Ecran bleu.

re,

la question de goût ne rentre évidemment pas en ligne de compte et je ne considère pas cet argument comme tenant la route.
Ce qui normal pour un "Helpeur", évidemment le point de vue d'un Internaute est différent. (puisque non averti )

Ce topic peut être lu ( évidemment ) par d'autres Internautes, et donc je développe un peu mes arguments ( évidemment je considère que ton choix est fait, mais peu importe, ce n'est pas dans l'optique de te persuader, mais d'expliquer aux autres lecteurs )

dans les conditions d’utilisation relatif à la vie privée de Google Chrome on peut y lire ceci

Et donc, ça veut dire quoi ?
L'utilisateur est "tracké" dans ses habitudes de surf, et des rapports sont remis au grand-manitou "Google"
De plus il installe ceci :
C:\Documents and Settings\USER\Local Settings\Application Data\Google\Update
qui se permet une élévation de droit sans rien demander à personne ( en fait tu l'accepte tacitement en acceptant la licence d'utilisation ) de plus il contient un "fumeux "ActiveX:
* ProgID : GoogleUpdate.OnDemandCOMClass
* ClassID : {2F0E2680-9FF5-43C0-B76E-114A56E93598}

de plus dans la BDR ( basse de registre ) cette clé :

on se rend compte que GoogleUpdate.exe a reçu des privilèges d’exécution silencieuse avec élévation de ceux-ci.
Il est de plus capable de passer outre les protections et de mettre le niveau de sécurité de IE à Medium, quand ça lui chante...
Maintenant je donne une piste aux Internautes intéressés...la soluce la plus facile est de télécharger Iron qui est calqué sur le code source de Chromium, (moteur libre de Webkit ) mais sans les espions
et de virer Chrome avec Revo parce que un désinstall via ajout suppression de programme ne va pas virer tout ce qu'il a installé à votre insu...

Ah, je vois, je n'étais pas au courant (et oui je fais parti des gens qui ne lisent pas les conditions ^^')

Donc google mettrais automatiquement des espions sur mon ordinateur ?

re,
tout à fait ainsi d'ailleurs que la google toolbar

Si je comprend bien ils sont ancrés dans mon ordinateur maintenant ?

re,
as-tu la Google toolbar ?

Re,

Euh non

re,

On va désinstaller le service Bonjour, (inutile )
télécharger ce petit utilitaire sur le bureau
ici téléchargement
Une fois cela fait, lance l'outil que tu viens de télécharger (double-clic dessus )
(Vista,Seven7 utiliser utiliser comme administrateur, clic droit sur l'utilitaire et choisir dans la liste "utiliser comme administrateur" )
Le service est désinstallé.

voici ce que t'a installé Chrome,

vas dans ce répertoire: c:\windows\Tasks avec Explorer, tu verras ceci:

sélectionne les et supprime.

ensuite:

Démarrer/tous les programmes/Accessoires/invite de commande ( clic droit dessus et choisir Exécuter en tant qu'Administrateur )
dans la fenetre tape ceci:

Re,

Alors voila ça continue, l'écran bleu s'affiche encore mais que quand je lance google chrome ou que je rétablis des onglets ou encore quand j'en ouvre un autre, comme je l'avais dis google chrome est le navigateur que je préfère, effectivement, j'ai essayer tout les autres avec toutes leurs mises a jours mais aucun ne me conviens a part justement google chrome, j'aimerais donc une aide afin d'éliminer cette écran bleu définitivement.

Merci encore.

re

Sélectionne le contenu du cadre ci dessous (en dessous du mot code: ), puis tu le copies avec un ctrl+c
ouvre ensuite le Bloc-Notes puis colle le texte ( ctrl+v )
(Démarrer\Tous les programmes\Accessoires\Bloc notes.) (notepad.exe )
Sauvegarde ce fichier sous le nom de CFScript.txt sur le bureau.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :



Cela va relancer Combofix.
Après redémarrage, poste le contenu du rapport Combofix.txt
S'il n'y a pas de rédémarrage, poste quand même le rapport.

Re, Voici le rapport :


ComboFix 11-03-24.01 - Tony 24/03/2011 20:26:19.2.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.4095.1486 [GMT 1:00]
Lancé depuis: c:\users\Tony\Desktop\Téléchargement\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-02-24 au 2011-03-24 ))))))))))))))))))))))))))))))))))))
.
.
2011-03-24 19:49 . 2011-03-24 19:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-12 18:05 . 2011-03-12 18:06 -------- d-----w- c:\program files\iTunes
2011-03-12 18:05 . 2011-03-12 18:06 -------- d-----w- c:\program files (x86)\iTunes
2011-03-12 18:05 . 2011-03-12 18:05 -------- d-----w- c:\program files\iPod
2011-03-08 17:01 . 2011-03-08 17:01 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-03-05 12:32 . 2011-03-05 12:32 -------- d-----w- c:\program files\Bonjour
2011-03-05 12:32 . 2011-03-05 12:32 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-02 06:44 . 2011-03-05 12:28 25048 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browserdirprovider.dll
2011-03-02 06:44 . 2011-03-05 12:28 140248 ----a-w- c:\program files (x86)\Mozilla Firefox\components\brwsrcmp.dll
2011-02-27 21:37 . 2010-12-29 02:45 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-02-27 21:37 . 2010-12-29 02:45 412776 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-02-27 15:19 . 2011-02-27 15:19 -------- d-----w- c:\users\Tony\AppData\Roaming\Avira
2011-02-27 15:14 . 2011-03-02 15:55 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-02-27 15:14 . 2010-08-17 12:39 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-02-27 15:14 . 2011-02-27 15:14 -------- d-----w- c:\programdata\Avira
2011-02-27 15:14 . 2011-02-27 15:14 -------- d-----w- c:\program files (x86)\Avira
2011-02-27 13:57 . 2011-02-27 13:57 -------- d-----w- C:\_OTM
2011-02-26 23:23 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-26 23:23 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-26 17:41 . 2011-02-26 17:41 -------- d-----w- c:\program files\CCleaner
2011-02-24 21:14 . 2011-02-24 21:14 -------- d-----w- c:\program files (x86)\ToniArts
2011-02-24 21:14 . 2004-07-15 23:20 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2011-02-24 21:14 . 2004-07-15 23:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2011-02-24 21:14 . 2004-07-15 23:19 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2011-02-24 21:14 . 2004-07-15 23:18 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2011-02-24 21:14 . 2004-07-15 23:18 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2011-02-24 21:14 . 2011-02-24 21:14 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2011-02-24 21:14 . 2011-02-24 21:14 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2011-02-24 19:37 . 2011-02-24 19:37 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-02-24 08:43 . 2011-02-27 14:17 -------- d-----w- c:\program files (x86)\trend micro
2011-02-24 08:43 . 2011-02-24 08:44 -------- d-----w- C:\rsit
2011-02-23 13:01 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 13:01 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 13:01 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-23 13:01 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-15 22:48 . 2010-05-09 07:36 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-02-27 16:18 . 2010-02-22 18:07 234576 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-02-27 16:18 . 2010-02-22 18:07 234576 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-02-27 15:56 . 2010-02-22 18:07 234576 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-02-26 17:45 . 2011-02-26 17:45 517223 ----a-w- c:\windows\Minidump.zip
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 21:08 . 2011-02-02 21:08 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-01-26 06:53 . 2011-02-09 06:03 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-09 06:03 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-09 06:03 144384 ----a-w- c:\windows\system32\cdd.dll
2011-01-13 10:20 . 2011-02-09 05:57 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B9C32F3-3EEA-4110-B4B5-5BD857D4F1E4}\mpengine.dll
2011-01-13 08:47 . 2011-01-17 22:03 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-07 08:06 . 2011-02-09 06:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-09 06:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-09 06:03 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-09 06:03 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-09 06:03 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-09 06:03 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-09 06:03 3127808 ----a-w- c:\windows\system32\win32k.sys
2010-12-29 02:45 . 2009-12-03 07:27 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-02-27_20.54.26 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-07-27 16:44 . 2010-07-27 16:44 91424 c:\windows\SysWOW64\dnssd.dll
+ 2010-10-07 11:23 . 2010-10-07 11:23 91424 c:\windows\SysWOW64\dnssd.dll
- 2009-07-14 04:54 . 2011-02-27 20:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-03-24 03:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-02-27 20:52 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-24 03:26 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-27 20:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-24 03:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-08 17:01 . 2011-03-23 17:00 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-12-02 07:23 . 2011-03-15 22:51 66438 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-03-23 22:37 50804 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-06 15:41 . 2011-03-23 22:37 20936 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4107576583-1380549909-3866583157-1000_UserData.bin
- 2009-07-14 05:30 . 2011-02-27 14:45 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-03-16 20:14 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-02-18 15:36 . 2011-02-18 15:36 51712 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c169b6211f782a21\usbaapl64.sys
+ 2011-02-27 21:37 . 2010-12-29 02:45 74272 c:\windows\system32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_9e82b97888e55a3b\RtNicProp64.dll
+ 2010-10-07 11:36 . 2010-10-07 11:36 96544 c:\windows\system32\dnssd.dll
+ 2010-01-06 15:37 . 2011-03-24 17:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 15:37 . 2011-02-27 20:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 15:37 . 2011-02-27 20:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-06 15:37 . 2011-03-24 17:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-27 20:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-24 17:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-06 16:36 . 2011-02-27 20:53 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\ind ex.dat
+ 2010-01-06 16:36 . 2011-03-23 22:36 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\ind ex.dat
+ 2009-07-14 04:46 . 2011-03-13 16:05 80352 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionP latform\Cache\cache.dat
- 2009-07-14 04:46 . 2011-02-27 15:24 80352 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionP latform\Cache\cache.dat
- 2010-01-06 16:36 . 2011-02-27 20:53 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-06 16:36 . 2011-03-23 22:36 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-06 16:36 . 2011-02-27 20:53 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\Histo ry.IE5\index.dat
+ 2010-01-06 16:36 . 2011-03-23 22:36 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\Histo ry.IE5\index.dat
- 2010-01-06 15:54 . 2011-02-27 20:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index .dat
+ 2010-01-06 15:54 . 2011-03-23 22:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index .dat
- 2010-01-13 13:34 . 2011-02-27 20:08 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat
+ 2010-01-13 13:34 . 2011-03-24 19:12 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat
- 2010-01-06 15:54 . 2011-02-27 20:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History .IE5\index.dat
+ 2010-01-06 15:54 . 2011-03-23 22:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History .IE5\index.dat
- 2009-12-02 22:45 . 2011-02-10 16:31 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-05 05:26 . 2011-01-06 17:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-05 05:26 . 2011-03-08 17:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2011-02-27 20:51 . 2011-02-27 20:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-03-10 17:18 . 2011-03-23 22:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-03-10 17:18 . 2011-03-23 22:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-02-27 20:51 . 2011-02-27 20:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-03-09 17:17 . 2010-12-23 05:28 850432 c:\windows\SysWOW64\sbe.dll
- 2009-07-14 00:06 . 2009-07-14 01:16 850432 c:\windows\SysWOW64\sbe.dll
+ 2011-03-02 06:47 . 2011-03-02 06:47 235168 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10n_Plugin.exe
- 2009-07-14 00:41 . 2009-07-14 01:16 534528 c:\windows\SysWOW64\EncDec.dll
+ 2011-03-09 17:17 . 2010-12-23 05:28 534528 c:\windows\SysWOW64\EncDec.dll
- 2010-07-27 16:44 . 2010-07-27 16:44 107808 c:\windows\SysWOW64\dns-sd.exe
+ 2010-10-07 11:23 . 2010-10-07 11:23 107808 c:\windows\SysWOW64\dns-sd.exe
+ 2011-03-09 17:17 . 2011-02-19 05:32 739840 c:\windows\SysWOW64\d2d1.dll
- 2011-01-11 21:22 . 2010-11-02 04:35 739840 c:\windows\SysWOW64\d2d1.dll
+ 2011-03-09 17:17 . 2010-12-23 05:28 642048 c:\windows\SysWOW64\CPFilters.dll
- 2010-01-21 18:31 . 2011-02-27 20:52 245760 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-01-21 18:31 . 2011-03-24 03:26 245760 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-01-06 16:34 . 2011-03-24 08:03 406598 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-08-04 10:03 . 2011-03-24 08:06 833230 c:\windows\system32\perfh00C.dat
+ 2009-07-14 02:36 . 2011-03-24 08:06 654348 c:\windows\system32\perfh009.dat
+ 2009-08-04 10:03 . 2011-03-24 08:06 172884 c:\windows\system32\perfc00C.dat
+ 2009-07-14 02:36 . 2011-03-24 08:06 143000 c:\windows\system32\perfc009.dat
+ 2011-03-09 17:17 . 2010-12-23 06:07 723968 c:\windows\system32\EncDec.dll
+ 2009-07-14 05:30 . 2011-03-16 20:14 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-27 14:45 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-27 14:45 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-03-05 12:32 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-02-27 21:37 . 2010-12-29 02:45 107552 c:\windows\system32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_9e82b97888e55a3b\RTNUninst64.dll
+ 2011-02-27 21:37 . 2010-12-29 02:45 412776 c:\windows\system32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_9e82b97888e55a3b\Rt64win7.sys
- 2010-07-27 16:55 . 2010-07-27 16:55 119584 c:\windows\system32\dns-sd.exe
+ 2010-10-07 11:36 . 2010-10-07 11:36 119584 c:\windows\system32\dns-sd.exe
- 2011-01-11 21:22 . 2010-11-02 05:12 902656 c:\windows\system32\d2d1.dll
+ 2011-03-09 17:17 . 2011-02-19 06:36 902656 c:\windows\system32\d2d1.dll
- 2010-11-16 15:48 . 2010-08-04 07:07 961024 c:\windows\system32\CPFilters.dll
+ 2011-03-09 17:17 . 2010-12-23 06:07 961024 c:\windows\system32\CPFilters.dll
+ 2009-07-14 05:12 . 2011-03-24 09:35 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-02-27 20:51 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-03-10 17:17 515432 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-02-27 20:50 515432 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-19 22:04 . 2011-03-10 17:17 609520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4107576583-1380549909-3866583157-1000-8192.dat
+ 2011-03-12 17:59 . 2011-03-12 17:59 897024 c:\windows\Installer\{C73F2967-062E-48F2-A462-D335B8950183}\SafariIco.exe
+ 2011-03-12 18:06 . 2011-03-12 18:06 380928 c:\windows\Installer\{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}\iTunesIco.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2011-03-09 17:17 . 2010-12-18 05:30 2690560 c:\windows\SysWOW64\mstscax.dll
+ 2011-03-09 17:17 . 2010-12-18 05:26 1034240 c:\windows\SysWOW64\mstsc.exe
+ 2009-07-18 03:21 . 2011-03-02 06:47 6053536 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2011-03-09 17:17 . 2011-02-19 05:32 1074176 c:\windows\SysWOW64\DWrite.dll
- 2011-01-11 21:22 . 2010-11-02 04:35 1074176 c:\windows\SysWOW64\DWrite.dll
+ 2011-03-09 17:17 . 2010-12-23 06:07 1118720 c:\windows\system32\sbe.dll
- 2009-07-14 00:21 . 2009-07-14 01:41 1118720 c:\windows\system32\sbe.dll
+ 2011-03-09 17:17 . 2010-12-18 06:12 3138048 c:\windows\system32\mstscax.dll
+ 2011-03-09 17:17 . 2010-12-18 06:08 1097216 c:\windows\system32\mstsc.exe
+ 2011-03-09 17:17 . 2011-02-19 06:37 1135104 c:\windows\system32\FntCache.dll
- 2011-01-11 21:22 . 2010-11-02 05:12 1540608 c:\windows\system32\DWrite.dll
+ 2011-03-09 17:17 . 2011-02-19 06:37 1540608 c:\windows\system32\DWrite.dll
+ 2011-02-18 15:36 . 2011-02-18 15:36 4184352 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c169b6211f782a21\usbaaplrc.dll
+ 2009-07-14 04:45 . 2011-03-10 17:21 3798234 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionP latform\tokens.dat
- 2009-07-14 04:45 . 2011-02-27 09:31 3798234 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionP latform\tokens.dat
+ 2010-01-06 17:12 . 2011-03-10 17:17 2689520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-02-28 17:48 . 2011-02-28 17:48 4422144 c:\windows\Installer\2350e14c.msi
+ 2011-02-16 12:54 . 2011-02-16 12:54 4992000 c:\windows\Installer\182014c8.msp
+ 2011-03-05 12:29 . 2011-03-05 12:29 2527744 c:\windows\Installer\12776880.msi
- 2009-12-02 22:45 . 2011-02-10 16:31 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-02 22:45 . 2011-03-10 17:12 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2009-12-02 22:45 . 2011-02-10 16:31 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2009-07-14 02:34 . 2011-02-27 16:49 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-03-24 17:11 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-03-20 15:52 . 2011-03-10 17:12 39946696 c:\windows\system32\MRT.exe
+ 2011-03-08 17:00 . 2011-03-08 17:00 20308992 c:\windows\Installer\dc92991.msp
+ 2011-03-12 18:02 . 2011-03-12 18:02 38646784 c:\windows\Installer\4cf0567.msi
+ 2011-03-12 17:59 . 2011-03-12 17:59 17973248 c:\windows\Installer\4cefb76.msi
+ 2011-03-05 12:29 . 2011-03-05 12:29 10654208 c:\windows\Installer\127768cb.msi
+ 2011-03-05 12:29 . 2011-03-05 12:29 17840128 c:\windows\Installer\12776842.msi
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b9e20919-fa55-471f-989b-b107bf8de785}"= "c:\program files (x86)\MessengerPlusLive_France_TB\tbMess.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{b9e20919-fa55-471f-989b-b107bf8de785}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b9e20919-fa55-471f-989b-b107bf8de785}]
2010-06-13 17:10 2734688 ----a-w- c:\program files (x86)\MessengerPlusLive_France_TB\tbMess.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{b9e20919-fa55-471f-989b-b107bf8de785}"= "c:\program files (x86)\MessengerPlusLive_France_TB\tbMess.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{b9e20919-fa55-471f-989b-b107bf8de785}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverla yIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facemoi"="c:\facemoi\facemoi.exe" [2010-09-22 176128]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"AdobeBridge"="" [BU]
"AdobeUpdater"="c:\program files (x86)\Common Files\Adobe\Updater\AdobeUpdater.exe" [BU]
"ccleaner"="c:\program files (x86)\CCleaner\ccleaner.exe" [BU]
"cacaoweb"="c:\users\Tony\AppData\Roaming\cacaoweb\cacaoweb.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-15 2245120]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Facemoi"="c:\facemoi\facemoi.exe" [2010-09-22 176128]
"Kone"="c:\program files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE" [2009-09-15 180224]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
c:\users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-12-3 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
R3 dump_wmimmc;dump_wmimmc;c:\gpotato.eu\Dragonica\Release\GameGuard\dump_wmimmc.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-01-24 420864]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-25 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 ntrconnect;ntrconnect;c:\program files (x86)\NTR global\NTRconnect\NTRconnect.exe [2008-10-29 89600]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverla yidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverla yidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-25 10:47 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverla yidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-25 10:47 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2719315
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\ykfu9lic.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.Fr
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: PHPNukeFR Community Toolbar: {1c491116-c175-45e1-a570-6fb14fea8b7b} - %profile%\extensions\{1c491116-c175-45e1-a570-6fb14fea8b7b}
FF - Ext: Messenger Plus Live France Community Toolbar: {59994074-c06d-4a75-9768-49e5a8c21264} - %profile%\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: MessengerPlusLive France TB Community Toolbar: {b9e20919-fa55-471f-989b-b107bf8de785} - %profile%\extensions\{b9e20919-fa55-471f-989b-b107bf8de785}
FF - Ext: Avanquest FR Community Toolbar: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - %profile%\extensions\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: FastestFox: smarterwiki@wikiatic.com - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: Tab Sidebar: TabSidebar@blueprintit.co.uk - %profile%\extensions\TabSidebar@blueprintit.co.uk
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{B9E20919-FA55-471F-989B-B107BF8DE785} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-03-24 21:48:48
ComboFix-quarantined-files.txt 2011-03-24 20:48
ComboFix2.txt 2011-02-27 21:27
.
Avant-CF: 22 959 120 384 octets libres
Après-CF: 27 897 716 736 octets libres
.
- - End Of File - - 8D194291576D6686CF342B7980D60BF4

re,

tu es bien certain d'avoir fait la manip avec le script je vois encore la chose ???


"cacaoweb"="c:\users\Tony\AppData\Roaming\cacaoweb\cacaoweb.exe" [BU]

Re,

c'est possible, en faite j'ai fais ce que tu m'as dis, puis il m'as dis que la version était trop ancienne, j'ai donc cherché sur internet la nouvelle, et par la suite j'ai installé une version. Maintenant quand je lance le fichier texte sur combo il m'affiche l'ecran bleu :s

re,

ça c'est à ne jamais faire seule la bonne version se trouve sur le tuto de Combofix que l'on t'a donné (VIRUS/C/C )
ici Combofix

désinstall de ton ancienne version en tapant ceci dans exécuter:

desinstalle ComboFix en copiant_collant la ligne ci dessous dans "executer" et valide la:

"%userprofile%\Bureau\combofix.exe" /uninstall