827E-4B10-9423-61545EC2ADB4}.job
2014-03-24 05:47 - 2012-12-14 13:12 - 00032574 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-24 03:00 - 2013-11-22 07:52 - 00223757 _____ () C:\WINDOWS\KB2686509.log
2014-03-24 03:00 - 2013-11-22 07:52 - 00000092 _____ () C:\WINDOWS\faultykeyboard.log
2014-03-23 19:04 - 2013-10-23 06:56 - 00000000 ____D () C:\Program Files\PopUp Killer
2014-03-23 19:00 - 2014-01-31 10:50 - 00000282 _____ () C:\WINDOWS\Tasks\VuuPCUpdateLogin.job
2014-03-23 19:00 - 2013-04-22 15:25 - 00001052 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-23 19:00 - 2012-12-14 13:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-23 19:00 - 2001-08-28 13:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-23 18:50 - 2014-03-23 18:50 - 00065536 _____ () C:\WINDOWS\Minidump\Mini032314-01.dmp
2014-03-23 18:50 - 2013-05-30 15:34 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-23 18:42 - 2014-03-12 10:37 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Trusteer Sécurité des points d'accès
2014-03-23 18:38 - 2013-08-04 11:31 - 00524288 _____ () C:\WINDOWS\system32\config\ACS.evt
2014-03-23 18:38 - 2012-12-14 13:12 - 00000184 ___SH () C:\Documents and Settings\azerty\ntuser.ini
2014-03-23 12:00 - 2013-10-03 14:50 - 00000946 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2014-03-22 08:50 - 2013-03-18 16:51 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-03-21 22:16 - 2014-03-21 22:16 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
2014-03-21 22:16 - 2014-03-05 11:13 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-03-21 14:06 - 2014-03-11 22:33 - 00030442 _____ () C:\Documents and Settings\azerty\Bureau\PW2014Mar11.ods
2014-03-19 21:27 - 2014-03-19 21:27 - 00107256 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2014-03-19 12:07 - 2013-03-15 11:07 - 00000000 ____D () C:\Documents and Settings\azerty\Local Settings\Application Data\CUSTPDF Writer
2014-03-19 03:03 - 2013-08-05 20:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 03:00 - 2013-02-08 12:43 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 10:57 - 2014-03-18 10:57 - 00065536 _____ () C:\WINDOWS\Minidump\Mini031814-01.dmp
2014-03-14 17:16 - 2013-12-12 03:00 - 00000150 _____ () C:\WINDOWS\setupact.log
2014-03-14 17:16 - 2013-11-26 16:08 - 00020086 _____ () C:\WINDOWS\setupapi.log
2014-03-13 03:19 - 2012-12-14 13:53 - 00111784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-13 03:18 - 2014-01-20 14:48 - 00000496 _____ () C:\WINDOWS\wiadebug.log
2014-03-13 03:18 - 2013-11-13 10:19 - 00345424 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-03-13 03:02 - 2014-03-13 03:01 - 00012791 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-13 03:02 - 2013-12-12 03:03 - 00010651 _____ () C:\WINDOWS\updspapi.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00085559 _____ () C:\WINDOWS\iis6.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00080374 _____ () C:\WINDOWS\FaxSetup.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00038428 _____ () C:\WINDOWS\ocgen.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00036673 _____ () C:\WINDOWS\tsoc.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00026324 _____ () C:\WINDOWS\comsetup.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00024406 _____ () C:\WINDOWS\msmqinst.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00015941 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00014079 _____ () C:\WINDOWS\netfxocm.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00005525 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00004446 _____ () C:\WINDOWS\ocmsn.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00004043 _____ () C:\WINDOWS\tabletoc.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00004017 _____ () C:\WINDOWS\msgsocm.log
2014-03-13 03:02 - 2013-12-12 03:00 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-13 03:01 - 2014-03-13 03:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-13 03:01 - 2014-03-13 03:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-13 03:01 - 2014-03-12 05:29 - 00012856 _____ () C:\WINDOWS\KB2930275.log
2014-03-13 03:01 - 2014-03-12 05:29 - 00011329 _____ () C:\WINDOWS\KB2929961.log
2014-03-13 03:01 - 2013-12-12 03:00 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-12 16:47 - 2013-02-15 22:16 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 16:47 - 2013-02-15 22:16 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-12 10:37 - 2014-03-12 10:37 - 00000000 ____D () C:\Program Files\Trusteer
2014-03-12 10:37 - 2012-12-14 13:54 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2014-03-07 09:25 - 2014-03-05 16:09 - 00014684 _____ () C:\Documents and Settings\azerty\Bureau\Tarifs Paris Ville(s).odt
2014-03-06 14:59 - 2014-01-31 10:50 - 00000000 ____D () C:\Program Files\VuuPC
2014-03-06 12:00 - 2013-03-08 23:11 - 00000000 ____D () C:\Documents and Settings\azerty\Application Data\Apple Computer
2014-03-05 11:15 - 2013-03-11 14:28 - 00000000 ___RD () C:\Documents and Settings\azerty\Mes documents\Ma musique
2014-03-05 11:14 - 2014-03-05 11:14 - 00001542 _____ () C:\Documents and Settings\All Users\Bureau\iTunes.lnk
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-05 11:14 - 2014-03-05 11:12 - 00000000 ____D () C:\Program Files\Fichiers communs\Apple
2014-03-05 11:14 - 2012-12-14 13:54 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2014-03-05 11:13 - 2014-03-05 11:13 - 00001830 _____ () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
2014-03-05 11:13 - 2014-03-05 11:13 - 00000000 ____D () C:\Documents and Settings\azerty\Local Settings\Application Data\Apple
2014-03-05 11:13 - 2014-03-05 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-03-05 11:12 - 2012-12-14 13:54 - 00000000 ____D () C:\Program Files\Fichiers communs
2014-03-03 18:40 - 2014-03-03 17:06 - 00020239 _____ () C:\Documents and Settings\azerty\Bureau\Idées My moto taxi.odt
2014-03-03 08:45 - 2013-12-10 12:14 - 00000000 ____D () C:\Documents and Settings\azerty\Mes documents\My Digital Editions
2014-02-28 10:14 - 2014-02-28 09:05 - 00052202 _____ () C:\Documents and Settings\azerty\Bureau\Prixtel2013.ods
2014-02-26 21:53 - 2014-02-26 21:53 - 00078028 _____ () C:\Documents and Settings\azerty\Bureau\Logo MSF course des héros Paris 2014.ods
2014-02-24 17:20 - 2014-02-24 13:54 - 00030388 _____ () C:\Documents and Settings\azerty\Bureau\PW2014Fev24.ods
2014-02-24 16:25 - 2009-03-08 04:32 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:25 - 2004-08-19 15:09 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 12:45 - 2013-02-08 12:46 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 12:45 - 2013-02-08 12:45 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 12:45 - 2013-02-08 11:51 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 12:45 - 2009-03-08 14:09 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 12:45 - 2009-03-08 04:41 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 12:45 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 12:45 - 2009-03-08 04:34 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 12:45 - 2009-03-08 04:33 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 12:45 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 12:45 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 12:45 - 2009-03-08 04:32 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 12:45 - 2009-03-08 04:31 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 12:45 - 2009-03-08 04:31 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 12:45 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 12:45 - 2004-08-19 15:10 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 12:45 - 2004-08-19 15:09 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 12:45 - 2004-08-19 15:09 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 12:44 - 2009-03-08 04:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 12:44 - 2004-08-19 15:09 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 11:55 - 2004-08-19 14:56 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Documents and Settings\azerty\Local Settings\Temp\315aa9c6-fb23-44eb-a966-9eaa7f1c7a3c.exe
C:\Documents and Settings\azerty\Local Settings\Temp\a40280a5-a307-423e-8fb0-b5742a272e0b.exe
C:\Documents and Settings\azerty\Local Settings\Temp\APNSetup.exe
C:\Documents and Settings\azerty\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\azerty\Local Settings\Temp\BoxoreInstaller.exe
C:\Documents and Settings\azerty\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdmh0mf.dll
C:\Documents and Settings\azerty\Local Settings\Temp\google-earth.exe
C:\Documents and Settings\azerty\Local Settings\Temp\Java (1).exe
C:\Documents and Settings\azerty\Local Settings\Temp\Java.exe
C:\Documents and Settings\azerty\Local Settings\Temp\Java7.exe
C:\Documents and Settings\azerty\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\azerty\Local Settings\Temp\OB.exe
C:\Documents and Settings\azerty\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\azerty\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\azerty\Local Settings\Temp\Xvid.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe
[2004-08-19 15:10] - [2008-04-13 19:34] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174

C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2004-08-19 15:09] - [2008-04-13 19:33] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023

C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2004-08-19 15:09] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) 0203b1aad358f206cb0a3c1f93cce17a

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
0
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019
24 mars 2014 à 12:44
Je crois que j'ai retroué la procédure Cjoint
http://cjoint.com/data3/3CymQo2oIQ9.htm
0
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019
24 mars 2014 à 12:47
Le deuxième fichier en Cjoint
https://www.cjoint.com/?3CymUgOQ0mi
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Utilisateur anonyme
24 mars 2014 à 13:36
Hello d921

Tu as une version Windows non officielle installé sur ton pc.

HKU\.DEFAULT\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

Cette version non officielle est accompagné de fichier patché par une infection nommée Batimal.

Je ne désinfecte pas les versions piraté. Il est plus prudent de se diriger vers une version légale de Windows.

Bonne journée
0
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019
24 mars 2014 à 14:36
Je suis étonné d'apprendre que c'est une version piratée, j'ai acheté le PC avec Windows XP et payé le prix je ne suis pas sûr de retrouver les documents d'achat, n'y a t'il vraiment aucun moyen de s'en sortir, j'ai déjà eu des virus et j'ai fait réparer rien ne m'avait été signalé, et je pense que tous les virus avaient été retirés, cela voudrait dire que le virus actuel a été introduit récemment, cela fait une semaine ou moins que le symptôme de l'arrêt intempestif se produit, avant tout était normal.
Merci de m'aiguiller sur une autre solution.
0
Utilisateur anonyme
24 mars 2014 à 15:16
Clic sur le lien et tu comprendras.

https://forum.malekal.com/viewtopic.php?t=18872&start=

Merci de m'aiguiller sur une autre solution.

Si tu es sur de ton windows avec les preuves d'achat retournes voir la personne qui ta réparé ton pc et demandes lui des explications.
0
d921 Messages postés 20 Date d'inscription jeudi 30 janvier 2014 Statut Membre Dernière intervention 1 avril 2019
24 mars 2014 à 16:12
Fait le test activé non activé réponse activé,
La personne qui a (ont) réparé le PC est (sont) des CCM le dernier traitement
https://forums.commentcamarche.net/forum/affich-29614443-touche-sort-au-lieu-de-et-pas-d-e-accent-circonflexe#dernier, tu dois pouvoir y avoir accès (à l'historique)
Je comprends que je vais devoir vivre avec cette gêne et commencer à penser à l'après Windows XP qui va être plus sujet à virus encore plus après l'arrêt de l'assistance MS en Avril si j'ai bien compris
Est ce que une solution PC DELL Latitude E5400 ubuntu Linux est une solution intelligente pour une utilisation messagerie internet bureautique light sans jeux vidéo?
Merci en tous cas NANARD4700, comme tous les CCM vous êtes top.
0