papyreunion

bonjour, impossible d'installer flash player 11 message : only a single instance of this application can run. J'ai téléchargé l'uninstall flash player. Auncun résultat. Mozilla 7 me dit manque le pluging de d'adobe flash, me demande une installation manuelle rien à faire. Même chose sous I.E.9. J'ai redémarré le pc après l'uninstall flashplayer et là j'ai pu installer la version 11.0.1.152 mais mozilla me demande toujours le plugin additionnel d'adobe flash player . Il me dirige vers la version 10 échoue l'installation pour me diriger vers installation manuelle qui me dirige bien vers la version 11 mais j'ai de nouveau le message " only a single instance of this application can run. j'ai installé sous mozilla le pluging version 10. Mozilla me dit que module complémentaire à jour. Je ne touche plus à rien. Sauf si vous avez une idée. Windows 7 64 bit - antivir - ccleaner - malwarebyte's

Bonjour PEAR, merci pour l'info.

Bonjour, j'ai le pc du fils d'une amie qui a été infecté par : packer.gen - adware.hotbar - spyware.onlinegames : J'ai supprimé avec malwarebytes'anti-malware. pc avec(Ccleaner - glary utilities -antivirus avast - malwarebytes' -win xp -) j'ai exécuter toolbar sd : ci dessous le rapport. Faut-il passer la suppression. Merci -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Sempron 2600+ ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : avast! Antivirus 5.0.100664499 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:1,#QNAN Go (Free:5 Go) D:\ (Local Disk) - NTFS - Total:76 Go (Free:36 Go) E:\ (Local Disk) - NTFS - Total:58 Go (Free:48 Go) F:\ (CD or DVD) G:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 06/09/2011|13:39 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Administrateur) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} => utorrentbar_fr (Administrateur) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user (Administrateur) - {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} => wot -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.msn.com/"'>http://fr.msn.com/" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?linkid=54896" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.msn.com/" "Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update" "Search bar"="http://search.msn.com/spbasic.htm" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 06/09/2011|13:40 - Option : [1] -----------\\ Fin du rapport a 13:40:53,75

Bonjour, j'ai crée un nouveau profil dans mozilla est la connection se fait sans problème. Je peux donc désinstaller zhpdiag et ad remover et supprimer l'ancien profil. je passe en résolu. Merci

Bonjour, j'ai fait un scan avec malwarebyte qui m'a trouvé PUP.Dealio.TB que j'ai supprimé. J'ai supprimer les anciens points de restauration. installé firefox 6. puis désinstallé et réinstallé firefox 6 toujours impossible de se connecter à hotmail. Par contre sous I.E. oui, et sous mozilla l'adresse hotmail de son épouse la connexion se fait sans souci.

rapport de nettoyage : Rapport de ZHPFix 1.12.3354 par Nicolas Coolman, Update du 14/08/2011 Fichier d'export Registre : Run by viot at 16/08/2011 16:11:08 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: StartupReg: ie9installer ========== Valeur(s) du Registre ========== SUPPRIME URLSearchHook: {7e052274-e593-4ed8-963c-3dd661d917b1} ========== Dossier(s) ========== SUPPRIME Folder: C:\ProgramData\Partner SUPPRIME Folder: C:\Users\viot\AppData\Local\photoOptimizeHistoryDataBase SUPPRIME Folder: C:\Users\viot\AppData\Local\{0CC3D068-7317-485B-ADF7-BDF274209B56} SUPPRIME Folder: C:\Users\viot\AppData\Local\{3CC72C9B-D1AB-4BE6-98E9-200A5622EF7F} SUPPRIME Folder: C:\Users\viot\AppData\Local\{506B4A16-F2FA-4764-B4FC-6E99D6451D42} SUPPRIME Folder: C:\Users\viot\AppData\Local\{547833E1-EE58-442B-8314-53DBF7DA2228} SUPPRIME Folder: C:\Users\viot\AppData\Local\{575EBF1E-FE96-475F-93EF-3D3956523C66} SUPPRIME Folder: C:\Users\viot\AppData\Local\{69F9AD57-67EF-4E3B-8A5C-6E452154FE96} SUPPRIME Folder: C:\Users\viot\AppData\Local\{791C0920-1558-4E86-90D6-C980906D7F04} SUPPRIME Folder: C:\Users\viot\AppData\Local\{7F5139A1-3589-4686-8170-FA7B77126D4C} SUPPRIME Folder: C:\Users\viot\AppData\Local\{89F25EF8-FD52-4F13-BFB1-F28CC91B56E0} SUPPRIME Folder: C:\Users\viot\AppData\Local\{94BD744C-5D4F-4A59-829F-72B5A215C595} SUPPRIME Folder: C:\Users\viot\AppData\Local\{A5CE3D06-86DC-401E-A1A0-0903A720EC63} SUPPRIME Folder: C:\Users\viot\AppData\Local\{B28C4EF9-9463-4C5E-99A2-25DC6004DA3B} SUPPRIME Folder: C:\Users\viot\AppData\Local\{B59A3A70-9D53-4CA2-B45E-524D1FF44B72} SUPPRIME Folder: C:\Users\viot\AppData\Local\{BCC61738-9338-4441-A155-7143B77131C7} SUPPRIME Folder: C:\Users\viot\AppData\Local\{BDFACD41-C8DC-45F1-BE06-F763AE7AB747} SUPPRIME Folder: C:\Users\viot\AppData\Local\{BFF8368F-C2DF-49BF-862C-7C0A1A6ADD6B} SUPPRIME Folder: C:\Users\viot\AppData\Local\{D9A75400-352C-4D2E-ACE8-A83C898DCA1A} SUPPRIME Folder: C:\Users\viot\AppData\Local\{DF7D90E8-CFBF-4843-B863-AACCA45C671E} SUPPRIME Folder: C:\Users\viot\AppData\Local\{F66066D4-AE98-49AD-9D2E-80C71AB59FD5} ========== Fichier(s) ========== SUPPRIME c:\ad-report-scan[4].txt ABSENT File: c:\users\viot\appdata\local\temp\iesetup-win7-x86.exe ========== Récapitulatif ========== 1 : Clé(s) du Registre 1 : Valeur(s) du Registre 21 : Dossier(s) 2 : Fichier(s) End of the scan in 00mn 03s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 16/08/2011 16:11:08

Ci-jpoint clean txt ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [6]) -> Lancé à 14:02:23 le 16/08/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) viot@VIOT-PC (MEDIONPC MS-7708) ============== ACTION(S) ============== j'ai téléchargé ZHPDiag ci dessous le fichier txt qui peut m'aider car je ne maîtrise pas ce logiciel merci Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011 Run by viot at 8/16/2011 3:12:54 PM Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 5.0 v5.0 (Defaut) ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 8TFF7 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4023.1 MB (67% free) System Restore: Activé (Enable) System drive C: has 1303 GB (95%) free of 1366 GB ---\\ Logged in mode ~ Computer Name: VIOT-PC ~ User Name: viot ~ All Users Names: viot, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\viot\AppData\Roaming\ ~ %Desktop% : C:\Users\viot\Desktop\ ~ %Favorites% : C:\Users\viot\Favorites\ ~ %LocalAppData% : C:\Users\viot\AppData\Local\ ~ %StartMenu% : C:\Users\viot\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 1303 Go of 1366 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 30 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn AMs ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.4/27/2011 - 7:19:30 AM.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.7/14/2009 - 2:39:31 AM.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/11/2011 - 6:36:16 AM.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.3/22/2011 - 2:25:30 PM.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.4/27/2011 - 7:41:34 AM.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.3/22/2011 - 2:27:26 PM.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.3/22/2011 - 2:07:20 PM.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn AMs ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 19/2902 ~ Mes musiques (My Musics) : 3/26 ~ Mes Favoris (My Favorites) : 3/34 ~ Mes Documents (My Documents) : 19/1051 ~ Mon Bureau (My Desktop) : 1/88 ~ Menu demarrer (Programs) : 6/30 ~ Scan Hidden Files in 01mn AMs ---\\ Processus lancés [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.2740] [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.3004] [MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664064] [PID.3804] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.] [MD5.DB7213FCB2BC1B4F0C5CC5AF344ABCD0] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [209768] [PID.] [MD5.F821B6C5D3FD23E11CBB613F61C94C98] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [483688] [PID.] [MD5.61A86809B62769643892BC0812B204AA] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [821664] [PID.] ~ Scan Processes Running in 00mn AMs ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\viot\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] http://www.bing.com'>http://www.bing.com G0 - GCSP: Preference [user Data\Default][HomePage] http://fr.msn.com'>http://fr.msn.com'>http://fr.msn.com G2 - GCE: Preference [user Data\Default] [dpicnlijpdlebkhpegfenfjpglinfdhm] OfferBox v.5.3.2613.30 (Activé) ~ Scan Google Browser in 00mn AMs ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\viot\AppData\Roaming\Mozilla\Firefox\Profiles\k9wy89xu.default\prefs.js C:\Users\viot\AppData\Roaming\Mozilla\Firefox\Profiles\k9wy89xu.default\user.js M3 - MFPP: Plugins - [viot] -- C:\Users\viot\AppData\Roaming\Mozilla\Firefox\Profiles\k9wy89xu.default\searchplugins\bing.xml M3 - MFPP: Plugins - [viot] -- C:\Users\viot\AppData\Roaming\Mozilla\Firefox\Profiles\k9wy89xu.default\searchplugins\googlecomtr.xml M0 - MFSP: prefs.js [viot - k9wy89xu.default] http://www.hotmail.com/ M2 - MFEP: prefs.js [viot - k9wy89xu.default\{7e052274-e593-4ed8-963c-3dd661d917b1}] [] Softonic.France_ Community Toolbar v3.6.0.10 (.Conduit Ltd..) M2 - MFEP: prefs.js [viot - k9wy89xu.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110704 (.WOT Services Oy.) P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/GENUINE] - (.Microsoft Corporation - Windows Activation Technologies Plugin for Mozilla.) -- C:\Windows\system32\Wat\npWatWeb.dll ~ Scan Firefox Browser in 00mn AMs ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKUS\S-1-5-21-1893587973-1627024690-3173628491-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com'>http://www.microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R3 - URLSearchHook: (no name) [64Bits] - {7e052274-e593-4ed8-963c-3dd661d917b1} . (...) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn AMs ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn AMs ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn AMs ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn AMs ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan BHO in 00mn AMs ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ~ Scan Toolbar in 00mn AMs ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-1893587973-1627024690-3173628491-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn AMs ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\viot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\viot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\viot\Desktop\Documents.lnk . (...) -- C:\Users\viot\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms O4 - Global Startup: C:\Users\viot\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\viot\Desktop\Microsoft Word Starter 2010.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE O4 - Global Startup: C:\Users\viot\Desktop\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\viot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\viot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\viot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ~ Scan Global Startup in 00mn AMs ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll ~ Scan IE Menu Contextuel in 00mn AMs ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: eBay.fr [64Bits] - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} . (...) -- C:\Program Files\Internet Explorer\Custom\eBay.ico ~ Scan IE Extra Buttons in 00mn AMs ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn AMs ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{1289CDFC-AECD-40DC-9824-932F5923B922}: DhcpNameServer = 10.10.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{6A19C189-C945-4326-A65F-E6E93460E2D4}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{1289CDFC-AECD-40DC-9824-932F5923B922}: DhcpNameServer = 10.10.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{6A19C189-C945-4326-A65F-E6E93460E2D4}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS2\Services\Tcpip\..\{1289CDFC-AECD-40DC-9824-932F5923B922}: DhcpNameServer = 10.10.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{6A19C189-C945-4326-A65F-E6E93460E2D4}: DhcpNameServer = 212.27.40.241 212.27.40.240 ~ Scan Domain in 00mn AMs ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll ~ Scan Protocole Additionnel in 00mn AMs ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn AMs ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe ~ Scan Services in 00mn AMs ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn AMs ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.00000000000000000000000000000000] [APT] [ASC4_PerformanceMonitor] (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe (.not file.) [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.21293443961A4E2597453EE7A9347F22] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [MD5.00000000000000000000000000000000] [APT] [smartDefrag_Startup] (...) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe (.not file.) [MD5.C0C583A030510EDE368BEFF833078AFA] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] [APT] [{86453F53-52A4-42E8-A868-4ACD1CEA5577}] (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ~ Scan Scheduled Task in 00mn AMs ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn AMs ---\\ Logiciels installés (O42) O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {5479F9EC-5D71-CB4F-7091-3BF696F82035} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Ashampoo Photo Commander - (.ashampoo GmbH & Co. KG.) [HKLM] -- Ashampoo Photo Commander_is1 O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CorelDRAW Essentials 4 - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{CF0ADC18-6D8F-4353-8EAA-DF45456B7853} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink PowerDVD Copy - (.CyberLink Corp..) [HKLM] -- InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1} O42 - Logiciel: CyberLink PowerDVD Copy - (.CyberLink Corp..) [HKLM] -- {E3D04529-6EDB-11D8-A372-0050BAE317E1} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94} O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects O42 - Logiciel: HP Smart Web Printing 4.5 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Medion Home Cinema - (.CyberLink Corp..) [HKLM] -- InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C} O42 - Logiciel: Medion Home Cinema - (.CyberLink Corp..) [HKLM] -- {AB770FDE-8087-4C98-9A85-BD64262C104C} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM] -- {90140011-0066-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.Click2Run O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: TomTom HOME 2.8.2.2264 - (.TomTom.) [HKLM] -- TomTom HOME O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011 O42 - Logiciel: WinRAR 4.00 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Avira] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Google] [HKCU\Software\HARVEST S.A.] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Softonic] [HKCU\Software\TomTom] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\AppDataLow] [HKLM\Software\Ashampoo] [HKLM\Software\Avira] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\IObit] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\TomTom] [HKLM\Software\TuneUp] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn AMs ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 12/3/2010 - 9:05:22 PM - [23377590] ----D- C:\Program Files\ATI O43 - CFD: 12/3/2010 - 9:05:42 PM - [28] ----D- C:\Program Files\ATI Technologies O43 - CFD: 8/4/2011 - 6:50:52 PM - [8458144] ----D- C:\Program Files\CCleaner O43 - CFD: 7/14/2009 - 5:20:10 AM - [84569683] ----D- C:\Program Files\Common Files O43 - CFD: 3/22/2011 - 1:44:14 PM - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 2/28/2011 - 3:06:44 PM - [996960] ----D- C:\Program Files\Google O43 - CFD: 2/28/2011 - 6:21:42 PM - [4498832] ----D- C:\Program Files\HP O43 - CFD: 8/12/2011 - 1:03:08 PM - [6572855] ----D- C:\Program Files\Internet Explorer O43 - CFD: 12/3/2010 - 7:32:04 PM - [80648849] ----D- C:\Program Files\Java O43 - CFD: 7/14/2009 - 9:45:56 AM - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 2/28/2011 - 3:14:14 PM - [1584815] ----D- C:\Program Files\Microsoft Office O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 2/28/2011 - 3:08:12 PM - [2178436] ----D- C:\Program Files\PlayReady O43 - CFD: 11/9/2010 - 11:51:50 PM - [17289232] ----D- C:\Program Files\Realtek O43 - CFD: 4/3/2011 - 5:30:24 PM - [4323944] ----D- C:\Program Files\Recuva O43 - CFD: 7/14/2009 - 7:32:40 AM - [36813993] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 3/22/2011 - 1:44:10 PM - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 3/22/2011 - 1:44:14 PM - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 10/28/2010 - 12:39:12 AM - [9707071] ----D- C:\Program Files\Windows Live O43 - CFD: 3/22/2011 - 1:44:14 PM - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 3/22/2011 - 1:44:14 PM - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 3/22/2011 - 1:44:14 PM - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 3/22/2011 - 1:44:14 PM - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 3/22/2011 - 1:44:14 PM - [12025118] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 2/28/2011 - 3:14:16 PM - [71763922] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 2/28/2011 - 10:56:00 PM - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 2/28/2011 - 8:08:52 PM - [767] ----D- C:\ProgramData\Adobe O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 12/3/2010 - 9:08:44 PM - [188] ----D- C:\ProgramData\ATI O43 - CFD: 2/28/2011 - 5:12:30 PM - [59714012] ----D- C:\ProgramData\Avira O43 - CFD: 6/11/2011 - 5:02:24 PM - [40536] ----D- C:\ProgramData\CyberLink O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 12/3/2010 - 5:34:56 PM - [4471756] ----D- C:\ProgramData\Downloaded Installations O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 2/28/2011 - 3:06:50 PM - [539844] ----D- C:\ProgramData\Google O43 - CFD: 3/21/2011 - 9:55:32 PM - [69867] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 8/12/2011 - 1:03:08 PM - [27535331] ----D- C:\ProgramData\HP O43 - CFD: 2/28/2011 - 6:26:50 PM - [8988] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 8/11/2011 - 6:28:22 PM - [2764] ----D- C:\ProgramData\IObit O43 - CFD: 2/28/2011 - 4:06:56 PM - [16690952] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 2/28/2011 - 3:14:42 PM - [2254924753] -S--D- C:\ProgramData\Microsoft O43 - CFD: 11/10/2010 - 10:23:12 PM - [680] ----D- C:\ProgramData\Office Genuine Advantage O43 - CFD: 3/22/2011 - 10:32:12 AM - [1355] ----D- C:\ProgramData\Partner O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 7/7/2010 - 6:34:40 PM - [119] ----D- C:\ProgramData\Sun O43 - CFD: 11/9/2010 - 10:44:16 PM - [233685] ----D- C:\ProgramData\Temp O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 4/15/2011 - 12:46:52 PM - [408008] ----D- C:\ProgramData\TomTom O43 - CFD: 3/2/2011 - 6:06:50 PM - [6923424] ----D- C:\ProgramData\TuneUp Software O43 - CFD: 3/1/2011 - 9:30:44 AM - [0] ----D- C:\ProgramData\VirtualizedApplications O43 - CFD: 2/28/2011 - 6:30:34 PM - [213] ----D- C:\ProgramData\WEBREG O43 - CFD: 3/2/2011 - 6:05:18 PM - [18449920] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} O43 - CFD: 2/28/2011 - 8:08:10 PM - [712976] ----D- C:\Users\viot\AppData\Roaming\Adobe O43 - CFD: 2/28/2011 - 3:09:28 PM - [0] ----D- C:\Users\viot\AppData\Roaming\ATI O43 - CFD: 2/28/2011 - 5:26:12 PM - [0] ----D- C:\Users\viot\AppData\Roaming\Avira O43 - CFD: 6/12/2011 - 5:45:18 PM - [2453] ----D- C:\Users\viot\AppData\Roaming\CyberLink O43 - CFD: 2/28/2011 - 3:21:42 PM - [0] ----D- C:\Users\viot\AppData\Roaming\Google O43 - CFD: 4/26/2011 - 9:53:40 AM - [44050] ----D- C:\Users\viot\AppData\Roaming\HARVEST S.A O43 - CFD: 3/30/2011 - 7:07:36 PM - [153432] ----D- C:\Users\viot\AppData\Roaming\HP O43 - CFD: 2/28/2011 - 3:08:38 PM - [0] ----D- C:\Users\viot\AppData\Roaming\Identities O43 - CFD: 8/14/2011 - 12:31:42 PM - [0] ----D- C:\Users\viot\AppData\Roaming\InstallShield O43 - CFD: 2/28/2011 - 3:09:12 PM - [0] ----D- C:\Users\viot\AppData\Roaming\Intel Corporation O43 - CFD: 8/12/2011 - 1:03:06 PM - [17159] ----D- C:\Users\viot\AppData\Roaming\IObit O43 - CFD: 10/13/2010 - 12:37:10 PM - [57252] ----D- C:\Users\viot\AppData\Roaming\Macromedia O43 - CFD: 2/28/2011 - 4:07:06 PM - [755172] ----D- C:\Users\viot\AppData\Roaming\Malwarebytes O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\viot\AppData\Roaming\Media Center Programs O43 - CFD: 8/12/2011 - 10:11:58 AM - [8666594] -S--D- C:\Users\viot\AppData\Roaming\Microsoft O43 - CFD: 2/28/2011 - 3:35:02 PM - [23388702] ----D- C:\Users\viot\AppData\Roaming\Mozilla O43 - CFD: 8/16/2011 - 1:52:50 PM - [6061583] ----D- C:\Users\viot\AppData\Roaming\SoftGrid Client O43 - CFD: 4/15/2011 - 12:44:24 PM - [17674939] ----D- C:\Users\viot\AppData\Roaming\TomTom O43 - CFD: 2/28/2011 - 3:15:14 PM - [0] ----D- C:\Users\viot\AppData\Roaming\TP O43 - CFD: 3/2/2011 - 7:00:40 PM - [154458] ----D- C:\Users\viot\AppData\Roaming\TuneUp Software O43 - CFD: 7/21/2011 - 10:30:16 AM - [6706702] ----D- C:\Users\viot\AppData\Roaming\U3 O43 - CFD: 6/29/2011 - 8:41:36 PM - [295] ----D- C:\Users\viot\AppData\Roaming\Windows Live Writer O43 - CFD: 3/10/2011 - 6:47:12 PM - [12] ----D- C:\Users\viot\AppData\Roaming\WinRAR O43 - CFD: 2/28/2011 - 8:14:18 PM - [123219] ----D- C:\Users\viot\AppData\Local\Adobe O43 - CFD: 2/28/2011 - 3:08:30 PM - [0] -SH-D- C:\Users\viot\AppData\Local\Application Data O43 - CFD: 7/9/2011 - 7:19:18 PM - [672] ----D- C:\Users\viot\AppData\Local\Ashampoo Photo Optimizer Medion O43 - CFD: 2/28/2011 - 3:09:28 PM - [70233] ----D- C:\Users\viot\AppData\Local\ATI O43 - CFD: 8/12/2011 - 3:26:28 PM - [7229170] ----D- C:\Users\viot\AppData\Local\Diagnostics O43 - CFD: 8/15/2011 - 8:55:12 PM - [2216290] ----D- C:\Users\viot\AppData\Local\ElevatedDiagnostics O43 - CFD: 8/4/2011 - 11:26:20 AM - [10420911] ----D- C:\Users\viot\AppData\Local\Google O43 - CFD: 2/28/2011 - 3:08:30 PM - [0] -SH-D- C:\Users\viot\AppData\Local\Historique O43 - CFD: 3/30/2011 - 7:07:36 PM - [87547] ----D- C:\Users\viot\AppData\Local\HP O43 - CFD: 8/12/2011 - 10:11:58 AM - [222877861] ----D- C:\Users\viot\AppData\Local\Microsoft O43 - CFD: 2/28/2011 - 3:35:02 PM - [53151842] ----D- C:\Users\viot\AppData\Local\Mozilla O43 - CFD: 7/9/2011 - 7:19:18 PM - [0] ----D- C:\Users\viot\AppData\Local\photoOptimizeHistoryDataBase O43 - CFD: 2/28/2011 - 3:08:56 PM - [40960] ----D- C:\Users\viot\AppData\Local\Power2Go O43 - CFD: 2/28/2011 - 3:15:06 PM - [5341184] ----D- C:\Users\viot\AppData\Local\SoftGrid Client O43 - CFD: 8/16/2011 - 3:08:34 PM - [303300] ----D- C:\Users\viot\AppData\Local\Temp O43 - CFD: 2/28/2011 - 3:08:30 PM - [0] -SH-D- C:\Users\viot\AppData\Local\Temporary Internet Files O43 - CFD: 4/15/2011 - 12:44:24 PM - [1961826] ----D- C:\Users\viot\AppData\Local\TomTom O43 - CFD: 8/12/2011 - 4:28:04 PM - [7168] ----D- C:\Users\viot\AppData\Local\VirtualStore O43 - CFD: 8/10/2011 - 2:01:58 PM - [201152973] ----D- C:\Users\viot\AppData\Local\Windows Live O43 - CFD: 3/4/2011 - 10:56:22 AM - [648463] ----D- C:\Users\viot\AppData\Local\Windows Live Writer O43 - CFD: 8/12/2011 - 11:40:12 AM - [0] ----D- C:\Users\viot\AppData\Local\{0CC3D068-7317-485B-ADF7-BDF274209B56} O43 - CFD: 8/15/2011 - 7:16:58 PM - [0] ----D- C:\Users\viot\AppData\Local\{3CC72C9B-D1AB-4BE6-98E9-200A5622EF7F} O43 - CFD: 7/13/2011 - 1:59:54 PM - [0] ----D- C:\Users\viot\AppData\Local\{506B4A16-F2FA-4764-B4FC-6E99D6451D42} O43 - CFD: 4/9/2011 - 11:28:10 AM - [0] ----D- C:\Users\viot\AppData\Local\{547833E1-EE58-442B-8314-53DBF7DA2228} O43 - CFD: 6/26/2011 - 2:21:32 PM - [0] ----D- C:\Users\viot\AppData\Local\{575EBF1E-FE96-475F-93EF-3D3956523C66} O43 - CFD: 4/27/2011 - 1:36:52 PM - [0] ----D- C:\Users\viot\AppData\Local\{69F9AD57-67EF-4E3B-8A5C-6E452154FE96} O43 - CFD: 8/12/2011 - 2:42:54 PM - [0] ----D- C:\Users\viot\AppData\Local\{791C0920-1558-4E86-90D6-C980906D7F04} O43 - CFD: 6/29/2011 - 8:40:54 PM - [0] ----D- C:\Users\viot\AppData\Local\{7F5139A1-3589-4686-8170-FA7B77126D4C} O43 - CFD: 4/3/2011 - 7:24:52 PM - [0] ----D- C:\Users\viot\AppData\Local\{89F25EF8-FD52-4F13-BFB1-F28CC91B56E0} O43 - CFD: 8/12/2011 - 2:42:54 PM - [0] ----D- C:\Users\viot\AppData\Local\{94BD744C-5D4F-4A59-829F-72B5A215C595} O43 - CFD: 4/27/2011 - 1:36:24 PM - [0] ----D- C:\Users\viot\AppData\Local\{A5CE3D06-86DC-401E-A1A0-0903A720EC63} O43 - CFD: 8/15/2011 - 9:42:34 PM - [0] ----D- C:\Users\viot\AppData\Local\{B28C4EF9-9463-4C5E-99A2-25DC6004DA3B} O43 - CFD: 8/10/2011 - 2:01:56 PM - [0] ----D- C:\Users\viot\AppData\Local\{B59A3A70-9D53-4CA2-B45E-524D1FF44B72} O43 - CFD: 8/13/2011 - 9:44:58 AM - [0] ----D- C:\Users\viot\AppData\Local\{BCC61738-9338-4441-A155-7143B77131C7} O43 - CFD: 4/3/2011 - 9:01:00 AM - [0] ----D- C:\Users\viot\AppData\Local\{BDFACD41-C8DC-45F1-BE06-F763AE7AB747} O43 - CFD: 4/14/2011 - 8:56:52 AM - [0] ----D- C:\Users\viot\AppData\Local\{BFF8368F-C2DF-49BF-862C-7C0A1A6ADD6B} O43 - CFD: 4/3/2011 - 7:24:10 PM - [0] ----D- C:\Users\viot\AppData\Local\{D9A75400-352C-4D2E-ACE8-A83C898DCA1A} O43 - CFD: 4/16/2011 - 7:19:40 PM - [0] ----D- C:\Users\viot\AppData\Local\{DF7D90E8-CFBF-4843-B863-AACCA45C671E} O43 - CFD: 4/29/2011 - 7:27:38 PM - [0] ----D- C:\Users\viot\AppData\Local\{F66066D4-AE98-49AD-9D2E-80C71AB59FD5} O43 - CFD: 8/15/2011 - 6:48:28 PM - [321349122] ----D- C:\Program Files (x86)\Ad-Remover O43 - CFD: 10/13/2010 - 12:37:14 PM - [688584576] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 12/3/2010 - 9:05:24 PM - [76126525] ----D- C:\Program Files (x86)\ATI Technologies O43 - CFD: 2/28/2011 - 5:12:30 PM - [139507883] ----D- C:\Program Files (x86)\Avira O43 - CFD: 4/26/2011 - 10:21:26 AM - [64748229] ----D- C:\Program Files (x86)\ClickImpots first step 2011 O43 - CFD: 8/12/2011 - 4:16:42 PM - [805409567] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 11/9/2010 - 10:44:24 PM - [298976003] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 2/28/2011 - 3:06:44 PM - [312421723] ----D- C:\Program Files (x86)\Google O43 - CFD: 3/22/2011 - 10:33:56 AM - [193898133] ----D- C:\Program Files (x86)\HP O43 - CFD: 12/3/2010 - 5:35:14 PM - [49315374] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 8/14/2011 - 12:31:42 PM - [19089345] ----D- C:\Program Files (x86)\Intel O43 - CFD: 8/12/2011 - 1:03:10 PM - [5536783] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 8/12/2011 - 4:02:02 PM - [0] ----D- C:\Program Files (x86)\IObit O43 - CFD: 12/3/2010 - 7:31:44 PM - [90682361] ----D- C:\Program Files (x86)\Java O43 - CFD: 8/5/2011 - 11:58:28 AM - [6985765] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 7/9/2011 - 7:19:50 PM - [116948119] ----D- C:\Program Files (x86)\Medion MediaPack O43 - CFD: 3/1/2011 - 10:13:06 AM - [11424814] ----D- C:\Program Files (x86)\Microsoft Application Virtualization Client O43 - CFD: 2/28/2011 - 3:14:16 PM - [40947167] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 6/16/2011 - 9:22:10 PM - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 8/4/2011 - 6:34:26 PM - [4114055] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 12/2/2010 - 4:33:14 PM - [15715] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 6/24/2011 - 7:28:04 PM - [34283139] ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 3/2/2011 - 5:34:58 PM - [66546585] ----D- C:\Program Files (x86)\MSECache O43 - CFD: 7/7/2010 - 5:49:18 PM - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 11/10/2010 - 12:48:34 AM - [1664] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 7/14/2009 - 7:32:40 AM - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 12/3/2010 - 5:35:10 PM - [1032067] ----D- C:\Program Files (x86)\Renesas Electronics O43 - CFD: 11/10/2010 - 12:48:36 AM - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 4/15/2011 - 12:44:02 PM - [50622777] ----D- C:\Program Files (x86)\TomTom HOME 2 O43 - CFD: 4/15/2011 - 12:44:06 PM - [22486] ----D- C:\Program Files (x86)\TomTom International B.V O43 - CFD: 7/30/2011 - 5:54:58 PM - [61952049] ----D- C:\Program Files (x86)\TuneUp Utilities 2011 O43 - CFD: 7/14/2009 - 6:57:08 AM - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 8/16/2011 - 1:47:20 PM - [6817019] ----D- C:\Program Files (x86)\VS Revo Group O43 - CFD: 2/28/2011 - 10:56:02 PM - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 4/3/2011 - 6:22:26 PM - [319563075] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 3/22/2011 - 1:44:22 PM - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 11/9/2010 - 10:32:34 PM - [14028939] ----D- C:\Program Files (x86)\Windows Media Components O43 - CFD: 3/22/2011 - 1:44:20 PM - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 7/14/2009 - 7:32:40 AM - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 3/22/2011 - 1:44:20 PM - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 3/22/2011 - 1:44:20 PM - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 3/22/2011 - 1:44:22 PM - [6645165] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 3/10/2011 - 6:46:46 PM - [4146065] ----D- C:\Program Files (x86)\WinRAR O43 - CFD: 8/16/2011 - 3:13:00 PM - [4007620] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 10/13/2010 - 12:36:30 PM - [16426975] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 12/3/2010 - 5:36:22 PM - [30826314] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 2/28/2011 - 3:07:30 PM - [3217054] ----D- C:\Program Files (x86)\Common Files\Corel O43 - CFD: 2/28/2011 - 3:14:16 PM - [99136] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2/28/2011 - 6:25:48 PM - [531477] ----D- C:\Program Files (x86)\Common Files\Hewlett-Packard O43 - CFD: 2/28/2011 - 6:26:02 PM - [1804764] ----D- C:\Program Files (x86)\Common Files\HP O43 - CFD: 11/9/2010 - 11:51:30 PM - [2037602] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 12/3/2010 - 7:31:58 PM - [1243079] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 6/16/2011 - 9:23:44 PM - [146359459] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2/28/2011 - 3:08:00 PM - [1653312] ----D- C:\Program Files (x86)\Common Files\Protexis O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 7/14/2009 - 5:20:10 AM - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 11/9/2010 - 4:41:32 PM - [0] ----D- C:\Program Files (x86)\Common Files\SWF Studio O43 - CFD: 2/28/2011 - 10:56:02 PM - [10245619] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 10/28/2010 - 12:37:34 AM - [549858291] ----D- C:\Program Files (x86)\Common Files\Windows Live ~ Scan Program Folder in 00mn AMs ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.E54D5BFFBF8CC5B033C83FC3C8F06A22] - 7/20/2011 - 2:31:20 PM ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\SysNative\uxtuneup.dll [36160] O44 - LFC:[MD5.E54D5BFFBF8CC5B033C83FC3C8F06A22] - 7/20/2011 - 2:31:20 PM ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\system32\uxtuneup.dll [36160] O44 - LFC:[MD5.780B2EE264CA6F00919DFEF112EC23C7] - 7/20/2011 - 2:31:24 PM ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\SysNative\authuitu.dll [25920] O44 - LFC:[MD5.780B2EE264CA6F00919DFEF112EC23C7] - 7/20/2011 - 2:31:24 PM ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\system32\authuitu.dll [25920] O44 - LFC:[MD5.3B83FFC62B8833AA4BD78A6D7CEDE86C] - 7/20/2011 - 2:37:22 PM ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\SysNative\TURegOpt.exe [34624] O44 - LFC:[MD5.3B83FFC62B8833AA4BD78A6D7CEDE86C] - 7/20/2011 - 2:37:22 PM RSHAD . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\system32\TURegOpt.exe [34624] O44 - LFC:[MD5.00522A58B0394E540ABB213428728D6A] - 8/15/2011 - 6:16:00 PM ---A- . (...) -- C:\Ad-Report-SCAN[4].txt [5478] O44 - LFC:[MD5.53C07CAAC78A40D0EF665A72FD4D808C] - 8/15/2011 - 6:20:02 PM ---A- . (...) -- C:\Ad-Report-CLEAN[5].txt [5629] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 8/15/2011 - 6:24:29 PM ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.B23227CFFD34CBE8AADBF9A60E16E95A] - 8/16/2011 - 10:53:22 AM ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1551448] O44 - LFC:[MD5.BD19A1CBC41907474499E39C4AA166DA] - 8/16/2011 - 10:53:22 AM ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106598] O44 - LFC:[MD5.0A3D33570100E0312148C625C4571BE5] - 8/16/2011 - 10:53:22 AM ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130956] O44 - LFC:[MD5.D2D6F2F6A96CDAD8F36199F379A4446E] - 8/16/2011 - 10:53:22 AM ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616476] O44 - LFC:[MD5.225ED88E215D7062110F591F8A31A5D6] - 8/16/2011 - 10:53:22 AM ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704908] O44 - LFC:[MD5.B23227CFFD34CBE8AADBF9A60E16E95A] - 8/16/2011 - 10:53:22 AM ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1551448] O44 - LFC:[MD5.BD19A1CBC41907474499E39C4AA166DA] - 8/16/2011 - 10:53:22 AM RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106598] O44 - LFC:[MD5.0A3D33570100E0312148C625C4571BE5] - 8/16/2011 - 10:53:22 AM RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130956] O44 - LFC:[MD5.D2D6F2F6A96CDAD8F36199F379A4446E] - 8/16/2011 - 10:53:22 AM RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616476] O44 - LFC:[MD5.225ED88E215D7062110F591F8A31A5D6] - 8/16/2011 - 10:53:22 AM RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704908] O44 - LFC:[MD5.81B141B8046C25CAECDBF0A6E5B00D0E] - 8/16/2011 - 1:32:58 PM -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.401AB7D8460CDD34EE551296330B4DA3] - 8/16/2011 - 1:36:41 PM ---A- . (...) -- C:\Windows\WindowsUpdate.log [1264060] O44 - LFC:[MD5.BADE5FCA886393466C3ABE2C4D96C73E] - 8/16/2011 - 2:08:34 PM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] ~ Scan Files in 01mn AMs ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn AMs ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - hpwucli.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" O50 - IFEO:Image File Execution Options - iastorui.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" O50 - IFEO:Image File Execution Options - tomtomhome.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" O50 - IFEO:Image File Execution Options - uninstall tomtom home.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" ~ Scan IFEO in 00mn AMs ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{270f754f-b365-11e0-85d4-6c626da62744}\AutoRun\command. (...) -- I:\LaunchU3.exe (.not file.) ~ Scan Keys in 00mn AMs ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn AMs ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe O53 - SMSR:HKLM\...\startupreg\IAStorIcon [Key] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O53 - SMSR:HKLM\...\startupreg\ie9installer [Key] . (...) -- C:\Users\viot\AppData\Local\Temp\iesetup-win7-x86.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\JAVA [Key] . (...) -- C:\Windows\java.vbs O53 - SMSR:HKLM\...\startupreg\NUSB3MON [Key] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ~ Scan SMSR Keys in 00mn AMs ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn AMs ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn AMs ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ Scan Keys in 00mn AMs ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 6/10/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 7/14/2009 - 2:52:21 AM RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 6/10/2009 - 2:52:20 AM RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.E02B26650ACC2F4901342D4A66774AD7] - 12/3/2010 - 1:46:32 PM RSHAD . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [116752] O58 - SDL:[MD5.82C2B429EF87CD3C40B2355FA86E26F7] - 12/3/2010 - 5:23:44 AM RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [8123392] O58 - SDL:[MD5.53431E0ED701DE33D322E039C8A4E0BA] - 12/3/2010 - 3:16:24 AM RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [288256] O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 2/28/2011 - 10:23:48 AM RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120] O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 2/28/2011 - 1:39:11 PM RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 6/10/2009 - 9:34:23 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 7/14/2009 - 2:19:07 AM RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 6/10/2009 - 9:34:28 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 7/14/2009 - 2:52:31 AM RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 6/10/2009 - 2:47:48 AM RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 6/10/2009 - 9:34:33 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 7/14/2009 - 9:31:59 PM RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 3/22/2011 - 2:33:35 PM RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.ABBF174CB394F5C437410A788B7E404A] - 11/9/2010 - 4:51:40 AM RSHAD . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [540696] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 4/27/2011 - 7:41:26 AM RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 7/13/2009 - 2:48:04 AM RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.9C4FB231B6E02F84580DE2F00F3C5293] - 2/28/2011 - 6:52:42 PM RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 6/10/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 7/13/2009 - 2:48:26 AM RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.A7127E86F9FFE2A53E271B56B2C4CEDF] - 12/15/2010 - 7:34:00 PM RSHAD . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\system32\drivers\nusb3hub.sys [80384] O58 - SDL:[MD5.49BBEC6F48D5F9284B03ABF3A959B19B] - 12/15/2010 - 7:34:00 PM RSHAD . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\system32\drivers\nusb3xhc.sys [181248] O58 - SDL:[MD5.DD81FBC57AB9134CDDC5CE90880BFD80] - 7/13/2009 - 9:37:25 PM RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 185.93.) -- C:\Windows\system32\drivers\nvlddmkm.sys [11572512] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 6/10/2009 - 2:45:46 AM RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 7/13/2009 - 2:45:45 AM RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.20A466B9EA2BD828C0EC723F99B8CFE7] - 11/9/2010 - 10:46:50 AM RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [333928] O58 - SDL:[MD5.2FAAEA2DC2719E67FD7C0D51F9E743F7] - 11/9/2010 - 4:48:22 PM RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2395880] O58 - SDL:[MD5.4629C5C4772D223B0ECD1EA8BA7A2A33] - 11/9/2010 - 3:49:24 PM RSHAD . (.Realtek Semiconductor Corporation - Realtek RTL8192S USB NDIS Driver.) -- C:\Windows\system32\drivers\RTL8192su.sys [690208] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 7/14/2009 - 9:37:19 PM RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 6/10/2009 - 2:45:45 AM RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 7/13/2009 - 2:45:46 AM RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 7/13/2009 - 2:45:55 AM RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 7/14/2009 - 2:45:55 AM RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 6/10/2009 - 2:45:55 AM RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 8/5/2011 - 6:52:42 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272] ~ Scan Drivers in 00mn AMs ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn AMs ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 11/11/2010 - C:\Windows\system32\DRIVERS\atikmdag.sys - No object(No service) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 3/4/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 8/17/2010 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 11/29/2010 - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys - No object(No service) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV ~ Scan Services in 00mn AMs ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn AMs ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn AMs ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {4ACD0F88-37B3-4643-A8F4-953776774DB0} [DefaultScope] - (Google) - http://www.google.com'>http://www.google.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {A0807BB9-DFBC-447F-A5C2-CF2E6604FD4D} - (Yahoo! Search) - http://fr.search.yahoo.com ~ Scan Keys in 00mn AMs ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{7816CEDE-17DB-4A96-A8D1-A5D3C99473DB}" | In - None - P6 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe ~ Scan Firewall in 00mn AMs ---\\ Recherche détournement de DNS routeur (O89) Serveur : dns2.proxad.net Address: 212.27.40.241 Nom : www.l.google.com Addresses: 2a00:1450:4001:c01::68 209.85.148.99 209.85.148.103 209.85.148.106 209.85.148.104 209.85.148.147 209.85.148.105 Aliases: www.google.fr www.google.com ~ Scan DNS in 02mn AMs ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 12/3/2010 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SR - | Auto 2/28/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 2/28/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SS - | Auto 2/28/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 2/28/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 2/28/2011 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Disabled 11/9/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 2/28/2011 185632 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe SS - | Disabled 4/15/2011 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 7/30/2011 2027840 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe SR - | Auto 7/14/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe SR - | Auto 7/14/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 02mn AMs ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by viot at 8/16/2011 3:13:16 PM device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ~ Scan MBR in 04mn AMs ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by viot at 8/16/2011 3:13:18 PM ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 06mn AMs End of the scan (974 lines in 24mn AMs)(0) (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\viot\AppData\Roaming\Mozilla\FireFox\Profiles\k9wy89xu.default\Prefs.js -- Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1423356/1419011/FR", "\"0\"... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3031777&octid=... Ligne supprimée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\viot\\AppData\\Roaming\\Mozilla\\Fi... Ligne supprimée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10"); Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "e2951d76-9ad7-4e3d-8668-4f1dcd27257c"); Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 15 2011 19:25:2... Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Aug 15 2011 19:25:32 GMT+020... Ligne supprimée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 15 2011 19:25:24 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); Ligne supprimée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.notifications.userId", "2ed2ebbc-3df1-49c2-b186-6f2c269d3a0c"); -- Fichier Fermé -- ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 -- C:\Users\viot\AppData\Roaming\Mozilla\FireFox\Profiles\k9wy89xu.default -- Extensions\{7e052274-e593-4ed8-963c-3dd661d917b1} (Softonic.France_ Community Toolbar) Searchplugins\googlecomtr.xml (?) Prefs.js - browser.download.lastDir, C:\\Users\\viot\\Documents\\Mes préférés Prefs.js - browser.search.defaultenginename, Yahoo Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://www.hotmail.com/ Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{7e052274-e593-4ed8-963c-3dd661d917b1} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKCU_Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - "eBay.fr" (C:\Program Files\Internet Explorer\Custom\eBay.ico) HKLM_Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - "eBay.fr" (C:\Program Files\Internet Explorer\Custom\eBay.ico) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 21 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 36 Fichier(s) C:\Ad-Report-CLEAN[5].txt - 15/08/2011 19:19:23 (5629 Octet(s)) C:\Ad-Report-CLEAN[6].txt - 16/08/2011 14:02:30 (5594 Octet(s)) C:\Ad-Report-SCAN[4].txt - 15/08/2011 19:14:45 (5478 Octet(s)) Fin à: 14:03:06, 16/08/2011 ============== E.O.F ==============

Bonjour, j'ai mon voisin qui est sous win 7 familiale premium pck 1 - PC (MEDIONPC MS-7708) logiciels : antivir - malwarebytes - ccleaner - tunep utilities qui me dit qu'il est infecté par search setting. j'ai téléchargé AD REMOVER, mais toujours impossible de se connecter à hotmail " message impossible de vous connecter essayé plus tard" , j'ai voulu faire une restauration en mode sans échec message code erreur. il avait une redirection de sa page d'accueil sous mozilla 5 Ci dessous rapport de ad remover sans le dossier clean que j'ai omis de me l'envoyer. ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [4]) -> Lancé à 19:14:39 le 15/08/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) viot@VIOT-PC (MEDIONPC MS-7708) ============== RECHERCHE ============== -- Fichier ouvert: C:\Users\viot\AppData\Roaming\Mozilla\FireFox\Profiles\k9wy89xu.default\Prefs.js -- Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1423356/1419011/FR", "\"0\"... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3031777&octid=... Ligne trouvée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\viot\\AppData\\Roaming\\Mozilla\\Fi... Ligne trouvée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10"); Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 15 2011 18:57:3... Ligne trouvée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Ligne trouvée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Aug 15 2011 18:57:44 GMT+020... Ligne trouvée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 15 2011 18:57:36 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); Ligne trouvée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne trouvée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne trouvée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne trouvée: user_pref("CommunityToolbar.notifications.userId", "6d95b867-8acc-499e-8d05-f624e11a37d0"); -- Fichier Fermé -- ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 -- C:\Users\viot\AppData\Roaming\Mozilla\FireFox\Profiles\k9wy89xu.default -- Extensions\{7e052274-e593-4ed8-963c-3dd661d917b1} (Softonic.France_ Community Toolbar) Searchplugins\googlecomtr.xml (?) Prefs.js - browser.download.lastDir, C:\\Users\\viot\\Documents\\Mes préférés Prefs.js - browser.search.defaultenginename, Yahoo Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://www.hotmail.com/ Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{7e052274-e593-4ed8-963c-3dd661d917b1} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKCU_Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - "eBay.fr" (C:\Program Files\Internet Explorer\Custom\eBay.ico) HKLM_Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - "eBay.fr" (C:\Program Files\Internet Explorer\Custom\eBay.ico) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 21 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 21 Fichier(s) C:\Ad-Report-SCAN[4].txt - 15/08/2011 19:14:45 (5340 Octet(s)) Fin à: 19:15:15, 15/08/2011 ============== E.O.F ==============

Bonsoir, impossible de cocher toujours effectuer cette action pour ce type de fichier ( grisé). Lors de lecture d'une pièce jointe sous mozilla 4. windows xp - même si je vais dans option application. j'arrive quand même a ouvrir les fichiers pps ou zip ou doc .

Bonjour, j'ai voulu installé une mise à jour du pilote via mes drivers.com, mais cela m'a causé plus de problème. Ecran totalement parasité, scintillement sur tout l'écran. Restauration en mode sans échec. Je ne touche plus à rien.

Bonjour, j'ai décidé de changer ma carte graphique qui est : ATI radeon 9600 256 mo pour un carte 512 mo. Ma config est carte mère K8/M1689D - ALi corporation AGP8X controller - processeur AMD ATLON 64 3500+ Socket 939(@0.13 um) 2200 Mhz. Raison du changement à chaque démarrage de win 7 j'ai une barre horizontale "parasite". J'ai changé l'écran, rien à faire, j'ai changé l'alimentation toujours des parasites. Il me reste plus que la carte graphique je suppose ? Votre avis pour cet achat de carte graphique: SAPPHIRE Carte graphique SAPPHIRE HD3450-512-AGP ( 11160-01 ) - Radeon HD3450 - 512 Mo - AGP Merci

c'est fait merci de ton aide. Je passe en résolu.

merci je désinstalle ad remover et installe la maj de java. merci

Bonjour Apollo, ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:04:43 le 03/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) moreau@YOUR-939BDAEA55 ( ) ============== RECHERCHE ============== Dossier trouvé: C:\Program Files\Windows Searchqu Toolbar Dossier trouvé: C:\Documents and Settings\moreau\Application Data\Bandoo Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Bandoo Dossier trouvé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Bandoo Dossier trouvé: C:\Documents and Settings\moreau\Application Data\SearchquTB Clé trouvée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070} Clé trouvée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5} Clé trouvée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217} Clé trouvée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F} Clé trouvée: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} Clé trouvée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Clé trouvée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62} Clé trouvée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531} Clé trouvée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8} Clé trouvée: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92} Clé trouvée: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B} Clé trouvée: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} Clé trouvée: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} Clé trouvée: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} Clé trouvée: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A} Clé trouvée: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690} Clé trouvée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7} Clé trouvée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB} Clé trouvée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101} Clé trouvée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1} Clé trouvée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44} Clé trouvée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Clé trouvée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Clé trouvée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Clé trouvée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417} Clé trouvée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Clé trouvée: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690} Clé trouvée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786} Clé trouvée: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B} Clé trouvée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator Clé trouvée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI Clé trouvée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult Clé trouvée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1 Clé trouvée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier Clé trouvée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1 Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore.1 Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1 Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr.1 Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr.1 Clé trouvée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin Clé trouvée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1 Clé trouvée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl Clé trouvée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1 Clé trouvée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl Clé trouvée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1 Clé trouvée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE Clé trouvée: HKLM\Software\Classes\AppID\BandooCore.EXE Clé trouvée: HKLM\Software\SearchquMediabarTb Clé trouvée: HKLM\Software\bandoo Clé trouvée: HKLM\Software\DataMngr Clé trouvée: HKCU\Software\searchqutb Clé trouvée: HKCU\Software\DataMngr Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bandoo Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.14 (fr)] **** HKLM_Extensions|{BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\ HKLM_Extensions|{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\ -- C:\Documents and Settings\moreau\Application Data\Mozilla\FireFox\Profiles\heis6ar3.default -- Prefs.js - browser.startup.homepage, hxxp://www.orange.fr/ Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.14 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|SearchMigratedDefaultURL - hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKCU_Main|Search bar - hxxp://www.google.com/ie HKCU_Main|Search Page - hxxp://www.google.com HKCU_Main|Start Page - hxxp://www.orange.fr/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}) HKLM_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}) HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x) HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files\Bandoo\BndCore.exe (x) HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files\Bandoo\ExtensionsManager.exe (x) HKLM_ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\uninstall.exe (Discordia Ltd.) HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files\Bandoo\Bandoo.exe (x) HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files\Bandoo\BandooUI.exe (x) HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{5CA3D70E-1895-11CF-8E15-001234567890} - "DriveLetterAccess" (C:\WINDOWS\System32\DLA\DLASHX_W.DLL) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 03/03/2011 14:05:06 (8195 Octet(s)) Fin à: 14:06:05, 03/03/2011 ============== E.O.F ============== 2ème rapport ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:15:08 le 03/03/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) moreau@YOUR-939BDAEA55 ( ) ============== ACTION(S) ============== Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar Dossier supprimé: C:\Documents and Settings\moreau\Application Data\Bandoo Dossier supprimé: C:\Documents and Settings\All Users\Application Data\Bandoo Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Bandoo Dossier supprimé: C:\Documents and Settings\moreau\Application Data\SearchquTB (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070} Clé supprimée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5} Clé supprimée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217} Clé supprimée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F} Clé supprimée: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Clé supprimée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62} Clé supprimée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531} Clé supprimée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8} Clé supprimée: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92} Clé supprimée: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B} Clé supprimée: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} Clé supprimée: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} Clé supprimée: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} Clé supprimée: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A} Clé supprimée: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690} Clé supprimée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7} Clé supprimée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB} Clé supprimée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101} Clé supprimée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1} Clé supprimée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44} Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Clé supprimée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Clé supprimée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Clé supprimée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417} Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Clé supprimée: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690} Clé supprimée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786} Clé supprimée: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B} Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1 Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1 Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1 Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1 Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1 Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1 Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1 Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1 Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1 Clé supprimée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE Clé supprimée: HKLM\Software\SearchquMediabarTb Clé supprimée: HKLM\Software\bandoo Clé supprimée: HKLM\Software\DataMngr Clé supprimée: HKCU\Software\searchqutb Clé supprimée: HKCU\Software\DataMngr Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bandoo Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.14 (fr)] **** HKLM_Extensions|{BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\ HKLM_Extensions|{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\ -- C:\Documents and Settings\moreau\Application Data\Mozilla\FireFox\Profiles\heis6ar3.default -- Prefs.js - browser.startup.homepage, hxxp://www.orange.fr/ Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.14 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x) HKLM_ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\uninstall.exe (x) HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) BHO\{5CA3D70E-1895-11CF-8E15-001234567890} - "DriveLetterAccess" (C:\WINDOWS\System32\DLA\DLASHX_W.DLL) ======================================== C:\Program Files\Ad-Remover\Quarantine: 479 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 03/03/2011 14:15:13 (8154 Octet(s)) C:\Ad-Report-SCAN[1].txt - 03/03/2011 14:05:06 (9190 Octet(s)) C:\Ad-Report-SCAN[2].txt - 03/03/2011 14:13:46 (9254 Octet(s)) Fin à: 14:16:11, 03/03/2011 ============== E.O.F ==============

Bonjour, je suis sous portable toshiba win xp mozilla norton internet security. ccleaner et malwarebytes' C'est le pc d'un ami qui a été infecté par adware.bandoo et pum.disabled.securitycenter tro uvé par malwarebytes. J'ai fait un hijackthis et fixé les lignes qui contenait tout ce qui est en rapport à bandoo. Mais je ne suis pas un spécialiste de hijackthis aussi je vous joint le log hijacthis ci-dessous pour plus de sécurité. Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:03:54, on 03/03/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\Toshiba.exe C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\moreau\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang FR O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 7792 bytes

Bonjour bernard53, Désolé pour ma réponse tardive. Je suppose que je dois passer en mode grand administrateur d'après le lien Activer le compte Grand Administrateur dans Windows 7 | Forum-Seven pour lancer hijackthis. merci de ton aide je passe en résolu.

bonjour, merci, je touche à rien. Je verrai du côté des pilotes. As tu une idée sur le message d'hijackthis en anglais.

bonjour, Je suis sous win 7 64 - antivir free - malwarebyte -ccleaner - et tuner utilities - spyware blaster - Je joint un log Hijacthis ci dessous ; mon pc est lent l'ouverture des logiciels est très long particulièrement itunes v10 ,bien que j'ai désinstallé et réinstallé. j'ai beaucoup ligne code 023 dans le loghijackthis qui me semblent bizarre. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:34:47, on 25/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 21165 bytes Merci j'ai ce message lorsque j'ai voulu lancer Hijackthis : For some reason your system denied write access to the hosts file. If any hijacked domains are in this file, Hijackthis may NOT be able to fix this. If that happens, you need to edit the file yourself.To do this, click start, Run and type : notepac c:\windows\system32\drivers\etc\hots and press Enter.Find the line(s) Hijackthis reports ans delete them. save the file as 'hosts'.( with quotes), and reboot. For Vista : simply, exit Hijackthis, right click on the Hijackthis icon, choose 'Run as adminsitrator'.

Bonjour, regarde ce lien http://forum.zebulon.fr/je-narrive-pas-a-installer-itunes-t112822.html voir le message de Ticlou.

Bonjour, J'ai désactiver le service par services.msc plus de problème. Même dans le pluging de mozilla il est désactivé. merci je passe en résolu.

Rien de changé en faisant le fix , les lignes sont toujours présentes lors du démarrage ainsi que sous le scan de hijackthis. Je vais laisser comme cela. Je ne pense pas que cela aura une conséquence sur la connexion de mozilla. Merci

J'ai fait une nouvelle recherche avec regseeker, j'ai supprimer tout ce qui concerne "fujifilm", puis redémarrer le pc; cette fois erreur le service coachcap n'a pa pu démarrer... Idem recherche regseeker et supprimer. Plus de problème . Sauf service google.

Bonjour, J'ai fix checked les 03 toolbar. Je n'ai pas d'imprimante canon, je peux fix checked aussi les 08 qui font référence à cette imprimante. je vois à 023 : O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\mes programmes\Google\Common\Google Updater\GoogleUpdaterService.exe c'est peut-être une de ces 2 lignes à fix checked qui pose le problème : ID 7009 - Délai (30000 millisecondes) d'attente pour une connexion du service Service Google Update (gupdate). ID -7000 - Le service Service Google Update (gupdate) n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle. j'ai trouvé cette clef dans hklm HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\CDS\Software\0 Programitem 0200 type reg_sz données [fujifilm ex-10/ex-20 memory browser twain driver v1.00] 0x00000000 Ton avis à supprimer toutes ces clefs concerne la désinstallation de programmes? Merci

Bonjour TICLOU, c'est un pc que j'ai récupéré. rapport hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:57:59, on 13/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\mes programmes\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe D:\mes programmes\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE D:\mes programmes\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing : R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\mes programmes\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\mes programmes\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\mes programmes\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] "D:\mes programmes\Alwil Software\Avast5\avastUI.exe" /nogui O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\mes programmes\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\mes programmes\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - D:\mes programmes\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - D:\mes programmes\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - D:\mes programmes\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\mes programmes\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 8393 bytes

Bonjour, J'ai dans l'observateur d'évènements dans "système" à chaque démarrage le problème suivant : utilisateur N/A - Service control manager - ID 7009 - Délai (30000 millisecondes) d'attente pour une connexion du service Service Google Update (gupdate). ID -7000 - Le service Service Google Update (gupdate) n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle. ID 7000 - Le service FUJIFILM EX-10/EX-20 PC V1.00 n'a pas pu démarrer en raison de l'erreur : Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé. j'ai fait des recherches, mais cela ne correspond pas à mon problème. Si vous avez une solution pour corriger ces problèmes. merci