sytchov

Je tiens à préciser qu'il était à 555€

Bonjour! J'aimerais savoir ce que vous pensez du rapport qualité/prix de ce PC Toshiba Satellite P850-31T Ordinateur Portable 15,6'' (39,62 cm) Intel core i5 750 Go Mémoire RAM-5400 Mo NVIDIA GeForce Windows 8 Gris Je suis à la recherche d'un PC avec un I5 pour environ 600€ et celui-ci m'a bien tapé dans l'oeil mais j'aimerais avoir l'avis de personnes s'y connaissant bien Merci d'avance!

OK, merci pour ce dernier conseil et encore merci pour ce gros nettoyage et pour le temps que t'y a consacré A bientôt

Enooooorme tout est OK!! merci infiniment pour ton aide Dernière petite chose je peux garder ou supprimer quel logiciel?

J'ai fait le scan avec tdsskille et jai aussi fait celui de kapersky qui a pris plusieurs heures. Il a eliminé beaucoup de trojan, jai redémarré le pc, fait un scan avec malwarebyte, il m'a détecté les mêmes infections qu'avant le scan de kapersky, je les ais supprimés, reboot le pc et là, plus rien!! J'ai juste une fenêtre qui apparait souvent en me disant que mon windows est pas authentique ce qui, bien sûre n'est pas le cas, ça peut venir d'une infection ou autre?

Désolé de la réponse tardive, grosse journée de travail. J'ai fait le scan avec Purera, par contre, j'ai pas fait celui de kapersky. Jai suivi le tuto (http://www.malekal.com/2010/11/12/graver-une-image-iso-avec-imgburn/) jusque là tout va bien mais pour démarrer le CD j'y arrive pas. Le lien pour changer la séquence de démarrage dans le tuto ci dessous est mort. "Windows Unlocker depuis le CD Live de Kaspersky est aussi une solution. Vous devez graver le CD et Booter dessus, tout ceci est expliquer sur la page suivante : Malekal's forum • Kaspersky Live CD et Windows Unlocker : Tutorial Antivirus Le principe étant de graver le CD Kaspersky sur un CD ou mettre sur clef USB. Redémarrer l’ordinateur et changer la séquence de démarrage Malekal's forum • Booter sur un CD ou DVD : Tutorials Windows pour faire démarrer sur le CD ou clef USB."

Après l'analyse j'ai redémarré le PC et refait une analyse et voici le résultat Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.06.15.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Christophe :: CHRIS [administrateur] 15/06/2012 13:31:35 mbam-log-2012-06-15 (13-31-35).txt Type d'examen: Examen rapide Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 232465 Temps écoulé: 3 minute(s), 31 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Données: C:\Users\Christophe\AppData\Local\d92096e5\X -> Mis en quarantaine et supprimé avec succès. Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 3 C:\Users\Christophe\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Users\UpdatusUser\AppData\Local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Windows\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. (fin)

Rapport de malwarebyte: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.06.15.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Christophe :: CHRIS [administrateur] 15/06/2012 13:23:48 mbam-log-2012-06-15 (13-23-48).txt Type d'examen: Examen rapide Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 232751 Temps écoulé: 2 minute(s), 27 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Données: C:\Users\Christophe\AppData\Local\d92096e5\X -> Mis en quarantaine et supprimé avec succès. Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 3 C:\Users\Christophe\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Users\UpdatusUser\AppData\Local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Windows\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. (fin)

Rapport de ZHPFix: Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012 Fichier d'export Registre : Run by Christophe at 14/06/2012 22:00:25 Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Logiciel(s) ========== ABSENT Software Key: {26A24AE4-039D-4CA4-87B4-2F83216020F0} ABSENT Software Key: {26A24AE4-039D-4CA4-87B4-2F83216020FF} ABSENT Software Key: {86D4B82A-ABED-442A-BE86-96357B70F4FE} ========== Clé(s) du Registre ========== SUPPRIME Key*: HKCU\Software\AppDataLow\Software\Conduit SUPPRIME Key*: HKCU\Software\AppDataLow\Software\PriceGong SUPPRIME Key*: HKCU\Software\AppDataLow\Software\ShopperReports3 SUPPRIME Key*: HKCU\Software\AppDataLow\Software\Softonic_France ABSENT Key: HKLM\Software\AskToolbar ABSENT Key: HKLM\Software\Iminent ABSENT Key: HKLM\Software\MetaStream ABSENT Key: HKLM\Software\Softonic_France SUPPRIME Key*: SearchScopes :{63525819-C279-4725-B934-B560EE26FDBE} ========== Valeur(s) du Registre ========== ABSENT Value Key: Application ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Préférences navigateur ========== SUPPRIME Mozilla Pref: user_pref("CT2542115.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); SUPPRIME Mozilla Pref: user_pref("CT2542115.CTID", "CT2542115"); SUPPRIME Mozilla Pref: user_pref("CT2542115.CurrentServerDate", "25-7-2010"); SUPPRIME Mozilla Pref: user_pref("CT2542115.DialogsAlignMode", "LTR"); SUPPRIME Mozilla Pref: user_pref("CT2542115.EMailNotifierPollDate", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedLastCount3702671119025834822", 350); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189313", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189319", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189325", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189331", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189337", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189343", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189349", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189355", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189361", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189367", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189373", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189379", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189385", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189391", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189397", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189403", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189409", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189415", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189421", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189427", "Sun Jul 25 2010 00:55:57 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189433", "Sun Jul 25 2010 00:55:57 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189313", 30); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189319", 2); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189325", 2); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189337", 2); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189343", 30); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189361", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189367", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189373", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189391", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FirstServerDate", "25-7-2010"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FirstTime", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.FirstTimeFF3", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.FixPageNotFoundErrors", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.GroupingServerCheckInterval", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.GroupingServiceUrl", "http://grouping.services.conduit.com/"); SUPPRIME Mozilla Pref: user_pref("CT2542115.Initialize", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.InitializeCommonPrefs", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.InstalledDate", "Sun Jul 25 2010 00:55:54 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.InvalidateCache", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsGrouping", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsMulticommunity", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsOpenThankYouPage", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsOpenUninstallPage", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.LanguagePackLastCheckTime", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LanguagePackReloadIntervalMM", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LastLogin_2.5.8.6", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LatestVersion", "2.1.0.18"); SUPPRIME Mozilla Pref: user_pref("CT2542115.Locale", "fr-fr"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LoginCache", 4); SUPPRIME Mozilla Pref: user_pref("CT2542115.MCDetectTooltipHeight", "83"); SUPPRIME Mozilla Pref: user_pref("CT2542115.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); SUPPRIME Mozilla Pref: user_pref("CT2542115.MCDetectTooltipWidth", "295"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioIsPodcast", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioLastUpdateIPServer", "3"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioLastUpdateServer", "3"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioMediaID", "9962"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioMediaType", "Media Player"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioMenuSelectedID", "EBRadioMenu_CT25421159962"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioStationName", "California%20Rock"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioStationURL", "http://feedlive.net/california.asx"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SHRINK_TOOLBAR", 1); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2542115&octid=EB_O[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchFromAddressBarIsInit", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&q="); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabEnabled", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabIntervalMM", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_T[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.SettingsCheckIntervalMin", 120); SUPPRIME Mozilla Pref: user_pref("CT2542115.SettingsLastCheckTime", "Sun Jul 25 2010 00:55:53 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SettingsLastUpdate", "1279444348"); SUPPRIME Mozilla Pref: user_pref("CT2542115.ThirdPartyComponentsInterval", 504); SUPPRIME Mozilla Pref: user_pref("CT2542115.ThirdPartyComponentsLastCheck", "Sun Jul 25 2010 00:55:53 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.ThirdPartyComponentsLastUpdate", "1279444348"); SUPPRIME Mozilla Pref: user_pref("CT2542115.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112"); SUPPRIME Mozilla Pref: user_pref("CT2542115.UserID", "UN56093133060332279"); SUPPRIME Mozilla Pref: user_pref("CT2542115.ValidationData_Toolbar", 0); SUPPRIME Mozilla Pref: user_pref("CT2542115.WeatherNetwork", ""); SUPPRIME Mozilla Pref: user_pref("CT2542115.WeatherPollDate", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.WeatherUnit", "C"); SUPPRIME Mozilla Pref: user_pref("CT2542115.alertChannelId", "935078"); SUPPRIME Mozilla Pref: user_pref("CT2542115.clientLogIsEnabled", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffEnabled", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffPublihserMinWidth", 400); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffServiceIntervalMM", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.ToolbarsList", "CT2542115"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.ToolbarsList2", "CT2542115"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.cbid", "NV SUPPRIME Mozilla Pref: user_pref("extensions.asktb.dtid", "YYYYYYYYFR SUPPRIME Mozilla Pref: user_pref("extensions.asktb.first-launch-url", "http://127.0.0.1:895/config/?action=connect&lang=fre&afd=1293055777&afc=C480E02551[...] SUPPRIME Mozilla Pref: user_pref("extensions.asktb.fresh-install", false); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.l", "dis SUPPRIME Mozilla Pref: user_pref("extensions.asktb.last-config-req", "1294607561789 SUPPRIME Mozilla Pref: user_pref("extensions.asktb.locale", "fr_FR SUPPRIME Mozilla Pref: user_pref("extensions.asktb.o", "15666 SUPPRIME Mozilla Pref: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.qsrc", "2871 SUPPRIME Mozilla Pref: user_pref("extensions.asktb.r", "2"); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.search-suggestions-enabled", true); ========== Dossier(s) ========== SUPPRIME Reboot Folder**: C:\Program Files (x86)\Conduit SUPPRIME Reboot Folder**: C:\Program Files (x86)\CrazyLoader ABSENT C:\Program Files (x86)\Iminent SUPPRIME Folder: C:\Users\Christophe\AppData\Roaming\CrazyLoader SUPPRIME Folder: C:\Users\Christophe\AppData\Roaming\teamspeak2 SUPPRIME Folder: C:\Users\Christophe\AppData\Local\crazyloader Air SUPPRIME Folder: C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Fichier(s) ========== SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Tache planifiée ========== SUPPRIME Task: Scheduled Update for Ask Toolbar SUPPRIME Task: {5E1238AF-6253-47D3-841A-C49F902D98AF} SUPPRIME Task: {8FAB2E51-9386-481F-934A-69E9948F5087} SUPPRIME Task: {9B5E2FE5-7B55-4196-8AEB-4295F9412E56} SUPPRIME Task: {FD657B59-C17F-4BE7-B09D-A1DF9959D04B} ========== Autre ========== NON TRAITE [HKCU\Software\AppDataLow\AskToolbarIn NON TRAITE [HKCU\Software\AppDataLow\Software\AskToolba NON TRAITE [HKCU\Software\AppDataLow\Toolbar ========== Récapitulatif ========== 9 : Clé(s) du Registre 4 : Valeur(s) du Registre 9 : Dossier(s) 2 : Fichier(s) 3 : Logiciel(s) 115 : Préférences navigateur 5 : Tache planifiée 3 : Autre End of clean in 00mn 47s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 14/06/2012 22:00:25 [13619] Rapport de Adwcleaner: # AdwCleaner v1.609 - Rapport créé le 14/06/2012 à 22:22:48 # Mis à jour le 10/06/2012 par Xplode # Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits) # Nom d'utilisateur : Christophe - CHRIS # Exécuté depuis : C:\Users\Christophe\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\CHRIST~1\AppData\Local\Temp\Iminent Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\AskToolbar Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\PriceGong Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\ShopperReports3 Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\Toolbar4 Dossier Supprimé : C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\mghaulj5.default\Conduit Dossier Supprimé : C:\ProgramData\Viewpoint Dossier Supprimé : C:\Program Files (x86)\Conduit Dossier Supprimé : C:\Program Files (x86)\CrazyLoader Dossier Supprimé : C:\Program Files (x86)\Viewpoint Dossier Supprimé : C:\Program Files (x86)\vShare.tv plugin Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll ***** [Registre] ***** Clé Supprimée : HKCU\Software\Ask.com Clé Supprimée : HKCU\Software\Ask.com.tmp Clé Supprimée : HKCU\Software\Nosibay Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\Spointer Clé Supprimée : HKCU\Software\StartSearch Clé Supprimée : HKCU\Software\AppDataLow\AskToolbarInfo Clé Supprimée : HKCU\Software\AppDataLow\Toolbar Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar Clé Supprimée : HKCU\Software\JavaSoft\Prefs\crazyloader Clé Supprimée : HKLM\SOFTWARE\AskToolbar Clé Supprimée : HKLM\SOFTWARE\Conduit Clé Supprimée : HKLM\SOFTWARE\Iminent Clé Supprimée : HKLM\SOFTWARE\MetaStream Clé Supprimée : HKLM\SOFTWARE\Viewpoint Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP [x64] Clé Supprimée : HKLM\SOFTWARE\Software [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [Registre - GUID] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v11.0 (fr) Nom du profil : default Fichier : C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\mghaulj5.default\prefs.js Supprimée : /*user_pref("CT2542115.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");*/ Supprimée : /*user_pref("CT2542115.CTID", "CT2542115");*/ Supprimée : /*user_pref("CT2542115.CurrentServerDate", "25-7-2010");*/ Supprimée : /*user_pref("CT2542115.DialogsAlignMode", "LTR");*/ Supprimée : /*user_pref("CT2542115.EMailNotifierPollDate", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedLastCount3702671119025834822", 350);*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189313", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189319", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189325", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189331", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189337", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189343", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189349", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189355", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189361", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189367", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189373", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189379", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189385", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189391", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189397", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189403", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189409", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189415", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189421", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189427", "Sun Jul 25 2010 00:55:57 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189433", "Sun Jul 25 2010 00:55:57 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189313", 30);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189319", 2);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189325", 2);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189337", 2);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189343", 30);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189361", 5);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189367", 5);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189373", 5);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189391", 5);*/ Supprimée : /*user_pref("CT2542115.FirstServerDate", "25-7-2010");*/ Supprimée : /*user_pref("CT2542115.FirstTime", true);*/ Supprimée : /*user_pref("CT2542115.FirstTimeFF3", true);*/ Supprimée : /*user_pref("CT2542115.FixPageNotFoundErrors", true);*/ Supprimée : /*user_pref("CT2542115.GroupingServerCheckInterval", 1440);*/ Supprimée : /*user_pref("CT2542115.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");*/ Supprimée : /*user_pref("CT2542115.Initialize", true);*/ Supprimée : /*user_pref("CT2542115.InitializeCommonPrefs", true);*/ Supprimée : /*user_pref("CT2542115.InstalledDate", "Sun Jul 25 2010 00:55:54 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.InvalidateCache", false);*/ Supprimée : /*user_pref("CT2542115.IsGrouping", false);*/ Supprimée : /*user_pref("CT2542115.IsMulticommunity", false);*/ Supprimée : /*user_pref("CT2542115.IsOpenThankYouPage", false);*/ Supprimée : /*user_pref("CT2542115.IsOpenUninstallPage", true);*/ Supprimée : /*user_pref("CT2542115.LanguagePackLastCheckTime", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.LanguagePackReloadIntervalMM", 1440);*/ Supprimée : /*user_pref("CT2542115.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.as[...] Supprimée : /*user_pref("CT2542115.LastLogin_2.5.8.6", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.LatestVersion", "2.1.0.18");*/ Supprimée : /*user_pref("CT2542115.Locale", "fr-fr");*/ Supprimée : /*user_pref("CT2542115.LoginCache", 4);*/ Supprimée : /*user_pref("CT2542115.MCDetectTooltipHeight", "83");*/ Supprimée : /*user_pref("CT2542115.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");*/ Supprimée : /*user_pref("CT2542115.MCDetectTooltipWidth", "295");*/ Supprimée : /*user_pref("CT2542115.RadioIsPodcast", false);*/ Supprimée : /*user_pref("CT2542115.RadioLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.RadioLastUpdateIPServer", "3");*/ Supprimée : /*user_pref("CT2542115.RadioLastUpdateServer", "3");*/ Supprimée : /*user_pref("CT2542115.RadioMediaID", "9962");*/ Supprimée : /*user_pref("CT2542115.RadioMediaType", "Media Player");*/ Supprimée : /*user_pref("CT2542115.RadioMenuSelectedID", "EBRadioMenu_CT25421159962");*/ Supprimée : /*user_pref("CT2542115.RadioStationName", "California%20Rock");*/ Supprimée : /*user_pref("CT2542115.RadioStationURL", "hxxp://feedlive.net/california.asx");*/ Supprimée : /*user_pref("CT2542115.SHRINK_TOOLBAR", 1);*/ Supprimée : /*user_pref("CT2542115.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARC[...] Supprimée : /*user_pref("CT2542115.SearchFromAddressBarIsInit", true);*/ Supprimée : /*user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2[...] Supprimée : /*user_pref("CT2542115.SearchInNewTabEnabled", true);*/ Supprimée : /*user_pref("CT2542115.SearchInNewTabIntervalMM", 1440);*/ Supprimée : /*user_pref("CT2542115.SearchInNewTabLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB[...] Supprimée : /*user_pref("CT2542115.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServ[...] Supprimée : /*user_pref("CT2542115.SettingsCheckIntervalMin", 120);*/ Supprimée : /*user_pref("CT2542115.SettingsLastCheckTime", "Sun Jul 25 2010 00:55:53 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.SettingsLastUpdate", "1279444348");*/ Supprimée : /*user_pref("CT2542115.ThirdPartyComponentsInterval", 504);*/ Supprimée : /*user_pref("CT2542115.ThirdPartyComponentsLastCheck", "Sun Jul 25 2010 00:55:53 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.ThirdPartyComponentsLastUpdate", "1279444348");*/ Supprimée : /*user_pref("CT2542115.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramI[...] Supprimée : /*user_pref("CT2542115.UserID", "UN56093133060332279");*/ Supprimée : /*user_pref("CT2542115.ValidationData_Toolbar", 0);*/ Supprimée : /*user_pref("CT2542115.WeatherNetwork", "");*/ Supprimée : /*user_pref("CT2542115.WeatherPollDate", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.WeatherUnit", "C");*/ Supprimée : /*user_pref("CT2542115.alertChannelId", "935078");*/ Supprimée : /*user_pref("CT2542115.clientLogIsEnabled", true);*/ Supprimée : /*user_pref("CT2542115.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.a[...] Supprimée : /*user_pref("CT2542115.myStuffEnabled", true);*/ Supprimée : /*user_pref("CT2542115.myStuffPublihserMinWidth", 400);*/ Supprimée : /*user_pref("CT2542115.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSource[...] Supprimée : /*user_pref("CT2542115.myStuffServiceIntervalMM", 1440);*/ Supprimée : /*user_pref("CT2542115.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?[...] Supprimée : /*user_pref("CT2542115.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/R[...] Supprimée : /*user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.[...] Supprimée : /*user_pref("CommunityToolbar.ToolbarsList", "CT2542115");*/ Supprimée : /*user_pref("CommunityToolbar.ToolbarsList2", "CT2542115");*/ Supprimée : /*user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200");[...] Supprimée : user_pref("browser.search.defaultengine", "Web Search"); Supprimée : user_pref("browser.search.order.1", "Web Search"); Supprimée : /*user_pref("extensions.asktb.cbid", "NV");*/ Supprimée : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&[...] Supprimée : /*user_pref("extensions.asktb.dtid", "YYYYYYYYFR");*/ Supprimée : /*user_pref("extensions.asktb.first-launch-url", "hxxp://127.0.0.1:895/config/?action=connect&lang=f[...] Supprimée : /*user_pref("extensions.asktb.fresh-install", false);*/ Supprimée : /*user_pref("extensions.asktb.l", "dis");*/ Supprimée : /*user_pref("extensions.asktb.last-config-req", "1294607561789");*/ Supprimée : /*user_pref("extensions.asktb.locale", "fr_FR");*/ Supprimée : /*user_pref("extensions.asktb.o", "15666");*/ Supprimée : /*user_pref("extensions.asktb.overlay-reloaded-using-restart", true);*/ Supprimée : /*user_pref("extensions.asktb.qsrc", "2871");*/ Supprimée : /*user_pref("extensions.asktb.r", "2");*/ Supprimée : /*user_pref("extensions.asktb.search-suggestions-enabled", true);*/ Supprimée : user_pref("extensions.vshare@toolbar.update.enabled", false); ************************* AdwCleaner[R1].txt - [29112 octets] - [14/06/2012 22:22:40] AdwCleaner[s1].txt - [25981 octets] - [14/06/2012 22:22:48] ########## EOF - C:\AdwCleaner[s1].txt - [26110 octets] ########## Tout m'a l'air nickel, je l'ai redémarré plusieurs fois

J'ai redémarré le PC, j'ai accès au bureau nickel, j'ai suivi le tuto pour kapersky sauf que je n'arrive pas à le lancer en usb Jai téléchargé Kaspersky Rescue2Usb tout m'a l'air bon, sais tu le lancer?

Je crois que c'est bon il faut suivre ce tuto? Malekal's forum • Kaspersky Live CD et Windows Unlocker : Tutorial Antivirus

Désolé mais j'arrive pas à trouver le lien de téléchargement de kapersky

rapport de roguekiller: RogueKiller V7.5.4 [07/06/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/54) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Utilisateur: Christophe [Droits d'admin] Mode: Suppression -- Date: 14/06/2012 18:55:29 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 443 ¤¤¤ [Rans.Gendarm] HKCU\[...]\Run : (C:\Users\Christophe\AppData\Local\Temp\k8h0pp.exe) -> DELETED [sUSP PATH] HKLM\[...]\Wow6432Node\Run : VquqNcaFoRB.exe (C:\ProgramData\VquqNcaFoRB.exe) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg) [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Infection : Rans.Gendarm|Root.MBR|ZeroAccess ¤¤¤ [ZeroAccess] sys32\consrv.dll present! ¤¤¤ Fichier HOSTS: ¤¤¤ ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++ --- User --- [MBR] 114c4428f64c472397fd1babf8450773 [bSP] 0edee093aff9cfd6e440c539ca0f0fb9 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953758 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 6ac1bdabde7b265f21ca84799170c88f [bSP] 0edee093aff9cfd6e440c539ca0f0fb9 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953758 Mo 2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1953521664 | Size: 1 Mo Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt rapport de ZHP: Cliquez ici. Meri beaucoup pour l'aide!

Bonjour, J'ai chopé un virus qui m'empêche d'avoir accès à mon bureau aprt en mode sans échec. Une page s'ouvre avec la fameuse gendarmerie qui m'en veux... Je suis parti en vacance, parlé via skype avec ma copine et quelques heures après sans pouvoir fermer skype le PC s'est rallumé avec cette page de la police. J'ai essayé avec malwarebytes il me détecte quelque chose, l'efface mais le redétecte à chaque fois. Voici le rapport de Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:38:20, on 14/06/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe C:\Windows\syswow64\cmd.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [VquqNcaFoRB.exe] C:\ProgramData\VquqNcaFoRB.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [] C:\Users\Christophe\AppData\Local\Temp\k8h0pp.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin O4 - HKUS\S-1-5-21-558746396-2105712398-235109265-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-558746396-2105712398-235109265-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe O4 - Global Startup: ButtonManager.lnk = ? O4 - Global Startup: Magic-i.lnk = C:\Program Files (x86)\ArcSoft\Magic-i 3\Magic-i.exe O4 - Global Startup: NewShortcut1.lnk = ? O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Safety Settings Service (swmidi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23746 bytes Merci d'avance, cordialement.

C'est bon, après toutes les MAJ, il le détecte à nouveau! @++

Dernière petite chose, mon PC ne reconnait plus l'iphone, ça passera avec les MAJ?

OK je vais faire tout ça!! Encore merci pour ce dernier tuto, ça va bien m'aider à me protéger car je pense que c'était pas trop ça... Je met le topic en résolu bien sûre Bon weekend et bonne continuation

Salut, C'est officiel tout remarche nickel!!!! C'était un virus? En tout cas merci infiniment de t'être pris la tête, je n'aurais jamais pu gérer ça tout seul... @++

Je ne veux pas m'embaler trop vite mais ça fait plus de 20 minutes que j'ai redémarré et pour l'instant tout marche nickel!! Je te tiens au courant de l'évolution demain. Bonne nuit PS: ça fait plaisir d'écrire sur son clavier!!!!!!

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:18:40, on 13/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe C:\Program Files (x86)\HP\Button Manager\BM.exe C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe C:\Program Files (x86)\ArcSoft\Magic-i 3\Magic-i.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe O4 - Global Startup: ButtonManager.lnk = ? O4 - Global Startup: forteManager.lnk = ? O4 - Global Startup: Magic-i.lnk = C:\Program Files (x86)\ArcSoft\Magic-i 3\Magic-i.exe O4 - Global Startup: SetPointII.lnk = ? O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: JSW Hardware Button Service (JSWHwBtn) - Unknown owner - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23608 bytes

Salut, En fait au début je croyais que ça venais de la souris et du clavier qui avait quelques années donc j'ai changé ça y a environ 3 semaines mais le problème persisté. Après des recherches j'ai trouvé le topic sur ce forum où la personne avait exactement les même problèmes que moi(cf 2ème post) y compris la touche espace qui rester enfoncer. Pour les pilotes j'ai bien réinstallé en 64bits . J'ai fais ce que tu m'a di mais quelques minutes après avoir redémarrer le PC ça plante encore...

J'y ai cru pendant 2 minutes après avoir redémarré le PC mais toujours pas. En tout cas merci encore de m'aider car je crois qu'il serais déjà passer par la fenêtre si je fesais ça seul...

Malhereusement ça bug toujours...la connection a l'air pas mal. Je désespére vraiment, les touches sont toujours inversées, quand je click sur un lien c'est toujours un nouvel onglet qui s'ouvre et la molette devient le zoom. Ça peux redevenir normal pendant deux minutes et replanter toute la journée. Le clavier et la souris ont été changés entre temps: Logitech g500 Cyborg V.5 keyboard

ComboFix 11-01-11.01 - Christophe 12/01/2011 10:28:03.1.4 - x64 Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.4023.2895 [GMT 1:00] Lancé depuis: c:\users\Christophe\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Install.exe c:\users\Christophe\AppData\Roaming\OfferBox c:\users\Christophe\AppData\Roaming\OfferBox\config.xml c:\users\Christophe\SoftonicDownloader_pour_future-pinball.exe c:\windows\SysWow64\pthreadVC.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-12 au 2011-01-12 )))))))))))))))))))))))))))))))))))) . 2011-01-12 09:30 . 2011-01-12 09:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-12 08:51 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A255DD0F-6AC2-49E3-B673-9B97B1111FB3}\mpengine.dll 2011-01-10 18:37 . 2011-01-10 18:37 -------- d-----w- C:\_OTL 2011-01-07 08:38 . 2011-01-07 08:38 -------- d-----w- c:\users\Christophe\AppData\Roaming\Malwarebytes 2011-01-07 08:38 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-01-07 08:38 . 2011-01-07 08:38 -------- d-----w- c:\programdata\Malwarebytes 2011-01-07 08:38 . 2011-01-07 08:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-01-07 08:38 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-12-30 15:52 . 2010-12-30 15:52 388096 ----a-r- c:\users\Christophe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-30 15:52 . 2010-12-30 15:52 -------- d-----w- c:\program files (x86)\Trend Micro 2010-12-23 21:58 . 2010-12-23 21:58 -------- d-----w- c:\programdata\KONAMI 2010-12-23 21:58 . 2010-12-23 21:58 -------- d-----w- c:\program files (x86)\KONAMI 2010-12-23 21:27 . 2010-12-25 11:59 -------- d-----w- c:\program files (x86)\Alcohol Soft 2010-12-23 20:20 . 2010-12-23 21:23 503352 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-12-23 20:20 . 2010-12-23 20:46 -------- d-----w- c:\users\Christophe\AppData\Roaming\DAEMON Tools Lite 2010-12-23 20:20 . 2010-12-23 20:20 -------- d-----w- c:\programdata\DAEMON Tools Lite 2010-12-23 16:57 . 2010-12-23 16:57 -------- d-----w- c:\program files (x86)\VID_0E8F&PID_3013 2010-12-23 16:56 . 2010-12-23 16:56 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll 2010-12-23 16:56 . 2010-12-23 16:56 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll 2010-12-23 16:56 . 2002-08-05 09:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll 2010-12-23 16:56 . 2002-08-02 02:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe 2010-12-23 16:56 . 2002-08-02 01:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll 2010-12-23 16:56 . 2002-08-02 01:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll 2010-12-23 16:56 . 2002-08-02 01:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll 2010-12-22 22:05 . 2011-01-10 08:21 -------- d-----w- C:\Hotspot Shield . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-12 17:53 . 2010-07-30 13:15 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2010-10-19 09:41 . 2010-05-18 11:09 270720 ------w- c:\windows\system32\MpSigStub.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] 2009-10-15 08:53 165184 ----a-w- c:\program files (x86)\SFR\Kit\SFRNavErrorHelper.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632] "jswtrayutil"="c:\program files (x86)\TP-LINK\QSS\jswtrayutil.exe" [2008-05-12 36949] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-10 421160] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] c:\users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-5-18 159744] AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-5-18 651264] ButtonManager.lnk - c:\program files (x86)\HP\Button Manager\BM.exe [2010-12-6 266240] forteManager.lnk - c:\program files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2010-5-18 1687552] Magic-i.lnk - c:\program files (x86)\ArcSoft\Magic-i 3\Magic-i.exe [2010-12-6 524288] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 136176] R2 JSWHwBtn;JSW Hardware Button Service;c:\program files (x86)\TP-LINK\QSS\HwBtnSvc.exe [2008-02-29 16384] R3 arusb_lhx;TP-LINK TL-WN821N 11N Wireless device driver;c:\windows\system32\DRIVERS\arusb_lhx.sys [x] R3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys [2009-11-26 769024] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-05-18 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-05-18 79360] R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe [2008-04-16 954368] R3 LGDDCDevice;LGDDCDevice;c:\program files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [2008-12-12 14336] R3 LGII2CDevice;LGII2CDevice;c:\program files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-12-12 18432] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-04 1255736] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-23 503352] S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys [2008-04-28 26624] S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064] S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-09 405504] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-04-03 240232] S3 AVerAF15DMBTH64;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH64.sys [2009-07-27 592256] S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-06-04 639512] . Contenu du dossier 'Tâches planifiées' 2011-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 13:55] 2011-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 13:55] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = mStart Page = mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\mghaulj5.default\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Facebook On s'en fout: fbosef1@fbext.fr - %profile%\extensions\fbosef1@fbext.fr FF - Ext: Facebook J'aime pas: fbjmpas1@fbext.fr - %profile%\extensions\fbjmpas1@fbext.fr FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . - - - - ORPHELINS SUPPRIMES - - - - Wow6432Node-HKLM-Run-SPIRunE - SPIRunE.dll BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-Everest Poker.fr - c:\program files (x86)\Everest Poker.fr\cstart.exe AddRemove-Softonic_France Toolbar - c:\progra~2\SOFTON~1\UNWISE.EXE AddRemove-Sound Blaster X-Fi Windows Drivers - c:\program files (x86)\Creative\Sound Blaster X-Fi\Program\SETUP.EXE . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-01-12 10:31:56 ComboFix-quarantined-files.txt 2011-01-12 09:31 Avant-CF: 923 713 060 864 octets libres Après-CF: 923 223 883 776 octets libres - - End Of File - - D8CFD7796C8626E56EBC677C42CCFA6B

Il y a une légère amélioration, le calvier marche 1 fois sur 4 et la souris pareil alors qu'avant ça marchais jamais. Il y a du mieux au niveau de la connection aussi mais j'ai pa l'impression d'avoir tout mon debit. Le rapport: OTL logfile created on: 11/01/2011 20:30:53 - Run 2 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Christophe\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 860,13 Gb Free Space | 92,35% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS Computer Name: CHRIS | User Name: Christophe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Christophe\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\HP\Button Manager\BM.exe () PRC - C:\Program Files (x86)\ArcSoft\Magic-i 3\Magic-i.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia) PRC - C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe () PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe () PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () PRC - C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.) PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe () PRC - C:\Program Files (x86)\TP-LINK\QSS\HwBtnDetector.exe () PRC - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.) PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Christophe\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AVerRemote) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia) SRV - (AVerScheduleService) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe () SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (jswpsapi) -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe (Atheros Communications, Inc.) SRV - (JSWHwBtn) -- C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe () SRV - (MgiSvr) -- C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (arusb_lhx) -- C:\Windows\SysNative\DRIVERS\arusb_lhx.sys File not found DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (arusb_win7x) -- C:\Windows\SysNative\drivers\arusb_win7x.sys (Atheros Communications, Inc.) DRV:64bit: - (AVerAF15DMBTH64) -- C:\Windows\SysNative\drivers\AVerAF15DMBTH64.sys (AVerMedia TECHNOLOGIES, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftVirtualCapture) -- C:\Windows\SysNative\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.) DRV:64bit: - (t3) -- C:\Windows\SysNative\drivers\t3.sys (Creative Technology Ltd.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\drivers\jswpslwfx.sys (Atheros Communications, Inc.) DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - (LGII2CDevice) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys () DRV - (LGDDCDevice) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 92 D3 42 A4 77 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google Customized Web Search" FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: fbosef1@fbext.fr:1.1.5 FF - prefs.js..extensions.enabledItems: fbjmpas1@fbext.fr:1.1.4 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/12 13:05:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/25 23:43:27 | 000,000,000 | ---D | M] [2010/05/18 16:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christophe\AppData\Roaming\mozilla\Extensions [2011/01/11 12:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions [2010/12/31 09:54:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/10/28 10:15:25 | 000,000,000 | ---D | M] ("Facebook J'aime pas") -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\fbjmpas1@fbext.fr [2010/12/11 08:06:27 | 000,000,000 | ---D | M] ("Facebook On s'en fout") -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\fbosef1@fbext.fr [2011/01/10 09:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/09/21 15:27:44 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010/07/30 14:15:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/07/31 19:48:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/26 12:44:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/20 13:08:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/07/20 18:50:09 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/07/20 18:50:09 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/07/20 18:50:09 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/07/20 18:50:09 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/07/20 18:50:09 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.) O4 - HKLM..\Run: [sPIRunE] C:\Windows\SysWow64\SpiRunE.dll (Creative Technology Ltd.) O4 - HKCU..\Run: [iSUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - Startup: C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{d79e6a6a-777e-11df-8335-406186048853}\Shell - "" = AutoRun O33 - MountPoints2\{d79e6a6a-777e-11df-8335-406186048853}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/10 19:37:11 | 000,000,000 | ---D | C] -- C:\_OTL [2011/01/10 12:28:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Christophe\Desktop\OTL.exe [2011/01/07 09:38:41 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\Malwarebytes [2011/01/07 09:38:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/01/07 09:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/07 09:38:35 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/01/07 09:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010/12/30 16:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010/12/30 16:52:08 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2010/12/25 22:43:21 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\Avira [2010/12/25 22:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2010/12/25 22:33:58 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010/12/25 22:33:58 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/12/25 22:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/12/25 22:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010/12/23 23:15:53 | 000,000,000 | ---D | C] -- C:\Users\Christophe\Documents\KONAMI [2010/12/23 22:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI [2010/12/23 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI [2010/12/23 22:30:41 | 000,000,000 | ---D | C] -- C:\Users\Christophe\Documents\Alcohol 120% [2010/12/23 22:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2010/12/23 21:30:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images [2010/12/23 21:20:20 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\DAEMON Tools Lite [2010/12/23 21:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010/12/23 17:57:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VID_0E8F&PID_3013 [2010/12/23 17:39:32 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2010/12/23 17:39:32 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2010/12/23 17:39:31 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2010/12/23 17:39:31 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2010/12/23 17:39:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2010/12/23 17:39:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2010/12/23 17:39:30 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2010/12/23 17:39:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2010/12/23 17:39:30 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2010/12/23 17:39:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2010/12/23 17:39:29 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2010/12/23 17:39:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2010/12/23 17:39:29 | 000,091,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010/12/23 17:39:29 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010/12/23 17:39:28 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2010/12/23 17:39:28 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2010/12/23 17:39:27 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2010/12/23 17:39:27 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2010/12/23 17:39:27 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2010/12/23 17:39:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2010/12/23 17:39:26 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2010/12/23 17:39:26 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2010/12/23 17:39:24 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2010/12/23 17:39:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2010/12/23 17:39:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2010/12/23 17:39:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2010/12/23 17:39:19 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2010/12/23 17:39:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2010/12/23 17:39:19 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2010/12/23 17:39:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2010/12/23 17:39:18 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2010/12/23 17:39:18 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2010/12/23 17:39:18 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2010/12/23 17:39:18 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2010/12/23 17:39:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2010/12/23 17:39:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2010/12/23 17:39:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2010/12/23 17:39:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2010/12/23 17:39:15 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2010/12/23 17:39:15 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2010/12/23 17:39:14 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2010/12/23 17:39:14 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2010/12/22 23:05:53 | 000,000,000 | ---D | C] -- C:\Hotspot Shield [2010/12/20 13:08:43 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010/12/20 13:08:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010/12/20 13:08:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010/12/15 10:00:42 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010/12/15 10:00:42 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010/12/15 10:00:42 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010/12/15 10:00:42 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010/12/15 10:00:42 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010/12/15 10:00:41 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010/12/15 10:00:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010/12/15 10:00:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010/12/15 10:00:35 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010/12/15 10:00:35 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010/12/15 10:00:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010/12/15 10:00:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010/12/15 10:00:31 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010/12/15 10:00:31 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010/12/15 10:00:25 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010/12/15 10:00:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010/12/15 10:00:15 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010/12/15 10:00:15 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010/12/15 10:00:15 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010/12/15 10:00:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010/12/15 10:00:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010/12/15 10:00:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010/12/15 10:00:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010/12/15 10:00:11 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010/12/15 10:00:11 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010/12/15 10:00:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010/12/15 10:00:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010/12/15 10:00:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010/12/15 10:00:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe ========== Files - Modified Within 30 Days ========== [2011/01/11 20:05:50 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/11 20:05:50 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/11 20:05:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/11 20:05:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/11 19:58:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/11 19:58:21 | 3163,901,952 | -HS- | M] () -- C:\hiberfil.sys [2011/01/10 23:34:02 | 000,185,749 | ---- | M] () -- C:\Users\Christophe\Desktop\Sans titre.jpg [2011/01/10 23:33:50 | 000,170,538 | ---- | M] () -- C:\Users\Christophe\Desktop\Sans titre.png [2011/01/10 12:28:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christophe\Desktop\OTL.exe [2011/01/07 09:38:38 | 000,001,109 | ---- | M] () -- C:\Users\Christophe\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/30 18:02:38 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/12/30 18:02:38 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2010/12/30 18:02:38 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/12/30 18:02:38 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2010/12/30 18:02:38 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/12/30 16:52:08 | 000,002,999 | ---- | M] () -- C:\Users\Christophe\Desktop\HiJackThis.lnk [2010/12/25 22:34:04 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/12/25 12:58:55 | 000,000,244 | ---- | M] () -- C:\Users\Christophe\Documents\ax_files.xml [2010/12/23 22:23:49 | 000,503,352 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2010/12/22 23:05:34 | 005,764,048 | ---- | M] () -- C:\Users\Christophe\Desktop\HSS-1.56-install-anchorfree-243-ask3.exe [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010/12/16 03:20:45 | 000,292,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2011/01/10 23:34:02 | 000,185,749 | ---- | C] () -- C:\Users\Christophe\Desktop\Sans titre.jpg [2011/01/10 23:33:50 | 000,170,538 | ---- | C] () -- C:\Users\Christophe\Desktop\Sans titre.png [2011/01/07 12:18:17 | 000,001,109 | ---- | C] () -- C:\Users\Christophe\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/30 16:52:08 | 000,002,999 | ---- | C] () -- C:\Users\Christophe\Desktop\HiJackThis.lnk [2010/12/25 22:34:04 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/12/23 22:55:23 | 000,000,244 | ---- | C] () -- C:\Users\Christophe\Documents\ax_files.xml [2010/12/23 21:20:57 | 000,503,352 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2010/12/22 23:05:25 | 005,764,048 | ---- | C] () -- C:\Users\Christophe\Desktop\HSS-1.56-install-anchorfree-243-ask3.exe [2010/09/21 15:28:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/18 17:50:40 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll [2010/05/18 17:50:40 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys [2010/05/18 17:50:32 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll [2010/05/18 17:50:32 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll [2010/05/18 17:50:32 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll [2010/05/18 17:50:32 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll [2010/05/18 17:50:32 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll [2010/05/18 17:50:32 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll [2010/05/18 17:50:32 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll [2010/05/18 12:47:15 | 000,008,888 | ---- | C] () -- C:\Windows\SysWow64\AudioDrv.ini [2010/05/18 12:46:06 | 000,148,992 | ---- | C] () -- C:\Windows\SysWow64\OemSpiE.dll [2010/05/18 12:46:06 | 000,001,436 | ---- | C] () -- C:\Windows\CfgHPSp.ini [2010/05/18 12:46:06 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg05Sp.ini [2010/05/18 12:46:06 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg04Sp.ini [2010/05/18 12:46:06 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg03Sp.ini [2010/05/18 12:46:06 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg02Sp.ini [2010/05/18 12:46:06 | 000,001,000 | ---- | C] () -- C:\Windows\Cfg01Sp.ini [2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPHp.ini [2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPDO.ini [2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg05DO.ini [2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg04DO.ini [2010/05/18 12:46:06 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg05Hp.ini [2010/05/18 12:46:06 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg04Hp.ini [2010/05/18 12:46:06 | 000,000,818 | ---- | C] () -- C:\Windows\Cfg01APR.ini [2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03Hp.ini [2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03DO.ini [2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02Hp.ini [2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02DO.ini [2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01Hp.ini [2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01DO.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRLI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPFMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPDI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RLI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05FMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05DI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RLI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04FMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04DI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RLI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03FMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03DI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RLI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02FMi.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02DI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01Mic.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01LI.ini [2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01DI.ini [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006/11/02 08:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI ========== LOP Check ========== [2010/08/23 20:14:35 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\CrazyLoader [2010/12/23 21:46:48 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\DAEMON Tools Lite [2010/08/30 11:22:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OfferBox [2010/08/19 11:47:39 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OpenOffice.org [2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PlayerPlug [2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PropMgrAsync [2010/11/09 23:50:20 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\SystemRequirementsLab [2010/07/04 20:20:00 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\WindSolutions [2010/07/05 16:03:29 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Xilisoft [2010/12/09 08:31:54 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010/05/20 11:03:26 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Adobe [2010/06/26 19:51:51 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Apple Computer [2010/12/06 13:13:05 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\ArcSoft [2010/12/25 22:43:21 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Avira [2010/08/23 20:14:35 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\CrazyLoader [2010/06/29 16:05:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Creative [2010/12/23 21:46:48 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\DAEMON Tools Lite [2010/05/18 11:47:11 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Identities [2010/12/06 12:29:37 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\InstallShield [2010/05/18 14:18:25 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Macromedia [2011/01/07 09:38:41 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Malwarebytes [2009/07/14 16:35:18 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Media Center Programs [2010/09/24 17:30:46 | 000,000,000 | --SD | M] -- C:\Users\Christophe\AppData\Roaming\Microsoft [2010/05/18 16:37:17 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Mozilla [2010/08/30 11:22:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OfferBox [2010/08/19 11:47:39 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OpenOffice.org [2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PlayerPlug [2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PropMgrAsync [2010/12/10 23:41:56 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Skype [2010/12/10 19:42:26 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\skypePM [2010/11/09 23:50:20 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\SystemRequirementsLab [2010/12/06 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\vlc [2010/07/04 20:20:00 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\WindSolutions [2010/05/18 19:03:50 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\WinRAR [2010/07/05 16:03:29 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Xilisoft < %APPDATA%\*.exe /s > [2010/12/30 16:52:08 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Christophe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe < %SYSTEMDRIVE%\*.exe > [2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe < %SYSTEMDRIVE%\*.exe > [2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe < MD5 for: AGP440.SYS > [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: DISK.SYS > [2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys [2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys < MD5 for: EXPLORER.EXE > [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NDIS.SYS > [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys < MD5 for: NETLOGON.DLL > [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: RASACD.SYS > [2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys < MD5 for: RDPWD.SYS > [2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysWow64\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys [2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys < MD5 for: TCPIP.SYS > [2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys [2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys [2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys < MD5 for: TDPIPE.SYS > [2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys < MD5 for: TDTCP.SYS > [2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysWow64\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysWow64\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys < MD5 for: USERINIT.EXE > [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < End of report >