Répondre à : virus clé USB 2016-09-08T13:01:58+00:00
Photo du profil de jeromejerome
Participant
Nombre d'articles : 14

[spoiler:e5wow09a]Rapport de ZHPDiag v2013.7.20.351 par Nicolas Coolman, Update du 21/07/2013
Run by rodrigue at 22/07/2013 12:22:52
WebSite: http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
State : Problème connexion internet
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program

—\ Web Browser
MSIE: Internet Explorer v10.0.9200.16635
MFIE: Mozilla Firefox 22.0 (Defaut)
GCIE: Google Chrome v28.0.1500.72

—\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RMV82
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ System Protection
avast! Free Antivirus v8.0.1489.0
Windows Defender W7

—\ System Optimizer
CCleaner v4.00

—\ Peer To Peer (P2P)

—\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 9

—\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4091 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 16 GB (26%) free of 59 GB

—\ Logged in mode
~ Computer Name: RODRIGUE-PC
~ User Name: rodrigue
~ All Users Names: rodrigue, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Environnement Variables
~ System Unit : C:
~ %AppData% : C:UsersrodrigueAppDataRoaming
~ %Desktop% : C:UsersrodrigueDesktop
~ %Favorites% : C:UsersrodrigueFavorites
~ %LocalAppData% : C:UsersrodrigueAppDataLocal
~ %StartMenu% : C:UsersrodrigueAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ DOS/Devices
C: Hard drive, Flash drive, Thumb drive (Free 16 Go of 59 Go)
D: Hard drive, Flash drive, Thumb drive (Free 225 Go of 230 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Free 0 Go of 0 Go)
I: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)

—\ Security Center & Tools Informations
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
~ Security Center: 34 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.FAF6EC2460AD5FBBD38D8E1AE28B0D77] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.12/06/2013 – 00:26:20.) — C:WindowsSystem32wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 14:25:30.) — C:WindowsSystem32Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:26.) — C:WindowsSystem32sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/12/2011 – 04:59:24.) — C:Windowssystem32DriversAFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:21.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:32.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:43.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:20.) — C:Windowssystem32DriversnetBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:45:08.) — C:Windowssystem32Driversntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:35.) — C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:56.) — C:Windowssystem32Driverstdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:02.) — C:Windowssystem32Driversvolsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/12
Mes musiques (My Musics) : 3/3 (Modified)
~ Mes Favoris (My Favorites) : 1/27
~ Mes Documents (My Documents) : 1/695
~ Mon Bureau (My Desktop) : 2/213
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s

—\ Processus lancés
[MD5.3F11B20D12D89365D7721BDC860CE5F0] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5AvastUI.exe [4858968] [PID.2216]
[MD5.CB037F03178E31BA2985ADD15879CA56] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [846288] [PID.3156]
[MD5.B68BA29CC976337B3E0E980FD0EB14A7] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [7744512] [PID.404]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] – (.AVAST Software – avast! Service.) — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [46808] [PID.1264]
[MD5.80F8944EA183004D6EDCBBDCEC166404] – (.Western Digital – WD Drive Service.) — C:Program Files (x86)Western DigitalWD Drive ManagerWDDriveService.exe [248248] [PID.6724]
[MD5.FD2D1C60CDBDFAB63EF182539D8FFC2D] – (.Western Digital – WD Rules Engine.) — C:Program Files (x86)Western DigitalWD SmartWareWDRulesEngine.exe [1177536] [PID.6568]
[MD5.96C4C98FE4866C16FC64E4578A0AA975] – (.Western Digital – WD Backup Engine.) — C:Program Files (x86)Western DigitalWD SmartWareWDBackupEngine.exe [1157056] [PID.6972]
[MD5.F401929EE0CC92BFE7F15161CA535383] – (.Apple Inc. – MobileDeviceService.) — C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55184] [PID.1996]
~ Processes Running: Scanned in 00mn 01s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersrodrigueAppDataLocalGoogleChromeUser DataDefaultPreferences
G2 – GCE: Preference [User DataDefault] [ekhagklcjbdpajgpjgmbionohlpdbjgc] Zotero Connector v.4.0.8.2, (Activé)
~ Google Browser: 13 Legitimates Filtered in 00mn 27s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Browser Helper Objects de navigateur (O2)
O2 – BHO: avast! Online Security [64Bits] – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
~ BHO: 5 Legitimates Filtered in 00mn 00s

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: (no name) [64Bits] – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 – ToolbarWebBrowser: (no name) [64Bits] – [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 – ToolbarWebBrowser: (no name) [64Bits] – [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Applications démarrées par registre & par dossier (O4)
O4 – HKLM..Run: [IAAnotif] . (.Intel Corporation – Event Monitor User Notification Tool.) — C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – HD Audio Control Panel.) — C:Program FilesRealtekAudioHDARAVCpl64.exe
O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
O4 – HKLM..Run: [QuickSet] . (.Dell Inc. – QuickSet.) — C:Program FilesDellQuickSetQuickSet.exe
O4 – HKLM..Run: [Broadcom Wireless Manager UI] . (.Dell Inc. – Dell Wireless WLAN Card Wireless Network Tr.) — C:Program FilesDellDell Wireless WLAN CardWLTRAY.exe
O4 – HKLM..Run: [NvCplDaemon] . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:Windowssystem32NvCpl.dll
O4 – HKLM..Run: [NVHotkey] . (.NVIDIA Corporation – NVIDIA Hotkey Service, Version 186.88.) — C:Windowssystem32nvHotkey.dll
O4 – HKLM..Wow6432NodeRun: [PDVDDXSrv] . (.CyberLink Corp. – CyberLink PowerDVD Resident Program.) — C:Program Files (x86)CyberLinkPowerDVD DXPDVDDXSrv.exe
O4 – HKLM..Wow6432NodeRun: [avast5] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5avastUI.exe
O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe
O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe
O4 – HKUSS-1-5-18..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe
~ Application: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSTaskBar: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSTaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O4 – GSTaskBar: Windows Explorer.lnk . (.Microsoft Corporation – Explorateur Windows.) — C:Windowsexplorer.exe
O4 – GSTaskBar: Windows Fax and Scan.lnk . (.Microsoft Corporation – Microsoft Windows Fax and Scan.) — C:Windowssystem32WFS.exe
O4 – GSTaskBar: Windows Media Player.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program Files (x86)Windows Media Playerwmplayer.exe
O4 – GSPrograms: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSQuickLaunch: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSAccessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSAccessories: Private Character Editor.lnk . (.Microsoft Corporation – Éditeur de caractères privés.) — C:Windowssystem32eudcedit.exe
O4 – GSSendTo: Dropbox.lnk . (…) — C:UsersrodrigueDropbox
O4 – GSSendTo: Fax Recipient.lnk . (.Microsoft Corporation – Microsoft Windows Fax and Scan.) — C:Windowssystem32WFS.exe
O4 – GSDesktop: Disk Cleanup.lnk . (.Microsoft Corporation – Gestionnaire de nettoyage de disque pour Wi.) — C:Windowssystem32cleanmgr.exe
O4 – GSDesktop: Dropbox.lnk . (.Dropbox, Inc. – Dropbox.) — C:UsersrodrigueAppDataRoamingDropboxbinDropbox.exe
O4 – GSDesktop: Musique – Raccourci.lnk . (…) — C:UsersrodrigueAppDataRoamingMicrosoftWindowsLibrariesMusic.library-ms
~ Global Startup: Scanned in 00mn 00s

—\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 – Extra button: @c:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 [64Bits] – {CCA281CA-C863-46ef-9331-5C8D4460577F} . (…) — c:Program FilesWIDCOMMBluetooth Softwarebt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{30DA0839-366F-4BF3-8F14-10532C41DE3E}: DhcpNameServer = 192.168.1.254
O17 – HKLMSystemCCSServicesTcpip..{30DA0839-366F-4BF3-8F14-10532C41DE3E}: DhcpDomain = lan
O17 – HKLMSystemCS1ServicesTcpip..{30DA0839-366F-4BF3-8F14-10532C41DE3E}: DhcpNameServer = 192.168.1.254
O17 – HKLMSystemCS1ServicesTcpip..{30DA0839-366F-4BF3-8F14-10532C41DE3E}: DhcpDomain = lan
O17 – HKLMSystemCS2ServicesTcpip..{30DA0839-366F-4BF3-8F14-10532C41DE3E}: DhcpNameServer = 192.168.1.254
O17 – HKLMSystemCS2ServicesTcpip..{30DA0839-366F-4BF3-8F14-10532C41DE3E}: DhcpDomain = lan
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: GoToAssist . (…) — C:Program Files (x86)CitrixGoToAssist514G2AWinLogon_x64.dll (.not file.)
~ Winlogon: Scanned in 00mn 00s

—\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{612A6D48-2F35-4FA0-8EFE-CD9244CFAF47}] (…) — H:thèseLogicielsUSVIEW.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{83F79A43-7F49-4218-9C36-F581ABA83CCE}] (…) — C:Program Files (x86)InstallShield Installation Information{AF7E85DC-317C-47F5-810E-B82EE093A612}setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E5300046-D886-4B8F-92A6-EE59150FA4C1}] (…) — H:thèseLogicielsUSVIEW.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareSoftonic]
[HKCUSoftwareYahooPartnerToolbar]
~ Key Software: 203 Legitimates Filtered in 00mn 01s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 10/04/2011 – 00:37:54 – [0,000] —-D C:Program Files (x86)LimeWire
O43 – CFD: 06/05/2011 – 18:27:13 – [0] —-D C:ProgramDataMediMatic
O43 – CFD: 06/05/2011 – 18:27:13 – [0] —-D C:UsersrodrigueAppDataLocalMediMatic
~ Program Folder: 172 Legitimates Filtered in 00mn 04s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.F4F71FD9976CEE37681B0F5433DD2145] – 22/07/2013 – 10:39:01 —A- . (…) — C:Upload_UsbFix.zip [14336]
O44 – LFC:[MD5.9D28480DF7C97A74CAA642620CEA5FD6] – 22/07/2013 – 10:39:01 —A- . (…) — C:UsbFix [Clean 1] RODRIGUE-PC.txt [12996]
O44 – LFC:[MD5.3550C1C06C1A5EB473B8C0E4306168C7] – 22/07/2013 – 08:54:03


. (…) — C:UsbFix [Scan 2] RODRIGUE-PC.txt [7702]
~ Files: 58 Legitimates Filtered in 00mn 09s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.CFA00B05D81E0250675D53E0843C307F] – 19/07/2013 – 14:46:43 —A- – C:WindowsPrefetchUNLOCK.EXE-95FB8DBD.pf
O45 – LFCP:[MD5.90766D2D926C6BC2AC7EF6A7C980DA64] – 22/07/2013 – 10:36:51 —A- – C:WindowsPrefetchGO.EXE-9F5F9B7B.pf
O45 – LFCP:[MD5.4F4DB5D6F80527D5899E0D3D17DAAF99] – 22/07/2013 – 10:37:16 —A- – C:WindowsPrefetchWDDRIVESERVICE.EXE-AB726BCE.pf
O45 – LFCP:[MD5.F0EE4C51AE68E9A11A644B4DFF2B3F99] – 22/07/2013 – 10:37:19 —A- – C:WindowsPrefetchWDBACKUPENGINE.EXE-F7EA5128.pf
O45 – LFCP:[MD5.B3EC007AAD9CA4731DFA017F1ACE239A] – 22/07/2013 – 10:38:15 —A- – C:WindowsPrefetchDLCGCOMS.EXE-2D4EFBB1.pf
O45 – LFCP:[MD5.059CD4253A829C28BF77F2C34861B9AF] – 22/07/2013 – 11:23:14 —A- – C:WindowsPrefetchWDLOCKEDFILES.EXE-EE26236A.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 01s

—\ MountPoints2 Shell Key (O51)
O51 – MPSK:{66e36872-9ac5-11e1-a1d5-0026b9d6c102}AutoRuncommand. (.Western Digital – Unlock Utility for WD SmartWare.) — F:unlock.exe
~ Keys: Scanned in 00mn 00s

—\ ShareTools MSconfig StartupReg (O53)
O53 – SMSR:HKLM…startupregWD Quick View [Key] . (.Western Digital Technologies, Inc. – WD Quick View.) — C:Program Files (x86)Western DigitalWD Quick ViewWDDMStatus.exe
~ SMSR Keys: 9 Legitimates Filtered in 00mn 00s

—\ Microsoft Windows Policies System (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Microsoft Windows Policies Explorer (O56)
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s[/spoiler:e5wow09a]
OK je laisse faire la bête!! :dodo10:
[hr:e5wow09a]
Ca bloque depuis 1h30 à 57%…
C’est pas dangereux de poster les diagnostics de mon PC sur un forum ???
Désolé je n’y connait rien…. :shame:

[hr:e5wow09a]

Je suis toujours à 57% de progression après 1h30….
Please HELP!!! :content: