dido

bonjour, effectivement, je suis connecté en tant qu'administrateur. j'ai effectué toutes les manipulations mais rien à faire toujour le souci. sous ie7 le test de java sur java.com echoue. merci pour votre aide

bonjour, désolé pour ma réponse trés tardive pour installer java j'ai désinstaller la précédente en passant par le panneau de configuration : ajout/suppression d'un programme. et j'ai télécharger sur le site de java.com la derniére version pour une installation hors ligne. sous ie7 ca marche pas le test sur le site de java par contre sur firefox2 et opera ca marche. sachant que je suis déjas aller voir sur les modules complémentaires de ie7 que java était activer et sur l'onglet sécurité personnaliser le niveau j'ai les applet java activé aussi. et lorsque j'ai fait le test en désactivant l'UAC de vista et bien le java se lance dans ie7. merci pour votre aide

Bonjour, je voudrai réaliser un point sur mon problème concernant les pages de pubs qui se lançaient dans les navigateurs web. en suivant les conseils de Gof : désinstalation de l'ancienne version de java (1.6) et réinstallation de la nouvelle (1.6 build 2) et en optant pour l'excellente extension de firefox adblock plus, les pubs ne se montrent pas jusqu'au maintenant. encore un grand merci pour tous ceux qui m'ont aidé dans ce formidable forum. remarque : en dehors du problème des pubs, je rencontre actuellement un petit souci avec la nouvelle java que j'ai installé. en effet, elle ne veut pas se lancer dans le navigateur Ie7 mais elle marche très bien sous firefox et opera. pour que ça marche sous ie7 il faut que désactive le UAC de vista. bon ce n'est pas un problème très important mais si quelqu'un a une idée, elle est la bienvenue. encore une fois merci pour tous

bonjour, merci Gof pour tous les conseils . je pense que la première chose à faire est de désinstaller la dernière version de java comme l'a suggéré Breathe qui n'est pas à jour chez moi. sinon j'ai effectué le test en affichant le site que je t'ai envoyé par MP avec opéra est le résultat étais le même que firefox mais j'ai profité pour demander à opera d'arrêter l'affichage du script. le résultat étais plutôt satisfaisant jusqu'à maintenant. je pense que je vais essayé les modules complémentaires que tu m'a donné avec firefox. je te tiendrai au courant de l'affichage des pubs. salutations et merci encore une fois

bonjour, actuellement elles ne se lancent pas au démarrage du navigateur mais après un certain temps je les vois sous firefox essentiellement (parce que c'est lui que j'utilise le plus souvent). sinon il y a un site que je crois qu'il est la cause puisque à chaque fois que je l'ouvre il y a la pub qui apparait. salutations et merci

Bonjour, non ils sont le retour de hijackthis. je n'ai pas commis aucune erreur pour copier-coller. mais à mon avis au début, j'avais ca parce que je lançais hijackthis en mode sans échec et après j'ai commencé à le lancer sans passer par ce mode. Edit : je viens juste d'etre envahi par le site drivecleaner encore une fois et toujours mcafee ne détecte rien salutations

salut Gof, Oui c'est vrai vista pose certains problèmes avec quelques outils d'éradication de malware. par exemple, avec l'excellent gmer que je l'ai utilisé sous le conseil de Brucelee mais il a fait planté ma machine. donc, c'est vrai tous n'est pas compatible avec elle. merci pour tous ton aide

salut, j'ai effectué la manipulation qu'est ce que vous en pensez des résulats? merci pour votre aide

Re, merci à toi pour ton aide voila le contenu du fichier ouvert après la manipulation : Effectué le 08/07/2007 à 21:01:58,71. Le volume dans le lecteur C s'appelle OS Le numéro de série du volume est 2C78-F3D6 Répertoire de C:\Program Files\Java\jre1.6.0\lib\cmm 04/06/2007 14:18 51 236 CIEXYZ.pf 04/06/2007 14:18 632 GRAY.pf 04/06/2007 14:18 1 044 LINEAR_RGB.pf 04/06/2007 14:18 274 474 PYCC.pf 04/06/2007 14:18 3 144 sRGB.pf 5 fichier(s) 330 530 octets Le volume dans le lecteur C s'appelle OS Le numéro de série du volume est 2C78-F3D6 Le volume dans le lecteur C s'appelle OS Le numéro de série du volume est 2C78-F3D6 Répertoire de C:\Boot 13/11/2006 10:42 65 536 bootstat.dat 1 fichier(s) 65 536 octets Répertoire de C:\Deckard\System Scanner\backup\Windows\temp\Cookies 03/07/2007 17:42 16 384 index.dat 1 fichier(s) 16 384 octets Répertoire de C:\Deckard\System Scanner\backup\Windows\temp\Fichiers Internet temporaires\Content.IE5 03/07/2007 17:42 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Deckard\System Scanner\backup\Windows\temp\History\History.IE5 03/07/2007 17:42 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Drivers\video\R138605\B_37825 25/10/2006 06:29 3 107 788 atiumdva.dat 1 fichier(s) 3 107 788 octets Répertoire de C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\en 09/08/2006 23:03 2 018 HelpViewerStrings.dat 1 fichier(s) 2 018 octets Répertoire de C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\fr 09/08/2006 23:03 2 286 HelpViewerStrings.dat 1 fichier(s) 2 286 octets Répertoire de C:\Program Files\Common Files\Adobe\TypeSpt\Unicode\ICU 01/06/2004 09:36 214 512 icudt26l.dat 1 fichier(s) 214 512 octets Répertoire de C:\Program Files\Common Files\microsoft shared\MODI\12.0 14/06/2002 06:34 289 926 ENGDIC.DAT 14/06/2002 06:34 34 168 ENGIDX.DAT 14/06/2002 06:34 18 844 JFONT.DAT 14/06/2002 06:34 65 536 LOOKUP.DAT 14/06/2002 06:34 53 260 OCRHC.DAT 14/06/2002 06:34 40 972 OCRVC.DAT 6 fichier(s) 502 706 octets Répertoire de C:\Program Files\Google\Google Desktop Search 04/06/2007 14:35 4 999 topic_sites.dat 1 fichier(s) 4 999 octets Répertoire de C:\Program Files\K-Lite Codec Pack 07/07/2007 16:07 338 201 unins000.dat 1 fichier(s) 338 201 octets Répertoire de C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem 16/02/2007 10:54 21 784 CFUniCharPropertyDatabase.data 1 fichier(s) 21 784 octets Répertoire de C:\Program Files\K-Lite Codec Pack\Real 07/06/2002 02:23 480 keys.dat 1 fichier(s) 480 octets Répertoire de C:\Program Files\K-Lite Codec Pack\tools\gspot 19/02/2007 16:28 117 974 GSpot27.dat 1 fichier(s) 117 974 octets Répertoire de C:\Program Files\Lavalys\EVEREST Ultimate Edition 05/04/2007 00:00 538 948 everest.dat 14/06/2007 20:59 7 914 unins000.dat 2 fichier(s) 546 862 octets Répertoire de C:\Program Files\McAfee\MPF\data 18/07/2006 15:42 424 mpfuicfg.dat 16/03/2007 11:14 103 270 twerp.dat 2 fichier(s) 103 694 octets Répertoire de C:\Program Files\McAfee\MPS 24/01/2007 00:57 202 171 loc_en.dat 24/01/2007 00:57 927 932 loc_jp.dat 24/01/2007 00:57 15 360 mcstdb.dat 28/03/2006 10:24 216 mpsusrui.dat 4 fichier(s) 1 145 679 octets Répertoire de C:\Program Files\McAfee\MQC 15/05/2006 18:00 209 qcconf.dat 1 fichier(s) 209 octets Répertoire de C:\Program Files\McAfee\MSC 12/01/2007 12:57 123 497 mcscindx.dat 22/01/2007 06:43 12 767 mscuicfg.dat 13/03/2007 09:28 11 902 nmcuicfg.dat 22/01/2007 06:45 11 849 oemcfg.dat 4 fichier(s) 160 015 octets Répertoire de C:\Program Files\McAfee\MSC\oem\105-192 31/01/2007 19:05 10 596 oemcfg.dat 1 fichier(s) 10 596 octets Répertoire de C:\Program Files\McAfee\MSK 31/03/2006 13:59 265 mskuicfg.dat 1 fichier(s) 265 octets Répertoire de C:\Program Files\McAfee\VirusScan 14/06/2006 19:15 5 067 config.dat 26/01/2007 02:01 3 375 mvsuicfg.dat 2 fichier(s) 8 442 octets Répertoire de C:\Program Files\McAfee\VirusScan\DAT\5069.0 07/07/2007 12:04 265 445 avvclean.dat 07/07/2007 12:04 219 901 avvnames.dat 07/07/2007 12:04 7 615 349 avvscan.dat 3 fichier(s) 8 100 695 octets Répertoire de C:\Program Files\Microsoft Office\Microsoft Office Outlook SMS Add-in\Settings 14/12/2006 11:17 25 214 mosa.dat 1 fichier(s) 25 214 octets Répertoire de C:\Program Files\Microsoft Office\Office12 03/04/2007 15:59 3 614 088 OUTLFLTR.DAT 1 fichier(s) 3 614 088 octets Répertoire de C:\Program Files\Microsoft Office\Office12\1036 26/06/2006 17:13 95 232 OUTFORM.DAT 13/01/2006 03:05 930 418 PSRCHKEY.DAT 23/12/2005 00:44 20 870 170 PSRCHLEX.DAT 19/04/2005 22:56 46 408 PSRCHLTS.DAT 19/04/2005 22:56 2 064 PSRCHPHN.DAT 27/12/2005 05:14 2 224 770 PSRCHSRN.DAT 6 fichier(s) 24 169 062 octets Répertoire de C:\Program Files\Roxio\VideoUI 9\AET 20/09/2006 00:47 624 640 AET.dat 1 fichier(s) 624 640 octets Répertoire de C:\Program Files\Shareaza\Data 31/01/2007 20:38 793 AdultFilter.dat 05/02/2007 02:08 1 177 DefaultServers.dat 05/02/2007 02:08 2 430 DefaultServices.dat 05/02/2007 02:08 291 MessageFilter.dat 31/01/2007 20:45 215 292 WorldGPS.dat 5 fichier(s) 219 983 octets Répertoire de C:\Program Files\Shareaza\Uninstall 16/06/2007 19:08 45 022 unins000.dat 1 fichier(s) 45 022 octets Répertoire de C:\Program Files\TuneUp Utilities 2007 11/06/2007 21:39 445 TUProduct.dat 1 fichier(s) 445 octets Répertoire de C:\Program Files\TuneUp Utilities 2007\Data 27/04/2007 00:11 66 056 ProductInfo.dat 27/04/2007 00:11 2 600 TUDiskCleaner.dat 2 fichier(s) 68 656 octets Répertoire de C:\Program Files\Winamp\Plugins 15/09/2005 19:25 1 029 vis_avs.dat 1 fichier(s) 1 029 octets Répertoire de C:\Program Files\Windows Mail 13/06/2007 19:15 2 414 472 OESpamFilter.dat 1 fichier(s) 2 414 472 octets Répertoire de C:\Program Files\WinRAR 09/06/2007 11:37 20 rarnew.dat 09/06/2007 11:37 22 zipnew.dat 2 fichier(s) 42 octets Répertoire de C:\Program Files\Xi\NetXfer 25/06/2007 23:11 9 523 unins000.dat 1 fichier(s) 9 523 octets Répertoire de C:\Program Files\Yamicsoft\Vista Manager 17/06/2007 23:43 1 031 AutoRun.dat 04/07/2007 17:45 2 710 LastUninstall.dat 2 fichier(s) 3 741 octets Répertoire de C:\Program Files\Zoom Player\Cache 07/07/2007 16:10 4 534 filters.data 1 fichier(s) 4 534 octets Répertoire de C:\ProgramData\Adobe\Acrobat 3D Toolkit 17/06/2007 23:27 0 pictures.dat 1 fichier(s) 0 octets Répertoire de C:\ProgramData\FLEXnet 18/06/2007 00:13 30 167 adobe_00080000_tsf.data 1 fichier(s) 30 167 octets Répertoire de C:\ProgramData\Google\Toolbar Dictionary 07/06/2007 20:57 182 441 googledict_en2fr.dat 04/06/2007 14:36 37 697 googledict_en2fr_small.dat 2 fichier(s) 220 138 octets Répertoire de C:\ProgramData\McAfee\MPF\data 08/07/2007 01:44 1 924 History.dat 07/06/2007 20:31 4 320 OEM.dat 04/07/2007 18:38 135 traffic.dat 3 fichier(s) 6 379 octets Répertoire de C:\ProgramData\McAfee\MPS 08/07/2007 01:44 33 792 mcdndb.dat 1 fichier(s) 33 792 octets Répertoire de C:\ProgramData\McAfee\MSC 07/07/2007 22:33 3 196 McConfig.dat 06/07/2007 21:23 3 319 McSubDB.Dat 04/06/2007 14:34 2 048 McUsers.dat 3 fichier(s) 8 563 octets Répertoire de C:\ProgramData\McAfee\MSC\Logs 08/07/2007 13:44 66 560 Events.dat 07/06/2007 22:06 68 608 Settings.dat 2 fichier(s) 135 168 octets Répertoire de C:\ProgramData\McAfee\MSK 13/07/2006 20:10 5 120 APH.dat 04/06/2007 14:43 3 072 MSKWMDB.dat 07/06/2007 22:41 123 904 RBLDB.dat 30/06/2007 21:22 3 072 settingsdb.dat 4 fichier(s) 135 168 octets Répertoire de C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys 04/06/2007 22:02 8 capilock.dat 1 fichier(s) 8 octets Répertoire de C:\ProgramData\Microsoft\OFFICE\DATA 24/06/2007 01:13 8 280 opa12.dat 1 fichier(s) 8 280 octets Répertoire de C:\ProgramData\Microsoft\RAC\PublishedData 08/07/2007 00:50 10 488 PublishedRacMonAFLTable.DAT 08/07/2007 00:50 0 PublishedRacMonCLKTable.DAT 08/07/2007 00:50 0 PublishedRacMonHFLTable.DAT 08/07/2007 00:50 744 PublishedRacMonIndex.DAT 08/07/2007 00:50 828 PublishedRacMonOSFTable.DAT 08/07/2007 00:50 57 652 PublishedRacMonSWITable.DAT 6 fichier(s) 69 712 octets Répertoire de C:\ProgramData\Microsoft\User Account Pictures 02/11/2006 15:03 0 Administrator.dat 07/06/2007 20:36 0 etoo.dat 26/06/2007 17:25 0 Invité.dat 07/06/2007 20:40 0 kenpachi.dat 4 fichier(s) 0 octets Répertoire de C:\ProgramData\Microsoft\Works 07/06/2007 22:28 16 384 wkcalcat.dat 1 fichier(s) 16 384 octets Répertoire de C:\ProgramData\Roxio\VideoWave9\Plugins 05/11/2006 12:45 4 761 600 AllEffects.dat 05/11/2006 12:45 1 992 192 ItemThumbnails.dat 20/09/2006 00:51 4 713 984 TransitionStyles.dat 3 fichier(s) 11 467 776 octets Répertoire de C:\ProgramData\Sonic 04/06/2007 14:32 1 294 sarlicense9.dat 1 fichier(s) 1 294 octets Répertoire de C:\Users\All Users\Adobe\Acrobat 3D Toolkit 17/06/2007 23:27 0 pictures.dat 1 fichier(s) 0 octets Répertoire de C:\Users\All Users\FLEXnet 18/06/2007 00:13 30 167 adobe_00080000_tsf.data 1 fichier(s) 30 167 octets Répertoire de C:\Users\All Users\Google\Toolbar Dictionary 07/06/2007 20:57 182 441 googledict_en2fr.dat 04/06/2007 14:36 37 697 googledict_en2fr_small.dat 2 fichier(s) 220 138 octets Répertoire de C:\Users\All Users\McAfee\MPF\data 08/07/2007 01:44 1 924 History.dat 07/06/2007 20:31 4 320 OEM.dat 04/07/2007 18:38 135 traffic.dat 3 fichier(s) 6 379 octets Répertoire de C:\Users\All Users\McAfee\MPS 08/07/2007 01:44 33 792 mcdndb.dat 1 fichier(s) 33 792 octets Répertoire de C:\Users\All Users\McAfee\MSC 07/07/2007 22:33 3 196 McConfig.dat 06/07/2007 21:23 3 319 McSubDB.Dat 04/06/2007 14:34 2 048 McUsers.dat 3 fichier(s) 8 563 octets Répertoire de C:\Users\All Users\McAfee\MSC\Logs 08/07/2007 13:44 66 560 Events.dat 07/06/2007 22:06 68 608 Settings.dat 2 fichier(s) 135 168 octets Répertoire de C:\Users\All Users\McAfee\MSK 13/07/2006 20:10 5 120 APH.dat 04/06/2007 14:43 3 072 MSKWMDB.dat 07/06/2007 22:41 123 904 RBLDB.dat 30/06/2007 21:22 3 072 settingsdb.dat 4 fichier(s) 135 168 octets Répertoire de C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys 04/06/2007 22:02 8 capilock.dat 1 fichier(s) 8 octets Répertoire de C:\Users\All Users\Microsoft\OFFICE\DATA 24/06/2007 01:13 8 280 opa12.dat 1 fichier(s) 8 280 octets Répertoire de C:\Users\All Users\Microsoft\RAC\PublishedData 08/07/2007 00:50 10 488 PublishedRacMonAFLTable.DAT 08/07/2007 00:50 0 PublishedRacMonCLKTable.DAT 08/07/2007 00:50 0 PublishedRacMonHFLTable.DAT 08/07/2007 00:50 744 PublishedRacMonIndex.DAT 08/07/2007 00:50 828 PublishedRacMonOSFTable.DAT 08/07/2007 00:50 57 652 PublishedRacMonSWITable.DAT 6 fichier(s) 69 712 octets Répertoire de C:\Users\All Users\Microsoft\User Account Pictures 02/11/2006 15:03 0 Administrator.dat 07/06/2007 20:36 0 etoo.dat 26/06/2007 17:25 0 Invité.dat 07/06/2007 20:40 0 kenpachi.dat 4 fichier(s) 0 octets Répertoire de C:\Users\All Users\Microsoft\Works 07/06/2007 22:28 16 384 wkcalcat.dat 1 fichier(s) 16 384 octets Répertoire de C:\Users\All Users\Roxio\VideoWave9\Plugins 05/11/2006 12:45 4 761 600 AllEffects.dat 05/11/2006 12:45 1 992 192 ItemThumbnails.dat 20/09/2006 00:51 4 713 984 TransitionStyles.dat 3 fichier(s) 11 467 776 octets Répertoire de C:\Users\All Users\Sonic 04/06/2007 14:32 1 294 sarlicense9.dat 1 fichier(s) 1 294 octets Répertoire de C:\Users\Default 28/06/2007 01:08 262 144 NTUSER.DAT 1 fichier(s) 262 144 octets Répertoire de C:\Users\Default\AppData\Local\Microsoft\Windows\History\History.IE5 11/06/2007 00:27 16 384 index.dat 1 fichier(s) 16 384 octets Répertoire de C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 11/06/2007 00:27 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies 11/06/2007 00:27 16 384 index.dat 1 fichier(s) 16 384 octets Répertoire de C:\Users\Invité 07/07/2007 23:17 786 432 ntuser.dat 1 fichier(s) 786 432 octets Répertoire de C:\Users\Invité\AppData\Local 26/06/2007 17:27 117 304 GDIPFONTCACHEV1.DAT 1 fichier(s) 117 304 octets Répertoire de C:\Users\Invité\AppData\Local\Microsoft\Feeds Cache 26/06/2007 17:26 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\Invité\AppData\Local\Microsoft\Internet Explorer 26/06/2007 17:28 16 384 MSIMGSIZ.DAT 1 fichier(s) 16 384 octets Répertoire de C:\Users\Invité\AppData\Local\Microsoft\Windows 07/07/2007 23:17 2 621 440 UsrClass.dat 1 fichier(s) 2 621 440 octets Répertoire de C:\Users\Invité\AppData\Local\Microsoft\Windows\History\History.IE5 26/06/2007 17:28 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\Invité\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007062620070627 26/06/2007 17:28 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\Invité\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 26/06/2007 17:27 49 152 index.dat 1 fichier(s) 49 152 octets Répertoire de C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Cookies 26/06/2007 17:26 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi 08/07/2007 21:02 2 883 584 NTUSER.DAT 07/07/2007 15:58 2 883 584 ntuser.dat_previous 04/07/2007 18:15 2 621 440 NTUSER.DAT_BAK_90392 3 fichier(s) 8 388 608 octets Répertoire de C:\Users\kenpachi\AppData\Local 18/06/2007 00:20 117 304 GDIPFONTCACHEV1.DAT 1 fichier(s) 117 304 octets Répertoire de C:\Users\kenpachi\AppData\Local\Adobe\Updater5 06/07/2007 11:39 405 AdobeUpdaterPrefs.dat 1 fichier(s) 405 octets Répertoire de C:\Users\kenpachi\AppData\Local\eMule\config 26/06/2007 16:13 2 AC_BootstrapIPs.dat 16/06/2007 23:18 2 AC_IPFilterUpdateURLs.dat 26/06/2007 16:13 54 AC_SearchStrings.dat 26/06/2007 16:13 2 AC_ServerMetURLs.dat 05/05/2005 22:42 0 addresses.dat 16/06/2007 23:08 365 cryptkey.dat 26/06/2007 16:13 61 preferences.dat 26/06/2007 16:13 156 shareddir.dat 21/10/2002 17:42 284 staticservers.dat 08/05/2005 15:31 693 webservices.dat 10 fichier(s) 1 619 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\eHome\Art Cache 07/07/2007 16:42 24 062 UrlToCoverArt.dat 1 fichier(s) 24 062 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Feeds Cache 08/07/2007 01:43 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\FORMS 11/06/2007 19:47 232 164 FRMCACHE.DAT 1 fichier(s) 232 164 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Internet Explorer 07/06/2007 20:44 16 384 MSIMGSIZ.DAT 1 fichier(s) 16 384 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Messenger 08/07/2007 16:01 773 activesharingfolder.dat 1 fichier(s) 773 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Messenger\adresse_email\SharingMetadata 11/06/2007 20:59 0 pending.dat 1 fichier(s) 0 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Messenger\adresse_email\SharingMetadata 02/07/2007 19:07 0 pending.dat 1 fichier(s) 0 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Messenger\adresse_email\SharingMetadata 08/06/2007 20:13 0 pending.dat 1 fichier(s) 0 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Movie Maker 07/06/2007 22:36 4 608 MEDIATAB.DAT 1 fichier(s) 4 608 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Outlook 11/06/2007 19:47 808 extend.dat 1 fichier(s) 808 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows 08/07/2007 21:02 4 194 304 UsrClass.dat 07/07/2007 15:58 3 932 160 UsrClass.dat_previous 04/07/2007 18:15 3 932 160 UsrClass.dat_BAK_64046 3 fichier(s) 12 058 624 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\History.IE5 08/07/2007 18:09 1 605 632 index.dat 1 fichier(s) 1 605 632 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007070420070705 04/07/2007 23:47 49 152 index.dat 1 fichier(s) 49 152 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007070520070706 05/07/2007 23:29 49 152 index.dat 1 fichier(s) 49 152 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007070620070707 06/07/2007 16:26 65 536 index.dat 1 fichier(s) 65 536 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007070720070708 07/07/2007 18:29 98 304 index.dat 1 fichier(s) 98 304 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007070820070709 08/07/2007 13:14 49 152 index.dat 1 fichier(s) 49 152 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5 08/07/2007 18:30 901 120 index.dat 1 fichier(s) 901 120 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007062520070702 02/07/2007 19:07 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007070220070703 02/07/2007 22:03 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007070320070704 03/07/2007 20:57 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007070420070705 04/07/2007 23:38 49 152 index.dat 1 fichier(s) 49 152 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007070520070706 05/07/2007 19:59 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007070620070707 06/07/2007 23:48 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007070720070708 07/07/2007 21:48 65 536 index.dat 1 fichier(s) 65 536 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing 08/06/2007 19:45 78 924 B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat 1 fichier(s) 78 924 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 08/07/2007 18:09 2 179 072 index.dat 1 fichier(s) 2 179 072 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 07/06/2007 20:55 16 384 MSIMGSIZ.DAT 1 fichier(s) 16 384 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing 07/06/2007 20:55 78 924 B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat 1 fichier(s) 78 924 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 08/07/2007 18:30 2 605 056 index.dat 1 fichier(s) 2 605 056 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\Office Genuine Advantage\data 24/06/2007 01:18 3 078 data.dat 1 fichier(s) 3 078 octets Répertoire de C:\Users\kenpachi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\kenpachi\.housecall6.6 18/06/2007 20:02 4 usrbl.dat 18/06/2007 20:02 4 usrwl.dat 2 fichier(s) 8 octets Répertoire de C:\Users\kenpachi\AppData\Local\Pando\Pando Files\AE\6E 22/06/2007 21:10 17 AE6E90DE8F90F4FB8AB0DE411CABC72528022220.dat 1 fichier(s) 17 octets Répertoire de C:\Users\kenpachi\AppData\Local\VirtualStore\Windows 07/06/2007 23:08 550 mozver.dat 1 fichier(s) 550 octets Répertoire de C:\Users\kenpachi\AppData\Local\VirtualStore\Windows\System32 07/06/2007 20:43 81 248 GDIPFONTCACHEV1.DAT 1 fichier(s) 81 248 octets Répertoire de C:\Users\kenpachi\AppData\LocalLow\Sun\Java\Deployment\security 11/06/2007 20:21 0 auth.dat 1 fichier(s) 0 octets Répertoire de C:\Users\kenpachi\AppData\Roaming 07/06/2007 22:28 0 wklnhst.dat 1 fichier(s) 0 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Adobe\Acrobat\7.0\Preferences 17/06/2007 21:03 0 AutoFillDefaults.dat 17/06/2007 21:03 870 defaultHeuristics.dat 2 fichier(s) 870 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Adobe\Acrobat 3D Toolkit 17/06/2007 23:28 780 history.dat 1 fichier(s) 780 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\IDM 02/07/2007 20:22 93 cnlurllist.dat 1 fichier(s) 93 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\HTML Help 03/07/2007 00:15 8 704 hh.dat 1 fichier(s) 8 704 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low 05/07/2007 14:00 32 768 index.dat 1 fichier(s) 32 768 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\Office\Recent 07/07/2007 23:53 1 110 index.dat 1 fichier(s) 1 110 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\Outlook 08/07/2007 01:43 2 288 outcmd.dat 1 fichier(s) 2 288 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\Windows\Cookies 08/07/2007 18:09 49 152 index.dat 1 fichier(s) 49 152 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\Windows\Cookies\Low 08/07/2007 18:30 98 304 index.dat 1 fichier(s) 98 304 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Microsoft\Word 21/06/2007 01:23 13 485 ListGal.dat 1 fichier(s) 13 485 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Mozilla\Firefox 08/07/2007 18:43 9 947 pluginreg.dat 1 fichier(s) 9 947 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Mozilla\Firefox\Profiles\i8lqns37.default 03/07/2007 02:01 151 682 compreg.dat 08/07/2007 15:34 233 formhistory.dat 08/07/2007 20:59 94 412 history.dat 07/07/2007 16:20 95 434 xpti.dat 4 fichier(s) 341 761 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Opera\Opera\mail 08/07/2007 20:57 8 192 mailbase.dat 1 fichier(s) 8 192 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Opera\Opera\mail\indexer 08/06/2007 23:01 8 192 indexer.dat 1 fichier(s) 8 192 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Opera\Opera\mail\lexicon 08/06/2007 23:01 8 192 lexicon.dat 1 fichier(s) 8 192 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Opera\Opera\profile 08/07/2007 20:57 7 970 cookies4.dat 08/07/2007 20:57 12 download.dat 08/07/2007 20:57 13 484 global.dat 16/06/2007 13:59 80 329 opcacrt6.dat 16/06/2007 13:59 27 opcert6.dat 08/07/2007 20:57 8 192 oprand.dat 16/06/2007 13:59 83 opssl6.dat 20/06/2007 19:27 593 opthumb.dat 08/07/2007 20:57 6 540 vlink4.dat 04/07/2007 22:16 2 969 wand.dat 10 fichier(s) 120 199 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Roxio\MediaManager9 01/07/2007 20:51 10 024 661 ItemThumbnails.dat 01/07/2007 21:10 10 011 349 ItemThumbnails0.dat 08/07/2007 16:46 2 619 904 ItemThumbnails1.dat 3 fichier(s) 22 655 914 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Roxio\VideoUI9\Proxy 13/06/2007 18:48 358 ProxyLog.dat 1 fichier(s) 358 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Shareaza\Data 08/07/2007 17:48 5 282 Discovery.dat 08/07/2007 17:48 526 DownloadGroups.dat 08/07/2007 17:48 76 573 HostCache.dat 08/07/2007 17:48 33 070 Library1.dat 08/07/2007 17:34 31 470 Library2.dat 08/07/2007 17:48 1 248 720 Searches.dat 08/07/2007 17:48 10 Security.dat 08/07/2007 17:35 631 247 TigerTree.dat 08/07/2007 17:48 410 UploadQueues.dat 9 fichier(s) 2 027 308 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\uTorrent 08/07/2007 20:53 3 308 dht.dat 08/07/2007 20:53 1 381 resume.dat 08/07/2007 20:53 1 758 settings.dat 3 fichier(s) 6 447 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\vlc\cache 08/07/2007 18:10 319 646 plugins-04041e.dat 1 fichier(s) 319 646 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Winamp\Plugins\ml 06/07/2007 20:46 440 609 main.dat 06/07/2007 20:46 6 313 recent.dat 2 fichier(s) 446 922 octets Répertoire de C:\Users\kenpachi\AppData\Roaming\Xi\NetXfer 07/07/2007 20:07 11 440 Net.database 1 fichier(s) 11 440 octets Répertoire de C:\Users\kenpachi\Documents\KONAMI\Pro Evolution Soccer 6 08/07/2007 20:52 420 settings.dat 1 fichier(s) 420 octets Répertoire de C:\Users\Public\Recorded TV\TempRec 07/06/2007 22:17 0 ehscanned.dat 1 fichier(s) 0 octets Répertoire de C:\Windows 08/07/2007 13:14 67 584 bootstat.dat 08/07/2007 01:44 12 bthservsdp.dat 07/06/2007 22:46 0 nsreg.dat 3 fichier(s) 67 596 octets Répertoire de C:\Windows\assembly 02/11/2006 14:56 0 pubpol1.dat 11/06/2007 00:18 0 pubpol14.dat 2 fichier(s) 0 octets Répertoire de C:\Windows\assembly\GAC_32 02/11/2006 13:18 <REP> System.Data 0 fichier(s) 0 octets Répertoire de C:\Windows\assembly\GAC_MSIL 02/11/2006 13:18 <REP> Microsoft.VisualBasic.Compatibility.Data 0 fichier(s) 0 octets Répertoire de C:\Windows\assembly\NativeImages_v2.0.50727_32 11/06/2007 00:12 0 index71.dat 28/06/2007 07:06 0 index82.dat 02/11/2006 14:57 <REP> System.Data 2 fichier(s) 0 octets Répertoire de C:\Windows\inf 13/06/2007 19:19 665 600 drvindex.dat 17/06/2007 22:47 51 200 infpub.dat 17/06/2007 22:47 86 016 infstor.dat 17/06/2007 22:47 86 016 infstrng.dat 4 fichier(s) 888 832 octets Répertoire de C:\Windows\inf\PERFLIB�00 02/11/2006 11:20 30 674 perfc.dat 02/11/2006 11:20 30 674 perfd.dat 02/11/2006 11:20 287 440 perfh.dat 02/11/2006 11:20 287 440 perfi.dat 4 fichier(s) 636 228 octets Répertoire de C:\Windows\inf\PERFLIB40C 02/11/2006 17:45 37 390 perfc.dat 02/11/2006 17:45 37 390 perfd.dat 02/11/2006 17:45 340 236 perfh.dat 02/11/2006 17:45 340 236 perfi.dat 4 fichier(s) 755 252 octets Répertoire de C:\Windows\Installer\$PatchCache$\Managed�002109030000000000000000F01FEC\12.0.4518 15/09/2006 16:25 3 611 416 OUTLFLTR.DAT 1 fichier(s) 3 611 416 octets Répertoire de C:\Windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\program files\VistaCodecPack\QT\QTSystem 27/04/2007 15:42 21 784 CFUniCharPropertyDatabase.data 1 fichier(s) 21 784 octets Répertoire de C:\Windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\program files\VistaCodecPack\rm 30/04/2007 02:00 480 keys.dat 1 fichier(s) 480 octets Répertoire de C:\Windows\System32 19/10/2006 19:16 138 101 atiicdxx.dat 25/10/2006 06:29 3 107 788 atiumdva.dat 18/09/2006 23:39 215 943 dssec.dat 18/06/2007 00:18 421 560 FNTCACHE.DAT 13/06/2007 19:13 2 455 488 ieapfltr.dat 18/09/2006 23:33 673 088 mlang.dat 18/09/2006 23:37 741 NOISE.DAT 18/06/2007 00:56 103 924 perfc009.dat 18/06/2007 00:56 117 572 perfc00C.dat 02/11/2006 11:20 30 674 perfd009.dat 02/11/2006 17:45 37 390 perfd00C.dat 18/06/2007 00:56 610 142 perfh009.dat 18/06/2007 00:56 690 832 perfh00C.dat 02/11/2006 11:20 287 440 perfi009.dat 02/11/2006 17:45 340 236 perfi00C.dat 04/07/2007 00:28 0 SBFC.dat 04/07/2007 00:28 0 SBRC.dat 17 fichier(s) 9 230 919 octets Répertoire de C:\Windows\System32\com 18/09/2006 23:27 61 440 comempty.dat 1 fichier(s) 61 440 octets Répertoire de C:\Windows\System32\directx\websetup 07/07/2007 19:33 238 filelist.dat 1 fichier(s) 238 octets Répertoire de C:\Windows\System32\DriverStore\FileRepository\cl_37905.inf_cc2d17b7\B_37825 19/10/2006 19:16 138 101 atiicdxx.dat 25/10/2006 06:29 3 107 788 atiumdva.dat 2 fichier(s) 3 245 889 octets Répertoire de C:\Windows\System32\DriverStore\FileRepository\cl_38613.inf_2f9edd14\B_38506 19/10/2006 08:16 138 101 atiicdxx.dat 08/11/2006 08:52 3 107 788 atiumdva.dat 2 fichier(s) 3 245 889 octets Répertoire de C:\Windows\System32\DriverStore\FileRepository\prnca001.inf_92fbd03f\I386 18/09/2006 23:35 23 280 CNBP0.DAT 18/09/2006 23:35 27 140 CNBP1.DAT 18/09/2006 23:35 30 320 CNBP2.DAT 3 fichier(s) 80 740 octets Répertoire de C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386 18/09/2006 23:40 1 162 EPNDDE09.DAT 18/09/2006 23:40 1 960 EPNDDE11.DAT 18/09/2006 23:40 1 778 EPNDDE12.DAT 18/09/2006 23:40 4 664 EPNDDE14.DAT 18/09/2006 23:40 4 736 EPNDDE15.DAT 18/09/2006 23:40 1 960 EPNDDE16.DAT 18/09/2006 23:40 1 992 EPNDDE2J.DAT 18/09/2006 23:40 1 948 EPNDDE2K.DAT 18/09/2006 23:40 2 128 EPNDDE2M.DAT 18/09/2006 23:40 2 398 EPNDDE3N.DAT 18/09/2006 23:40 1 976 EPNDDE3O.DAT 18/09/2006 23:40 1 764 EPNDDE3P.DAT 18/09/2006 23:40 2 398 EPNDDE3Q.DAT 18/09/2006 23:40 2 618 EPNDDE3T.DAT 18/09/2006 23:40 2 188 EPNDDE3V.DAT 18/09/2006 23:40 2 984 EPNDDE4A.DAT 18/09/2006 23:40 2 632 EPNDDE4D.DAT 18/09/2006 23:40 3 406 EPNDDE4G.DAT 18/09/2006 23:40 3 406 EPNDDE4H.DAT 18/09/2006 23:40 3 626 EPNDDE4I.DAT 18/09/2006 23:40 4 118 EPNDDE4J.DAT 18/09/2006 23:40 4 338 EPNDDE4K.DAT 18/09/2006 23:40 3 476 EPNDDE4L.DAT 18/09/2006 23:40 3 696 EPNDDE4N.DAT 18/09/2006 23:40 3 476 EPNDDE4P.DAT 18/09/2006 23:40 2 496 EPNDDE4S.DAT 18/09/2006 23:40 3 138 EPNDDE5A.DAT 18/09/2006 23:40 3 628 EPNDDE5D.DAT 28 fichier(s) 80 090 octets Répertoire de C:\Windows\System32\migwiz 02/11/2006 14:35 92 migfiles.dat 02/11/2006 14:35 634 296 SFLIST2K.dat 02/11/2006 14:35 2 461 746 SFLISTLH.dat 02/11/2006 14:35 1 418 636 SFLISTXP.dat 4 fichier(s) 4 514 770 octets Répertoire de C:\Windows\System32\SMI\Store\Machine 28/06/2007 05:18 6 029 312 schema.dat 28/06/2007 05:18 6 029 312 schema.dat_previous 2 fichier(s) 12 058 624 octets Répertoire de C:\Windows\System32\wbem\repository 08/07/2007 13:44 25 083 904 OBJECTS.DATA 1 fichier(s) 25 083 904 octets Répertoire de C:\Windows\Tasks 08/07/2007 13:14 6 SA.DAT 1 fichier(s) 6 octets Répertoire de C:\Windows\Users\Default 04/06/2007 22:01 8 192 NTUSER.DAT 1 fichier(s) 8 192 octets Répertoire de C:\Windows\winsxs\Backup 02/11/2006 17:45 340 236 x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_05686c86b1f84967_perfi.dat_e3a35ecf 02/11/2006 17:45 37 390 x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_05686c86b1f84967_perfd.dat_f1e3dfd2 02/11/2006 17:45 37 390 x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_05686c86b1f84967_perfc.dat_f4bd9339 02/11/2006 17:45 340 236 x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_05686c86b1f84967_perfh.dat_e67d1236 02/11/2006 12:41 673 088 x86_microsoft-windows-mlang_31bf3856ad364e35_6.0.6000.16386_none_54a8897ce7133d6b_mlang.dat_211debd0 02/11/2006 12:42 30 674 x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16386_none_6f4f3b5c01fbb89d_perfd.dat_f1e3dfd2 02/11/2006 12:42 30 674 x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16386_none_6f4f3b5c01fbb89d_perfc.dat_f4bd9339 02/11/2006 12:42 287 440 x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16386_none_6f4f3b5c01fbb89d_perfi.dat_e3a35ecf 04/06/2007 22:02 8 x86_microsoft-windows-crypt32-dll_31bf3856ad364e35_6.0.6000.16425_none_5978e103e0b8f230_capilock.dat_79d31fad 02/11/2006 12:42 287 440 x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16386_none_6f4f3b5c01fbb89d_perfh.dat_e67d1236 10 fichier(s) 2 064 576 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-com-complus-runtime_31bf3856ad364e35_6.0.6000.16386_none_5793fd15d7c67cb6 18/09/2006 23:27 61 440 comempty.dat 1 fichier(s) 61 440 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-crypt32-dll_31bf3856ad364e35_6.0.6000.16425_none_5978e103e0b8f230 04/06/2007 22:02 8 capilock.dat 1 fichier(s) 8 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-crypt32-dll_31bf3856ad364e35_6.0.6000.20523_none_5a007d3af9d85f4c 04/06/2007 22:02 8 capilock.dat 1 fichier(s) 8 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-dssec_31bf3856ad364e35_6.0.6000.16386_none_582f1586ff9cc1ca 18/09/2006 23:39 215 943 dssec.dat 1 fichier(s) 215 943 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16386_none_f95b545b6ed37b65 26/10/2006 05:24 2 451 312 ieapfltr.dat 1 fichier(s) 2 451 312 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16397_none_f95184b96edab0ad 04/06/2007 22:01 2 451 312 ieapfltr.dat 1 fichier(s) 2 451 312 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16463_none_f96df53b6ec5f4a5 07/06/2007 21:00 2 453 952 ieapfltr.dat 1 fichier(s) 2 453 952 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16473_none_f963254f6ece1096 13/06/2007 19:13 2 455 488 ieapfltr.dat 1 fichier(s) 2 455 488 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20491_none_f9d51fc887fdb86d 04/06/2007 22:01 2 451 312 ieapfltr.dat 1 fichier(s) 2 451 312 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20572_none_f9ebc1d087ec9709 07/06/2007 21:00 2 453 952 ieapfltr.dat 1 fichier(s) 2 453 952 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20583_none_f9e1f22e87f3cc51 13/06/2007 19:13 2 455 488 ieapfltr.dat 1 fichier(s) 2 455 488 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6000.16386_none_b84454ed976a3577 02/11/2006 14:35 92 migfiles.dat 02/11/2006 14:35 634 296 SFLIST2K.dat 02/11/2006 14:35 2 461 746 SFLISTLH.dat 02/11/2006 14:35 1 418 636 SFLISTXP.dat 4 fichier(s) 4 514 770 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-mlang_31bf3856ad364e35_6.0.6000.16386_none_54a8897ce7133d6b 18/09/2006 23:33 673 088 mlang.dat 1 fichier(s) 673 088 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16386_none_f05158286e8f4253 02/11/2006 14:35 2 411 800 OESpamFilter.dat 1 fichier(s) 2 411 800 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16491_none_f04188b06e9bdcb8 13/06/2007 19:15 2 414 472 OESpamFilter.dat 1 fichier(s) 2 414 472 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20603_none_f12e7741876eb0de 13/06/2007 19:15 2 414 472 OESpamFilter.dat 1 fichier(s) 2 414 472 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-p..structure.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_05686c86b1f84967 02/11/2006 17:43 37 390 perfc.dat 02/11/2006 17:43 37 390 perfd.dat 02/11/2006 17:43 340 236 perfh.dat 02/11/2006 17:43 340 236 perfi.dat 4 fichier(s) 755 252 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6000.16386_none_6f4f3b5c01fbb89d 02/11/2006 11:20 30 674 perfc.dat 02/11/2006 11:20 30 674 perfd.dat 02/11/2006 11:20 287 440 perfh.dat 02/11/2006 11:20 287 440 perfi.dat 4 fichier(s) 636 228 octets Répertoire de C:\Windows\winsxs\x86_microsoft-windows-w..akerstemmer-neutral_31bf3856ad364e35_6.0.6000.16386_none_5dc9f65fa16443a5 18/09/2006 23:37 741 NOISE.DAT 1 fichier(s) 741 octets Le volume dans le lecteur C s'appelle OS Le numéro de série du volume est 2C78-F3D6 merci pour l'aide

bonjour, je viens juste d'être envahi par des pages de fr.drivecleaner.com encore une fois . en effet, à chaque fois lorsque je cliquais sur annulé elles revenaient, j'ai du supprimer le cach de firefox pour que s'arrête. Comment je pourrais m'en débarrasser ? merci pour votre aide

Re, j'ai effectué la manipulation. voila le contenu du fichier txt : Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"="1" "Shell"="explorer.exe" "Userinit"="C:\\Windows\\system32\\userinit.exe," "VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\"" "AutoRestartShell"=dword:00000001 "LegalNoticeCaption"="" "LegalNoticeText"="" "PowerdownAfterShutdown"="0" "ShutdownWithoutLogon"="0" "cachedlogonscount"="10" "forceunlocklogon"=dword:00000000 "passwordexpirywarning"=dword:0000000e "Background"="0 0 0" "DebugServerCommand"="no" "WinStationsDisabled"="0" "DisableCAD"=dword:00000001 "scremoveoption"="0" "ShutdownFlags"=dword:0000002b [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] @="Wireless Group Policy" "DisplayName"=hex(2):40,00,77,00,6c,00,67,00,70,00,63,00,6c,00,6e,00,74,00,2e,\ 00,64,00,6c,00,6c,00,2c,00,2d,00,31,00,30,00,30,00,00,00 "ProcessGroupPolicyEx"="ProcessWLANPolicyEx" "GenerateGroupPolicy"="GenerateWLANPolicy" "DllName"=hex(2):77,00,6c,00,67,00,70,00,63,00,6c,00,6e,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "NoUserPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}] @="Folder Redirection" "ProcessGroupPolicyEx"="ProcessGroupPolicyEx" "DllName"=hex(2):66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "NoMachinePolicy"=dword:00000001 "NoSlowLink"=dword:00000001 "PerUserLocalSettings"=dword:00000001 "NoGPOListChanges"=dword:00000000 "NoBackgroundPolicy"=dword:00000000 "GenerateGroupPolicy"="GenerateGroupPolicy" "EventSources"=hex(7):28,00,46,00,6f,00,6c,00,64,00,65,00,72,00,20,00,52,00,65,\ 00,64,00,69,00,72,00,65,00,63,00,74,00,69,00,6f,00,6e,00,2c,00,41,00,70,00,\ 70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,29,00,00,00,00,00 "DisplayName"=hex(2):40,00,66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,\ 00,6c,00,6c,00,2c,00,2d,00,32,00,36,00,31,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] @="Microsoft Disk Quota" "DisplayName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\ 00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\ 5c,00,64,00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,6c,00,6c,\ 00,2c,00,2d,00,31,00,30,00,30,00,00,00 "NoMachinePolicy"=dword:00000000 "NoUserPolicy"=dword:00000001 "NoSlowLink"=dword:00000001 "NoBackgroundPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000001 "PerUserLocalSettings"=dword:00000000 "RequiresSuccessfulRegistry"=dword:00000001 "EnableAsynchronousProcessing"=dword:00000000 "DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\ 00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,6c,00,6c,00,00,00 "ProcessGroupPolicy"="ProcessGroupPolicy" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] @="QoS Packet Scheduler" "DisplayName"=hex(2):40,00,67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,\ 00,6c,00,2c,00,2d,00,32,00,30,00,31,00,00,00 "ProcessGroupPolicy"="ProcessPSCHEDPolicy" "DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\ 00,00 "NoUserPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] "ProcessGroupPolicy"="ProcessGroupPolicyForZoneMap" "DllName"=hex(2):69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,00,64,00,\ 6c,00,6c,00,00,00 @="Internet Explorer Zonemapping" "NoGPOListChanges"=dword:00000001 "RequiresSucessfulRegistry"=dword:00000001 "DisplayName"=hex(2):40,00,69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,\ 00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,31,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7933F41E-56F8-41d6-A31C-4148A711EE93}] @="Windows Search Group Policy Extension" "DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,72,00,63,00,68,00,61,00,64,00,6d,00,69,00,6e,00,2e,00,64,00,6c,00,6c,00,\ 00,00 "EnableAsynchronousProcessing"=dword:00000000 "NoBackgroundPolicy"=dword:00000000 "NoGPOListChanges"=dword:00000001 "NoMachinePolicy"=dword:00000000 "NoSlowLink"=dword:00000000 "NoUserPolicy"=dword:00000001 "PerUserLocalSettings"=dword:00000000 "ProcessGroupPolicy"="ProcessGroupPolicy" "RequiresSuccessfulRegistry"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] @="Security" "DisplayName"=hex(2):40,00,28,00,72,00,75,00,6e,00,74,00,69,00,6d,00,65,00,2e,\ 00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,29,00,5c,00,73,00,63,00,\ 65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,37,00,36,00,35,\ 00,30,00,00,00 "ProcessGroupPolicy"="SceProcessSecurityPolicyGPO" "GenerateGroupPolicy"="SceGenerateGroupPolicy" "ExtensionRsopPlanningDebugLevel"=dword:00000001 "ProcessGroupPolicyEx"="SceProcessSecurityPolicyGPOEx" "ExtensionDebugLevel"=dword:00000001 "DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\ 00,00 "NoUserPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000001 "EnableAsynchronousProcessing"=dword:00000001 "MaxNoGPOListChangesInterval"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] "ProcessGroupPolicyEx"="ProcessGroupPolicyEx" "GenerateGroupPolicy"="GenerateGroupPolicy" "ProcessGroupPolicy"="ProcessGroupPolicy" "DllName"="iedkcs32.dll" @="Internet Explorer Branding" "NoSlowLink"=dword:00000001 "NoBackgroundPolicy"=dword:00000000 "NoGPOListChanges"=dword:00000001 "NoMachinePolicy"=dword:00000001 "DisplayName"=hex(2):40,00,69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,\ 00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,31,00,34,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] "ProcessGroupPolicy"="SceProcessEFSRecoveryGPO" "DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\ 00,00 @="EFS recovery" "DisplayName"="@(runtime.system32)\\scecli.dll,-7651" "NoUserPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000001 "RequiresSuccessfulRegistry"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] @="802.3 Group Policy" "DisplayName"=hex(2):40,00,64,00,6f,00,74,00,33,00,67,00,70,00,63,00,6c,00,6e,\ 00,74,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,31,00,30,00,30,00,00,00 "ProcessGroupPolicyEx"="ProcessLANPolicyEx" "GenerateGroupPolicy"="GenerateLANPolicy" "DllName"=hex(2):64,00,6f,00,74,00,33,00,67,00,70,00,63,00,6c,00,6e,00,74,00,\ 2e,00,64,00,6c,00,6c,00,00,00 "NoUserPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}] @="IP Security" "ProcessGroupPolicyEx"="ProcessIPSECPolicyEx" "GenerateGroupPolicy"="GenerateIPSECPolicy" "DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,70,\ 00,6f,00,6c,00,73,00,74,00,6f,00,72,00,65,00,2e,00,64,00,6c,00,6c,00,00,00 "NoUserPolicy"=dword:00000001 "NoGPOListChanges"=dword:00000000 "DisplayName"=hex(2):40,00,43,00,3a,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,\ 00,73,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,70,00,\ 6f,00,6c,00,73,00,74,00,6f,00,72,00,65,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,\ 00,35,00,30,00,31,00,32,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{FB2CA36D-0B40-4307-821B-A13B252DE56C}] @="Enterprise QoS" "DisplayName"=hex(2):40,00,67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,\ 00,6c,00,2c,00,2d,00,32,00,30,00,33,00,00,00 "ProcessGroupPolicy"="ProcessEQoSPolicy" "DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\ 00,00 "RequiresSuccessfulRegistry"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoLogonChecked] mais j'ai une question : est ce que j'ai modifié quelque chose dans le registre en effectuant cette manipulation ? salutations merci

Re, j'ai effectué le scan avec vundofix mais malheureusement il n'y a rein trouvé. voila le rapport : VundoFix V6.5.4 Checking Java version... Scan started at 22:38:30 06/07/2007 Listing files found while scanning.... No infected files were found. Beginning removal... salutations

bonjour, Malheureusement les pubs sont apparues encore . cette fois ci c'est : fr.winantivirus.com qui s'est manifesté. est ce qu'il faut peut être que je désinstalles le java et j'opte pour la dernière version ou le problème vient d'autre chose. franchement je ne sais pas quoi faire. Merci

Re, Merci, firefox m'affiche les pages comme avant. sinon, est ce que je peux avoir une explication concernant les manipulations qu'on a effectué. et en ce qui concerne les dossiers : Deckard et fixwareout que j'ai en C: est ce que je peux les supprimer?? quels protections je dois ajouter a mon mcafee pour avoir une bonne protection?? salutations et merci pour tous

Re, concernant les pubs, je vais tester quelques jours et je vais t'informer s'ils apparaissent. sinon, j'ai un problème concernant firefox. en effet, après la dernière manipulation firefox n'affiche pas bien les pages. salutations

Re, voila j'ai effectué le scan, voici le rapport : "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows Vista RC1 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "DellSupport" = ""C:\Program Files\DellSupport\DSAgnt.exe" /startup" ["Gteko Ltd."] "ehTray.exe" = "C:\Windows\ehome\ehTray.exe" [MS] "MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS] "swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."] "WMPNSCFG" = "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "Windows Defender" = "C:\Program Files\Windows Defender\MSASCui.exe -hide" "SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."] "SunJavaUpdateSched" = ""c:\Program Files\Java\jre1.6.0\bin\jusched.exe"" ["Sun Microsystems, Inc."] "ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"" [null data] "PMX Daemon" = "ICO.EXE" ["Primax Electronics Ltd."] "SigmatelSysTrayApp" = "sttray.exe" ["SigmaTel, Inc."] "ISUSScheduler" = ""C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start" ["Macrovision Corporation"] "RoxWatchTray" = ""C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"" ["Sonic Solutions"] "MskAgentexe" = "C:\Program Files\McAfee\MSK\MskAgent.exe" ["McAfee Inc."] "Google Desktop Search" = ""C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup" ["Google"] "ECenter" = "c:\dell\E-Center\EULALauncher.exe" [null data] "PCMService" = ""C:\Program Files\Dell\MediaDirect\PCMService.exe"" ["CyberLink Corp."] "ISUSPM Startup" = "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup" ["Macrovision Corporation"] "GrooveMonitor" = ""C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"" [MS] "Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper" -> {HKLM...CLSID} = "IDMIEHlprObj Class" \InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMIECC.dll" ["Tonec Inc."] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Aide pour le lien d'Adobe PDF Reader" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...CLSID} = "Groove GFS Browser Helper" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "c:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."] {7DB2D5A0-7241-4E79-B68D-6309F01C5231}\(Default) = "scriptproxy" -> {HKLM...CLSID} = "scriptproxy" \InProcServer32\(Default) = "c:\program files\mcafee\virusscan\scriptcl.dll" ["McAfee, Inc."] {83B80A9C-D91A-4F22-8DCF-EA7204039F79}\(Default) = "NetXfer" -> {HKLM...CLSID} = "NXIECatcher Class" \InProcServer32\(Default) = "C:\Program Files\Xi\NetXfer\NXIEHelper.dll" ["Xi"] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Sign-in Helper" \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Helper" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{E7DE9B1A-7533-4556-9484-B26FB486475E}" = (no title provided) -> {HKLM...CLSID} = "Network Map" \InProcServer32\(Default) = "C:\Windows\system32\shdocvw.dll" [MS] "{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486}" = "IGD Property Sheet Handler" -> {HKLM...CLSID} = "IGD Property Page" \InProcServer32\(Default) = "C:\Windows\System32\icsigd.dll" [MS] "{8856f961-340a-11d0-a96b-00c04fd705a2}" = "Microsoft Web Browser" -> {HKLM...CLSID} = "Microsoft Web Browser" \InProcServer32\(Default) = "C:\Windows\system32\ieframe.dll" [MS] "{3050f3d9-98b5-11cf-bb82-00aa00bdce0b}" = "MSHTML Document" -> {HKLM...CLSID} = "MHTML Document" \InProcServer32\(Default) = "C:\Windows\system32\mshtml.dll" [MS] "{25336920-03f9-11cf-8fd0-00aa00686f13}" = "HTML Document" -> {HKLM...CLSID} = "HTML Document" \InProcServer32\(Default) = "C:\Windows\system32\mshtml.dll" [MS] "{00020d75-0000-0000-c000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL" [MS] "{74246bfc-4c96-11d0-abef-0020af6b0b7a}" = "Device Manager" -> {HKLM...CLSID} = "Device Manager" \InProcServer32\(Default) = "C:\Windows\System32\devmgr.dll" [MS] "{44f3dab6-4392-4186-bb7b-6282ccb7a9f6}" = "MyDocuments menu and properties" -> {HKLM...CLSID} = "MyDocuments menu and properties" \InProcServer32\(Default) = "C:\Windows\system32\mydocs.dll" [MS] "{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}" = "Common Places Folder" -> {HKLM...CLSID} = "Common Places FS Folder" \InProcServer32\(Default) = "C:\Windows\System32\shdocvw.dll" [MS] "{865e5e76-ad83-4dca-a109-50dc2113ce9a}" = "Programs Folder and Fast Items" -> {HKLM...CLSID} = "Programs Folder and Fast Items" \InProcServer32\(Default) = "C:\Windows\system32\shell32.dll" [MS] "{21ec2020-3aea-1069-a2dd-08002b30309d}" = "Control Panel" -> {HKLM...CLSID} = "Control Panel" \InProcServer32\(Default) = "shell32.dll" [MS] "{25585dc7-4da0-438d-ad04-e42c8d2d64b9}" = "Client application shell extension" -> {HKLM...CLSID} = "Client application shell extension" \InProcServer32\(Default) = "C:\Windows\system32\shell32.dll" [MS] "{4d5c8c2a-d075-11d0-b416-00c04fb90376}" = "Microsoft CommBand" -> {HKLM...CLSID} = "Microsoft CommBand" \InProcServer32\(Default) = "C:\Windows\system32\browseui.dll" [MS] "{92337A8C-E11D-11D0-BE48-00C04FC30DF6}" = "OlePrn.PrinterURL" -> {HKLM...CLSID} = "prturl Class" \InProcServer32\(Default) = "C:\Windows\system32\oleprn.dll" [MS] "{16C2C29D-0E5F-45f3-A445-03E03F587B7D}" = "group_wab_auto_file" -> {HKLM...CLSID} = ".group shell context menu" \InProcServer32\(Default) = "C:\Program Files\Common Files\System\wab32.dll" [MS] "{CF67796C-F57F-45F8-92FB-AD698826C602}" = "contact_wab_auto_file" -> {HKLM...CLSID} = ".contact shell context menu" \InProcServer32\(Default) = "C:\Program Files\Common Files\System\wab32.dll" [MS] "{90b9bce2-b6db-4fd3-8451-35917ea1081b}" = "Search Execute Command" -> {HKLM...CLSID} = "CLSID_SearchExecute" \InProcServer32\(Default) = "ExplorerFrame.dll" [MS] "{1a184871-359e-4f67-aad9-5b9905d62232}" = "Microsoft Windows Font File Context Menu Handler" -> {HKLM...CLSID} = "Microsoft Windows Font Context Menu Handler" \InProcServer32\(Default) = "fontext.dll" [MS] "{8a7cae0e-5951-49cb-bf20-ab3fa1e44b01}" = "Microsoft Windows Font Previewer" -> {HKLM...CLSID} = "Microsoft Windows Font Preview Handler" \InProcServer32\(Default) = "fontext.dll" [MS] "{BC65FB43-1958-4349-971A-210290480130}" = "Network Explorer Property Sheet Handler" -> {HKLM...CLSID} = "Ncd Property Page" \InProcServer32\(Default) = "C:\Windows\System32\NcdProp.dll" [MS] "{0a4286ea-e355-44fb-8086-af3df7645bd9}" = "Windows Media Player" -> {HKLM...CLSID} = "&Windows Media Player" \InProcServer32\(Default) = "C:\PROGRA~1\WI4EB4~1\wmpband.dll" [MS] "{BB6B2374-3D79-41DB-87F4-896C91846510}" = "EMDFileProperties" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "emdmgmt.dll" [MS] "{7A0F6AB7-ED84-46B6-B47E-02AA159A152B}" = "Sync Center Simple Conflict Presenter" -> {HKLM...CLSID} = "Simple Conflict Presenter" \InProcServer32\(Default) = "C:\Windows\System32\SyncCenter.dll" [MS] "{BE122A0E-4503-11DA-8BDE-F66BAD1E3F3A}" = (no title provided) -> {HKLM...CLSID} = "Windows Anytime Upgrade" \InProcServer32\(Default) = "C:\Windows\System32\shdocvw.dll" [MS] "{00f20eb5-8fd6-4d9d-b75e-36801766c8f1}" = "PhotoAcqDropTarget" -> {HKLM...CLSID} = "PhotoAcqDropTarget" \InProcServer32\(Default) = "C:\Program Files\Windows Photo Gallery\PhotoAcq.dll" [MS] "{91ADC906-6722-4B05-A12B-471ADDCCE132}" = "Touch Band" -> {HKLM...CLSID} = "Touch Pointer" \InProcServer32\(Default) = "C:\Windows\System32\TouchX.dll" [MS] "{7D4734E6-047E-41e2-AEAA-E763B4739DC4}" = "Windows Media Player Play as Playlist Context Menu Handler" -> {HKLM...CLSID} = "WMP Play Folder As Playlist Launcher" \InProcServer32\(Default) = "C:\Windows\system32\wmpshell.dll" [MS] "{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A}" = "GameUX.RichGameMediaThumbnail" -> {HKLM...CLSID} = "RichGameMediaThumbnail Class" \InProcServer32\(Default) = "C:\Windows\System32\gameux.dll" [MS] "{15D633E2-AD00-465b-9EC7-F56B7CDF8E27}" = "Tablet PC Input Panel" -> {HKLM...CLSID} = "Tablet PC Input Panel" \InProcServer32\(Default) = "C:\Program Files\Common Files\microsoft shared\ink\TipBand.dll" [MS] "{6b9228da-9c15-419e-856c-19e768a13bdc}" = "Windows gadget DropTarget" -> {HKLM...CLSID} = "Windows gadget DropTarget" \InProcServer32\(Default) = "C:\Program Files\Windows Sidebar\sbdrop.dll" [MS] "{8A734961-C4AA-4741-AC1E-791ACEBF5B39}" = "Windows Media Player Shop Music Context Menu Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Windows\system32\wmpshell.dll" [MS] "{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."] "{7842554E-6BED-11D2-8CDB-B05550C10000}" = "Monitor" -> {HKLM...CLSID} = "Monitor Class" \InProcServer32\(Default) = "C:\Windows\system32\btncopy.dll" ["Broadcom Corporation."] "{5E44E225-A408-11CF-B581-008029601108}" = "Roxio DragToDisc Shell Extension" -> {HKLM...CLSID} = "Roxio DragToDisc Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll" ["Roxio"] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "Mes dossiers de partage" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" = "Groove GFS Browser Helper" -> {HKLM...CLSID} = "Groove GFS Browser Helper" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" = "Groove GFS Explorer Bar" -> {HKLM...CLSID} = "Groove Folder Synchronization" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{A449600E-1DC6-4232-B948-9BD794D62056}" = "Groove GFS Stub Icon Handler" -> {HKLM...CLSID} = "Groove GFS Stub Icon Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook" -> {HKLM...CLSID} = "Groove GFS Stub Execution Hook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{6C467336-8281-4E60-8204-430CED96822D}" = "Groove GFS Context Menu Handler" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{387E725D-DC16-4D76-B310-2C93ED4752A0}" = "Groove XML Icon Handler" -> {HKLM...CLSID} = "Groove XML Icon Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{16F3DD56-1AF5-4347-846D-7C10C4192619}" = "Groove Explorer Icon Overlay 3 (GFS Folder)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" = "Groove Explorer Icon Overlay 2 (GFS Stub)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Outlook File Icon Extension" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL" [MS] "{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" -> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS] "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler" -> {HKLM...CLSID} = "Microsoft Office Metadata Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS] "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler" -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS] "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension" -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension" \InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"] "{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension" -> {HKLM...CLSID} = "TuneUp Theme Extension" \InProcServer32\(Default) = "C:\Windows\System32\uxtuneup.dll" ["TuneUp Software GmbH"] "{D0DC6B97-C6FA-4B42-9649-5891A97E5005}" = "N5ShellExtension Shell Extension" -> {HKLM...CLSID} = "N5ShellExtension ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Nitro PDF\Professional\N5ShellExtension.dll" [empty string] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <<!>> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook" -> {HKLM...CLSID} = "Groove GFS Stub Execution Hook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\ <<!>> "AppInit_DLLs" = "C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" ["Google"] HKLM\Software\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] MCVSRIGHTCLICKSCANNER\(Default) = "{162EFDC5-2957-465D-887B-590AF4A7E84D}" -> {HKLM...CLSID} = "McVSRightclickScanner Class" \InProcServer32\(Default) = "c:\program files\mcafee\virusscan\mcodsax.dll" ["McAfee, Inc."] N5ShellExtension\(Default) = "{D0DC6B97-C6FA-4B42-9649-5891A97E5005}" -> {HKLM...CLSID} = "N5ShellExtension ContextMenu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Nitro PDF\Professional\N5ShellExtension.dll" [empty string] PandoShellExt\(Default) = "{9C150845-2A2D-44CC-90B3-AA03480AA3D2}" -> {HKLM...CLSID} = "PDShellExt Class" \InProcServer32\(Default) = "C:\Program Files\Pando Networks\Pando\PandoShellExt.dll" ["Pando Networks"] TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension" \InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}" -> {HKLM...CLSID} = "7-Zip Shell Extension" \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"] PandoShellExt\(Default) = "{9C150845-2A2D-44CC-90B3-AA03480AA3D2}" -> {HKLM...CLSID} = "PDShellExt Class" \InProcServer32\(Default) = "C:\Program Files\Pando Networks\Pando\PandoShellExt.dll" ["Pando Networks"] TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension" \InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ MCVSRIGHTCLICKSCANNER\(Default) = "{162EFDC5-2957-465D-887B-590AF4A7E84D}" -> {HKLM...CLSID} = "McVSRightclickScanner Class" \InProcServer32\(Default) = "c:\program files\mcafee\virusscan\mcodsax.dll" ["McAfee, Inc."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] Default executables: -------------------- HKCU\Software\Classes\.exe\(Default) = (value not set) Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "ConsentPromptBehaviorAdmin" = (REG_DWORD) hex:0x00000002 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Administrators In Admin Approval Mode} "ConsentPromptBehaviorUser" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Standard Users} "EnableInstallerDetection" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Detect Application Installations And Prompt For Elevation} "EnableLUA" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Run All Administrators In Admin Approval Mode} "EnableSecureUIAPaths" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Only elevate UIAccess applications that are installed in secure locations} "EnableVirtualization" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Virtualize file and registry write failures to per-user locations} "PromptOnSecureDesktop" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Conrol: Switch to the secure desktop when prompting for elevation} "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} "FilterAdministratorToken" = (REG_DWORD) hex:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Admin Approval Mode for the Built-in Administrator Account} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\Windows\web\wallpaper\Dellwall1.jpg" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "c:\windows\web\wallpaper\Dellwall1.jpg" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\Windows\system32\logon.scr" [MS] Startup items in "kenpachi" & "All Users" startup folders: ---------------------------------------------------------- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup "BTTray" -> shortcut to: "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" ["Broadcom Corporation."] "Digital Line Detect" -> shortcut to: "C:\Program Files\Digital Line Detect\DLG.exe" ["Avanquest Software "] "QuickSet" -> shortcut to: "C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe" ["Macrovision Corporation"] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\system32\NLAapi.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\system32\napinsp.dll" [MS] 000000000005\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS] 000000000006\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS] 000000000007\LibraryPath = "%SystemRoot%\system32\wshbth.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 23 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided) -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] "{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A}" = "NetXfer" -> {HKLM...CLSID} = "NetXfer" \InProcServer32\(Default) = "C:\Program Files\Xi\NetXfer\NXToolBar.dll" ["Xi"] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = "Groove Folder Synchronization" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS] HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Rechercher" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Console Java (Sun)" "CLSIDExtension" = "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}" -> {HKLM...CLSID} = "Java Plug-in 1.6.0" \InProcServer32\(Default) = "c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll" ["Sun Microsystems, Inc."] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ "ButtonText" = "Envoyer à OneNote" "MenuText" = "&Envoyer à OneNote" "CLSIDExtension" = "{48E73304-E1D6-4330-914C-F5F514E3486C}" -> {HKLM...CLSID} = "Send to OneNote from Internet Explorer button" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll" [MS] {85D1F590-48F4-11D9-9669-0800200C9A66}\ "MenuText" = "Uninstall BitDefender Online Scanner v8" "Exec" = "%windir%\bdoscandel.exe" [file not found] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ "ButtonText" = "Research" {CCA281CA-C863-46EF-9331-5C8D4460577F}\ "ButtonText" = "@btrez.dll,-4015" "MenuText" = "@btrez.dll,-12650" "Script" = "c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm" [null data] Miscellaneous IE Hijack Points ------------------------------ HKLM\Software\Microsoft\Internet Explorer\AboutURLs\ <<H>> "TuneUp" = "file://C|/ProgramData/TuneUp Software/Common/base.css" [file not found] HOSTS file ---------- C:\Windows\System32\drivers\etc\HOSTS maps: 2 domain names to IP addresses, 1 of the IP addresses is *not* localhost! Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Accès du périphérique d'interface utilisateur, hidserv, "C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted" {"C:\Windows\system32\hidserv.dll" [MS]} Acquisition d'image Windows (WIA), stisvc, "C:\Windows\system32\svchost.exe -k imgsvc" {"C:\Windows\System32\wiaservc.dll" [MS]} Assistance IP, iphlpsvc, "C:\Windows\System32\svchost.exe -k NetSvcs" {(missing data)} Assistance NetBIOS sur TCP/IP, lmhosts, "C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted" {(missing data)} Ati External Event Utility, Ati External Event Utility, "C:\Windows\system32\Ati2evxx.exe" ["ATI Technologies Inc."] Explorateur d'ordinateurs, Browser, "C:\Windows\System32\svchost.exe -k netsvcs" {"C:\Windows\System32\browser.dll" [MS]} Hôte de périphérique UPnP, upnphost, "C:\Windows\system32\svchost.exe -k LocalService" {"C:\Windows\System32\upnphost.dll" [MS]} Isolation de clé CNG, KeyIso, "C:\Windows\system32\lsass.exe" [MS] Journal d’événements Windows, Eventlog, "C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted" {(missing data)} McAfee HackerWatch Service, McAfee HackerWatch Service, ""C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"" ["McAfee, Inc."] McAfee Network Agent, McNASvc, ""c:\program files\common files\mcafee\mna\mcnasvc.exe"" ["McAfee, Inc."] McAfee Personal Firewall Service, MpfService, ""C:\Program Files\McAfee\MPF\MPFSrv.exe"" ["McAfee, Inc."] McAfee Privacy Service, MPS9, "C:\PROGRA~1\McAfee\MPS\mps.exe" ["McAfee, Inc."] McAfee Protection Manager, mcpromgr, "C:\PROGRA~1\McAfee\MSC\mcpromgr.exe" ["McAfee, Inc."] McAfee Proxy Service, McProxy, "c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe" ["McAfee, Inc."] McAfee Real-time Scanner, McShield, "C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe" ["McAfee, Inc."] McAfee Redirector Service, McRedirector, "c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe" ["McAfee, Inc."] McAfee Scanner, McODS, "C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe" ["McAfee, Inc."] McAfee Services, mcmscsvc, "C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe" ["McAfee, Inc."] McAfee SpamKiller Service, MSK80Service, ""C:\Program Files\McAfee\MSK\MskSrver.exe"" ["McAfee Inc."] McAfee SystemGuards, McSysmon, "C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe" ["McAfee, Inc."] Protocole EAP (Extensible Authentication Protocol), EapHost, "C:\Windows\System32\svchost.exe -k netsvcs" {"C:\Windows\System32\eapsvc.dll" [MS]} Roxio Hard Drive Watcher 9, RoxWatch9, ""C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"" ["Sonic Solutions"] RoxMediaDB9, RoxMediaDB9, ""C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"" ["Sonic Solutions"] Service de configuration automatique WLAN, Wlansvc, "C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted" {"C:\Windows\System32\wlansvc.dll" [MS]} Service de découverte automatique de Proxy Web pour les services HTTP Windows, WinHttpAutoProxySvc, "C:\Windows\system32\svchost.exe -k LocalService" {"winhttp.dll" [MS]} Service de prise en charge Bluetooth, BthServ, "C:\Windows\system32\svchost.exe -k bthsvcs" {"C:\Windows\System32\bthserv.dll" [MS]} Service Interface du magasin réseau, nsi, "C:\Windows\system32\svchost.exe -k LocalService" {(missing data)} Service Messenger Sharing Folders USN Journal Reader, usnjsvc, ""C:\Program Files\MSN Messenger\usnsvc.exe"" [MS] Service Partage réseau du Lecteur Windows Media, WMPNetworkSvc, ""C:\Program Files\Windows Media Player\wmpnetwk.exe"" [MS] SigmaTel Audio Service, STacSV, "C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe" ["SigmaTel, Inc."] TuneUp Extension de thème, UxTuneUp, "C:\Windows\System32\svchost.exe -k netsvcs" {"C:\Windows\System32\uxtuneup.dll" ["TuneUp Software GmbH"]} Windows Driver Foundation - Infrastructure de pilote mode-utilisateur, wudfsvc, "C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted" {"C:\Windows\System32\WUDFSvc.dll" [MS]} XAudioService, XAudioService, "C:\Windows\system32\DRIVERS\xaudio.exe" ["Conexant Systems, Inc."] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ LIDIL hpzlllhn\Driver = "hpzlllhn.dll" ["Hewlett-Packard Company"] Send To Microsoft OneNote Monitor\Driver = "msonpmon.dll" [MS] ---------- <<!>>: Suspicious data at a malware launch point. <<H>>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 105 seconds. ---------- (total run time: 168 seconds) salutations

Re, voila le rapport avec blacklight : 07/04/07 21:38:32 [info]: BlackLight Engine 1.0.64 initialized 07/04/07 21:38:32 [info]: OS: 6.0 build 6000 () 07/04/07 21:38:33 [Note]: 7019 4 07/04/07 21:38:33 [Note]: 7005 0 07/04/07 21:38:35 [Note]: 7006 0 07/04/07 21:38:35 [Note]: 7027 0 07/04/07 21:38:36 [Note]: 7026 0 07/04/07 21:38:36 [Note]: 7026 0 07/04/07 21:38:41 [Note]: FSRAW library version 1.7.1022 07/04/07 21:41:52 [Note]: 7007 0 apparemment il n'a rien trouvé!! salutations

Re, en réalisant le scan avec gmer, mon ordi portable s'est planté : une sorte de "freeze" rien ne voulais marché et j'ai du l'arrêter électriquement . j'ai ressayé une deuxième fois mais j'ai eu le meme probléme et j'ai été obliger d'arrêter l'ordi électriquement. j'ai remarqué que mon ordi se plantait lorsque gmer arriver à \ctfs ou un truc de ce genre. j'espère que se n'est pas quelque chose de grave. merci

bonjour, j'ai effectué ce que tu m'a dit sauf qu'il m'a affiché un message comme quoi ma version de windows n'est pas supporter. et puis il s'est arrêté sans rien faire. salutations, merci

re, A la fin du scan j'ai trouvé 2 fichiers txt ouvert les voila : Deckard's System Scanner v20070611.50 Run by kenpachi on 2007-07-03 at 21:56:21 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 19: 2007-07-03 18:38:36 UTC - RP70 - Removed Ad-Aware 2007 18: 2007-07-03 17:48:48 UTC - RP67 - Installed Ad-Aware 2007 17: 2007-07-03 17:40:18 UTC - RP66 - Removed Ad-Aware 2007 16: 2007-07-03 16:58:10 UTC - RP65 - Installed Ad-Aware 2007 15: 2007-06-28 17:41:47 UTC - RP64 - Windows Update -- First Restore Point -- 1: 2007-06-22 22:17:41 UTC - RP50 - Point de contrôle planifié Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of HijackThis v1.99.1 Scan saved at 2007-07-03 21:58:48 Platform: Windows Vista (6.00.6000) MSIE: Internet Explorer (7.00.6000.16386) Running processes: C:\Windows\System32\dwm.exe C:\Windows\System32\taskeng.exe C:\Windows\explorer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Windows\System32\ico.exe C:\Windows\sttray.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\McAfee\MSK\mskagent.exe C:\Windows\System32\pmxmiced.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Users\kenpachi\Desktop\dss.exe C:\Windows\System32\conime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptcl.dll O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/9/b...heckControl.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - "C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe" O23 - Service: GoogleDesktopManager - Google - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" O23 - Service: RoxMediaDB9 - Sonic Solutions - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe" O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe O23 - Service: stllssvr - MicroVision Development, Inc. - "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys S3 driverhardwarev2 - \??\c:\program files\hardwaredetection\driverhardwarev2.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio> S3 bepldr (BCL easyPDF SDK 5 Loader) - "c:\program files\common files\bcl technologies\easypdf 5\bepldr.exe" <Not Verified; ; bepldr Module> S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler> -- Scheduled Tasks ------------------------------------------------------------- 2007-07-01 01:00:02 370 --a------ C:\Windows\Tasks\McQcTask.job 2007-06-15 01:00:03 380 --a------ C:\Windows\Tasks\McDefragTask.job -- Files created between 2007-06-03 and 2007-07-03 ----------------------------- 2007-07-03 00:02:52 0 d-------- C:\Users\All Users\Grisoft 2007-06-26 17:26:08 0 dr------- C:\Users\Invité\Searches 2007-06-26 17:25:36 0 dr------- C:\Users\Invité\Contacts 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Voisinage réseau 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Voisinage d'impression 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\SendTo 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Recent 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Modèles 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Mes documents 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Menu Démarrer 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Local Settings 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Cookies 2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Application Data 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Videos 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Saved Games 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Pictures 2007-06-26 17:25:10 786432 --ahs---- C:\Users\Invité\NTUSER.DAT 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Music 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Links 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Favorites 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Downloads 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Documents 2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Desktop 2007-06-26 17:25:10 0 d--h----- C:\Users\Invité\AppData 2007-06-25 23:43:18 0 d-------- C:\Program Files\Common Files\BCL Technologies 2007-06-25 23:42:55 0 d-------- C:\Users\All Users\Nitro PDF 2007-06-25 23:42:55 0 d-------- C:\Program Files\Nitro PDF 2007-06-25 23:11:29 0 d-------- C:\Program Files\Xi 2007-06-24 18:27:45 0 d-------- C:\Program Files\HardwareDetection 2007-06-24 01:21:57 676224 --a------ C:\Windows\system32\ogacheckcontrol.dll 2007-06-18 20:15:43 0 d-------- C:\Windows\BDOSCAN8 2007-06-18 01:11:07 0 d-------- C:\Windows\system32\Kaspersky Lab 2007-06-17 22:48:21 0 d-------- C:\Users\All Users\FLEXnet 2007-06-17 22:36:00 0 d-------- C:\Users\All Users\Adobe 2007-06-17 22:36:00 0 d-------- C:\Program Files\Common Files\Adobe 2007-06-16 23:08:36 0 d-------- C:\Users\All Users\eMule 2007-06-16 23:06:41 0 d-------- C:\Program Files\eMule 2007-06-16 19:08:24 0 d-------- C:\Program Files\Shareaza 2007-06-15 00:29:46 0 d-------- C:\Program Files\Yamicsoft 2007-06-14 20:59:53 0 d-------- C:\Program Files\Lavalys 2007-06-13 21:52:25 0 d-------- C:\Windows\system32\directx 2007-06-11 21:38:59 0 d-------- C:\Program Files\TuneUp Utilities 2007 2007-06-11 21:36:47 0 d-------- C:\Users\All Users\TuneUp Software 2007-06-11 21:36:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-06-11 20:57:21 0 d-------- C:\Users\All Users\Messenger Plus! 2007-06-11 20:55:59 0 d-------- C:\Program Files\Windows Live 2007-06-11 20:55:58 0 d-------- C:\Program Files\Messenger Plus! Live 2007-06-11 00:34:40 0 d-------- C:\Program Files\MSECache 2007-06-11 00:16:19 0 d-------- C:\Program Files\Microsoft Works 2007-06-11 00:15:08 0 d-------- C:\Program Files\Microsoft.NET 2007-06-11 00:12:47 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2007-06-11 00:11:12 0 d-------- C:\Users\All Users\Microsoft Help 2007-06-11 00:10:01 0 dr-h----- C:\MSOCache 2007-06-10 02:12:53 0 d-------- C:\Program Files\Internet Download Manager 2007-06-09 13:57:00 0 d-------- C:\Program Files\Winamp 2007-06-09 13:11:06 0 d-------- C:\Program Files\Pando Networks 2007-06-09 11:52:13 0 d-------- C:\Program Files\7-Zip 2007-06-08 23:00:52 0 d-------- C:\Program Files\Opera 2007-06-08 22:15:53 0 d-------- C:\Users\All Users\Apple Computer 2007-06-08 22:15:40 217088 --a------ C:\Windows\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec> 2007-06-08 22:15:39 180224 --a------ C:\Windows\system32\xvidvfw.dll 2007-06-08 22:15:39 593920 --a------ C:\Windows\system32\xvidcore.dll 2007-06-08 22:15:39 3596288 --a------ C:\Windows\system32\qt-dx331.dll 2007-06-08 22:15:39 73728 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2007-06-08 22:15:39 740442 --a------ C:\Windows\system32\divx.dll <Not Verified; DivX, Inc.; DivX®> 2007-06-08 22:15:38 10752 --a------ C:\Windows\system32\ff_vfw.dll 2007-06-08 22:15:36 0 d-------- C:\Users\All Users\Real 2007-06-08 22:15:36 0 d-------- C:\Program Files\K-Lite Codec Pack 2007-06-08 20:09:12 0 d-------- C:\Windows\PCHEALTH 2007-06-08 20:09:12 0 d-------- C:\Program Files\MSN Messenger 2007-06-08 19:45:04 0 d-------- C:\Program Files\uTorrent 2007-06-07 23:25:16 0 d-------- C:\ATI 2007-06-07 22:46:57 0 --a------ C:\Windows\nsreg.dat 2007-06-07 21:25:45 0 d-------- C:\Windows\system32\DLA 2007-06-07 20:43:32 0 d-------- C:\Users\kenpachi\Bluetooth Software 2007-06-07 20:42:11 0 dr------- C:\Users\kenpachi\Searches 2007-06-07 20:41:46 0 dr------- C:\Users\kenpachi\Contacts 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Voisinage réseau 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Voisinage d'impression 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\SendTo 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Recent 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Modèles 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Mes documents 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Menu Démarrer 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Local Settings 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Cookies 2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Application Data 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Videos 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Saved Games 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Pictures 2007-06-07 20:40:39 2621440 --ahs---- C:\Users\kenpachi\NTUSER.DAT 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Music 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Links 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Favorites 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Downloads 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Documents 2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Desktop 2007-06-07 20:40:39 0 d--h----- C:\Users\kenpachi\AppData 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Voisinage réseau 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Voisinage d'impression 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\SendTo 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Recent 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Modèles 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Mes documents 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Menu Démarrer 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Local Settings 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Cookies 2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Application Data 2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Modèles 2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Menu Démarrer 2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Favoris 2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Documents 2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Bureau 2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Application Data 2007-06-07 20:32:15 0 d--hs---- C:\Program Files\Fichiers communs 2007-06-07 20:32:15 0 d--hs---- C:\Documents and Settings 2007-06-04 22:02:45 0 d-------- C:\Program Files\Synaptics 2007-06-04 22:00:51 0 d-------- C:\Windows\Users 2007-06-04 21:57:19 0 d-------- C:\doctemp 2007-06-04 21:55:42 0 d-------- C:\Windows\system32\oem 2007-06-04 21:55:42 0 d-------- C:\Drivers 2007-06-04 21:55:42 0 d-------- C:\DELL 2007-06-04 14:36:48 0 d-------- C:\Users\All Users\Dell 2007-06-04 14:36:48 0 d-------- C:\Users\All Users\CyberLink 2007-06-04 14:36:48 0 d-------- C:\MDT 2007-06-04 14:36:42 44544 --a------ C:\Windows\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1> 2007-06-04 14:36:23 0 d-------- C:\Program Files\CyberLink 2007-06-04 14:36:15 0 d-------- C:\Users\All Users\Google 2007-06-04 14:35:55 0 d-------- C:\Program Files\Google 2007-06-04 14:35:54 0 d-------- C:\Program Files\BAE 2007-06-04 14:35:32 0 d-------- C:\Users\All Users\Gtek 2007-06-04 14:35:32 0 d-------- C:\Program Files\DellSupport 2007-06-04 14:33:32 143360 --a------ C:\Windows\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL> 2007-06-04 14:32:22 0 d-------- C:\Program Files\McAfee.com 2007-06-04 14:32:21 0 d-------- C:\Program Files\Common Files\McAfee 2007-06-04 14:32:19 0 d-------- C:\Program Files\McAfee 2007-06-04 14:32:17 0 d-------- C:\Users\All Users\McAfee 2007-06-04 14:30:54 0 d-------- C:\Users\All Users\Roxio 2007-06-04 14:29:07 0 d-------- C:\Program Files\Common Files\SureThing Shared 2007-06-04 14:29:03 0 d-------- C:\Users\All Users\InstallShield 2007-06-04 14:29:02 0 d-------- C:\Program Files\Roxio 2007-06-04 14:28:49 0 d-------- C:\Users\All Users\Sonic 2007-06-04 14:28:44 0 d-------- C:\Program Files\Common Files\Sonic Shared 2007-06-04 14:28:09 0 d-------- C:\Program Files\Common Files\Roxio Shared 2007-06-04 14:26:07 1458176 --a------ C:\Windows\system32\stlang.dll <Not Verified; SigmaTel, Inc.; C-Major Audio> 2007-06-04 14:26:07 90112 --a------ C:\Windows\system32\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio> 2007-06-04 14:26:07 303104 --a------ C:\Windows\sttray.exe <Not Verified; SigmaTel, Inc.; C-Major Audio> 2007-06-04 14:25:41 0 d-------- C:\Program Files\SigmaTel 2007-06-04 14:24:31 229376 --a------ C:\Windows\system32\BtwRSupport.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 6.0.1.3100> 2007-06-04 14:24:02 0 d-------- C:\Windows\system32\es-MX 2007-06-04 14:24:02 0 d-------- C:\Windows\system32\es-AR 2007-06-04 14:24:01 0 d-------- C:\Program Files\WIDCOMM 2007-06-04 14:22:24 274432 --a------ C:\Windows\system32\pmxutil.dll <Not Verified; Primax Electronics Ltd.; Mouse Suite 98> 2007-06-04 14:22:24 131072 --a------ C:\Windows\system32\pmxscrll.dll <Not Verified; Primax Electronics Ltd.; MouseSuite 98> 2007-06-04 14:22:24 126976 --a------ C:\Windows\system32\pmxmiced.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98> 2007-06-04 14:22:24 65536 --a------ C:\Windows\system32\pmxhooks.dll <Not Verified; Primax Electronics Ltd.; Mouse Suite 98> 2007-06-04 14:22:23 28672 --a------ C:\Windows\system32\UnInst.exe <Not Verified; Primax Electronics Ltd.; primax UnInst> 2007-06-04 14:22:23 49152 --a------ C:\Windows\system32\pmxcomm.dll <Not Verified; Primax Electronics Ltd.; Mouse Suite 98> 2007-06-04 14:22:23 94208 --a------ C:\Windows\system32\Pelzoom.dll <Not Verified; Primax Electronics Ltd.; Primax Mouse> 2007-06-04 14:22:23 40960 --a------ C:\Windows\system32\LaunHelp.exe <Not Verified; Primax Electronics Ltd.; primax LaunHelp> 2007-06-04 14:22:23 49152 --a------ C:\Windows\system32\ico.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98> 2007-06-04 14:22:23 303104 --a------ C:\Windows\system32\FontZoom.exe <Not Verified; ; SkinDialog_Demo Application> 2007-06-04 14:22:21 2285568 --a------ C:\Windows\system32\DellPM.exe <Not Verified; Primax Electronics Ltd.; MouseSuite> 2007-06-04 14:22:21 143360 --a------ C:\Windows\system32\ApSwitch.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98> 2007-06-04 14:22:21 0 d-------- C:\Program Files\Dell 2007-06-04 14:21:42 0 d-------- C:\Program Files\Digital Line Detect 2007-06-04 14:21:34 0 d-------- C:\Windows\java 2007-06-04 14:21:33 0 d-------- C:\Program Files\Common Files\InstallShield 2007-06-04 14:20:44 0 d-------- C:\Program Files\Modem Diagnostic Tool 2007-06-04 14:19:44 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-06-04 14:19:19 0 d-------- C:\Program Files\NetWaiting 2007-06-04 14:18:55 0 d-------- C:\Program Files\ATI Technologies 2007-06-04 14:18:43 0 d-------- C:\Program Files\Java 2007-06-04 14:18:43 0 d-------- C:\Program Files\Common Files\Java 2007-06-04 14:18:37 0 d-------- C:\Windows\system32\Macromed 2007-06-04 14:18:30 0 d-------- C:\Program Files\MSXML 4.0 2007-06-04 14:18:12 0 d--hs---- C:\Windows\Installer 2007-06-04 14:08:56 12 --a------ C:\Windows\bthservsdp.dat 2007-06-04 14:08:46 0 d-------- C:\Windows\SoftwareDistribution 2007-06-04 14:08:03 0 d-------- C:\Program Files\CONEXANT 2007-06-04 14:06:45 0 d--hs---- C:\System Volume Information -- Find3M Report --------------------------------------------------------------- 2007-07-03 19:26:07 0 d-------- C:\Users\kenpachi\AppData\Roaming\DMCache 2007-07-03 01:59:43 0 d-------- C:\Users\kenpachi\AppData\Roaming\uTorrent 2007-07-01 18:16:40 0 d-------- C:\Users\kenpachi\AppData\Roaming\IDM 2007-06-25 23:45:19 0 d-------- C:\Users\kenpachi\AppData\Roaming\Nitro PDF 2007-06-25 23:11:50 0 d-------- C:\Users\kenpachi\AppData\Roaming\Xi 2007-06-18 00:56:44 690832 --a------ C:\Windows\system32\perfh00C.dat 2007-06-18 00:56:44 117572 --a------ C:\Windows\system32\perfc00C.dat 2007-06-17 23:27:38 0 d-------- C:\Users\kenpachi\AppData\Roaming\Adobe 2007-06-16 19:08:24 0 d-------- C:\Users\kenpachi\AppData\Roaming\Shareaza 2007-06-13 19:20:01 0 d-------- C:\Program Files\Windows Mail 2007-06-13 18:47:56 0 d-------- C:\Users\kenpachi\AppData\Roaming\Roxio 2007-06-11 21:38:59 0 d-------- C:\Users\kenpachi\AppData\Roaming\TuneUp Software 2007-06-11 19:02:34 0 d-------- C:\Users\kenpachi\AppData\Roaming\AdobeUM 2007-06-11 00:16:09 0 d-------- C:\Program Files\MSBuild 2007-06-10 15:43:22 0 d-------- C:\Users\kenpachi\AppData\Roaming\McAfee 2007-06-09 14:00:06 0 d-------- C:\Users\kenpachi\AppData\Roaming\Winamp 2007-06-09 11:43:01 0 d-------- C:\Users\kenpachi\AppData\Roaming\WinRAR 2007-06-09 00:23:36 0 d-------- C:\Users\kenpachi\AppData\Roaming\Media Player Classic 2007-06-08 23:12:23 0 d-------- C:\Users\kenpachi\AppData\Roaming\Real 2007-06-08 23:01:04 0 d-------- C:\Users\kenpachi\AppData\Roaming\Opera 2007-06-08 22:21:22 0 d-------- C:\Users\kenpachi\AppData\Roaming\Google 2007-06-07 23:17:11 0 d-------- C:\Users\kenpachi\AppData\Roaming\Talkback 2007-06-07 23:02:30 0 d-------- C:\Users\kenpachi\AppData\Roaming\Macromedia 2007-06-07 22:46:54 0 d-------- C:\Users\kenpachi\AppData\Roaming\Mozilla 2007-06-07 22:32:01 0 d-------- C:\Users\kenpachi\AppData\Roaming\CyberLink 2007-06-07 22:28:26 0 d-------- C:\Users\kenpachi\AppData\Roaming\Template 2007-06-07 22:28:25 0 --a------ C:\Users\kenpachi\AppData\Roaming\wklnhst.dat 2007-06-07 21:02:20 0 d-------- C:\Program Files\Windows Defender 2007-06-07 20:55:53 0 d-------- C:\Users\kenpachi\AppData\Roaming\GTek 2007-06-07 20:43:49 0 d-------- C:\Users\kenpachi\AppData\Roaming\ATI 2007-06-07 20:41:51 0 d-------- C:\Users\kenpachi\AppData\Roaming\Identities 2007-06-07 20:32:15 0 d-------- C:\Program Files\Windows NT -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {0055C089-8582-441B-A0BF-17B458C2A3A8} C:\Program Files\Internet Download Manager\IDMIECC.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} c:\Program Files\Java\jre1.6.0\bin\ssv.dll {7DB2D5A0-7241-4E79-B68D-6309F01C5231} c:\program files\mcafee\virusscan\scriptcl.dll {83B80A9C-D91A-4F22-8DCF-EA7204039F79} C:\Program Files\Xi\NetXfer\NXIEHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar2.dll {CA6319C0-31B7-401E-A518-A07C3DB8F777} C:\Program Files\BAE\BAE.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Windows Defender"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,57,69,\ "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "SunJavaUpdateSched"="\"c:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\"" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\"" "PMX Daemon"="ICO.EXE" "SigmatelSysTrayApp"="sttray.exe" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\"" "MskAgentexe"="C:\\Program Files\\McAfee\\MSK\\MskAgent.exe" "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "ECenter"="c:\\dell\\E-Center\\EULALauncher.exe" "PCMService"="\"C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe\"" "ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup" "GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "DellSupport"="\"C:\\Program Files\\DellSupport\\DSAgnt.exe\" /startup" "ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe" "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" @="" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=dword:00000002 "ConsentPromptBehaviorUser"=dword:00000001 "EnableInstallerDetection"=dword:00000001 "EnableLUA"=dword:00000001 "EnableSecureUIAPaths"=dword:00000001 "EnableVirtualization"=dword:00000001 "PromptOnSecureDesktop"=dword:00000001 "ValidateAdminCodeSignatures"=dword:00000000 "scforceoption"=dword:00000000 "FilterAdministratorToken"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard\ExceptionFormats] "CF_TEXT"=dword:00000001 "CF_BITMAP"=dword:00000002 "CF_OEMTEXT"=dword:00000007 "CF_DIB"=dword:00000008 "CF_PALETTE"=dword:00000009 "CF_UNICODETEXT"=dword:0000000d "CF_DIBV5"=dword:00000011 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="credssp.dll" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Notification Packages REG_MULTI_SZ scecli\ Security Packages REG_MULTI_SZ kerberosmsv1_0schannelwdigesttspkg\ Authentication Packages REG_MULTI_SZ msv1_0\ HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AppInfo HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\KeyIso HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\NTDS HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\ProfSvc HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sacsvr HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\SWPRV HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TabletInputService HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TBS HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TrustedInstaller HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7} HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="updateMgr" "hkey"="HKCU" "inimapping"="0" "YEAR"=dword:000007d7 "MONTH"=dword:00000006 "DAY"=dword:0000000b "HOUR"=dword:00000014 "MINUTE"=dword:00000035 "SECOND"=dword:0000001c [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ nsilltdsvcSSDPSRVupnphostSCardSvrw32timeEventSystemRemoteRegistryWinHttpAutoProxySvclanmanworkstationTBSSLUINotifyTHREADORDERfdrespubnetprofmfdphostwcncsvcQWAVEMcx2SvcWebClient\ LocalSystemNetworkRestricted REG_MULTI_SZ hidservUxSmsWdiSystemHostNetmantrkwksAudioEndpointBuilderWUDFSvcirmonsysmainIPBusEnumdot3svcPcaSvcEMDMgmtTabletInputServicewlansvcWPDBusEnum\ NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent\ LocalServiceNoNetwork REG_MULTI_SZ PLADPSBFEmpssvcehstart\ NetworkService REG_MULTI_SZ CryptSvcDHCPTermServiceKtmRmDNSCacheNapAgentnlasvcWinRMWECSVCTapisrv\ termsvcs REG_MULTI_SZ TermService\ WerSvcGroup REG_MULTI_SZ wersvc\ swprv REG_MULTI_SZ swprv\ LocalServiceNetworkRestricted REG_MULTI_SZ DHCPeventlogAudioSrvLmHostswscsvcp2pimsvcPNRPSvcp2psvcWPCSvcPnrpAutoReg\ rpcss REG_MULTI_SZ RpcSs\ regsvc REG_MULTI_SZ RemoteRegistry\ wcssvc REG_MULTI_SZ WcsPlugInService\ DcomLaunch REG_MULTI_SZ PlugPlayDcomLaunch\ wdisvc REG_MULTI_SZ WdiServiceHost\ sdrsvc REG_MULTI_SZ sdrsvc\ imgsvc REG_MULTI_SZ StiSvc\ secsvcs REG_MULTI_SZ WinDefend\ bthsvcs REG_MULTI_SZ BthServ\ hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs* AeLookupSvc UxTuneUp wercplsupport CertPropSvc SCPolicySvc gpsvc IKEEXT LogonHours PCAudit iphlpsvc AppInfo msiscsi MMCSS ProfSvc EapHost SessionEnv hkmsvc -- End of Deckard's System Scanner: finished at 2007-07-03 at 21:59:36 --------- et le deuxième : Deckard's System Scanner v20070611.50 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Édition Familiale Premium (build 6000) Architecture: X86; Language: French CPU 0: Intel® Core2 CPU T7200 @ 2.00GHz Percentage of Memory in Use: 42% Physical Memory (total/avail): 2045.82 MiB / 1177.66 MiB Pagefile Memory (total/avail): 4311.95 MiB / 3236.71 MiB Virtual Memory (total/avail): 2047.88 MiB / 1926.55 MiB C: is Fixed (NTFS) - 136.96 GiB total, 87.9 GiB free. D: is Fixed (NTFS) - 10 GiB total, 6.35 GiB free. E: is CDROM (No Media) F: is Fixed (FAT32) - 465.65 GiB total, 278.33 GiB free. -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FW: McAfee Personal Firewall v (McAfee) AV: McAfee VirusScan v (McAfee) AS: McAfee VirusScan v (McAfee) AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Disabled Outdated AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\kenpachi\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC-DE-KENPACHI ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\kenpachi LOCALAPPDATA=C:\Users\kenpachi\AppData\Local LOGONSERVER=\\PC-DE-KENPACHI NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\kenpachi\AppData\Local\Temp TMP=C:\Users\kenpachi\AppData\Local\Temp USERDOMAIN=PC-de-kenpachi USERNAME=kenpachi USERPROFILE=C:\Users\kenpachi windir=C:\Windows -- User Profiles --------------------------------------------------------------- kenpachi Invité (new local, guest, net ready) -- Add/Remove Programs --------------------------------------------------------- --> MsiExec.exe /I{152CF1AF-139A-44D0-8AB1-F1721083E4E7} --> MsiExec.exe /I{7EB5D4F6-B411-4765-80A6-F9B8EB5804CF} 7-Zip 4.47 beta --> "C:\Program Files\7-Zip\Uninstall.exe" Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe Assistant Personnalisation du systéme Dell --> MsiExec.exe /I{9954484F-6EE4-4040-94E3-4B380646F867} ATI Catalyst Control Center Ex --> MsiExec.exe /I{493BAF04-DA99-9257-B343-E17BB5E687A3} µTorrent --> "C:\Program Files\uTorrent\uninstall.exe" Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 --> MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE} Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly eMule --> "C:\Program Files\eMule\Uninstall.exe" EVEREST Ultimate Edition v4.00 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" Guide de l'utilisateur --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe" HijackThis 1.99.1 --> C:\Users\kenpachi\AppData\Local\Temp\Rar$EX00.197\HijackThis.exe /uninstall Internet Download Manager --> C:\Program Files\Internet Download Manager\Uninstall.exe Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} K-Lite Mega Codec Pack 2.1.5 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe" Ma-Config.com --> "C:\Program Files\HardwareDetection\Uninstall.exe" "C:\Program Files\HardwareDetection\install.log" -u Macro complémentaire Microsoft Office PowerPoint --> MsiExec.exe /I{A3B1D3CE-1B63-42AC-B0B8-2703141578EE} McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe MediaDirect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x40c -cluninstall Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007 --> MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007 --> MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office Outlook SMS Add-in --> MsiExec.exe /I{FD5C399F-2D43-4EC5-AAF7-D600041EF25C} Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Mouse Suite for Laptop Computers --> C:\Program Files\InstallShield Installation Information\{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}\setup.exe -runfromtemp -l0x040c -removeonly Mozilla Firefox (2.0.0.4) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly NetXfer 2.42.366 --> "C:\Program Files\Xi\NetXfer\unins000.exe" Nitro PDF Professional --> MsiExec.exe /I{F0C2AD51-9F09-4B75-82EE-74DA80F708D8} Opera 9.21 --> MsiExec.exe /X{39619863-8A11-4B60-A166-E6747C986EBE} Outil de diagnostic de modem --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B} OutlookAddinSetup --> MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56} Pando --> MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1} QuickSet --> MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E} Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82} Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC} Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87} Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF} Roxio Drag-to-Disc --> MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668} Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB} Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Security Update for Excel 2007 (KB934670) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD098537-8857-4065-B4B6-AC023CB2C48E} Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33} Shareaza version 2.2.5.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe" SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B} Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7} Update for Office 2007 (KB933688) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6E692F1-63C2-4760-94C6-C689DCD053F1} Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5} Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15} Update for Outlook 2007 (KB933493) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {23F2FF76-ABCD-421D-9860-0D0B2999D028} Update for Outlook 2007 Junk Email Filter (KB934655) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7185592-E40D-476E-9BC4-38DF96EE176B} Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475} URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll" Vista Manager --> MsiExec.exe /I{4E79AC14-1F0A-4044-B069-126EDCD2308F} WIDCOMM Bluetooth Software 6.0.1.3100 --> MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2} Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7} Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -- End of Deckard's System Scanner: finished at 2007-07-03 at 21:59:36 --------- merci pour tous

Re, Apres que je poste le dernier rapport, je viens juste d'être envahi par une page du site fr.drivecleaner.com. je constate que l'icône java se trouve dans la barre de tache et que ces pubs ne ce lancent que lorsque cette petite icône de java est visible. j'ai effectué la manipulation que tu m'a indiqué mais cette fois ci sans passer par le mode sans échec et en renommant à dido. voila le rapport : Logfile of HijackThis v1.99.1 Scan saved at 20:07:12, on 03/07/2007 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Windows\System32\ico.exe C:\Windows\sttray.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\McAfee\MSK\mskagent.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\Pmxmiced.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Opera\Opera.exe C:\Users\kenpachi\Desktop\dido.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe mais je dois signaler que sans passer par le mode sans échec j'ai deux message d'avertissement comme quoi HijackThis n'a pas pu accéder à certaines choses ou un truc de ce genre. merci

Re, voila je me suis déconnecté du net, j'ai passé en mode sans échec et j'ai renommé "HijackThis" en "dido". le rapport généré dans le bureau est : Logfile of HijackThis v1.99.1 Scan saved at 19:30:15, on 03/07/2007 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\Windows\Explorer.EXE C:\Windows\helppane.exe C:\Users\kenpachi\Desktop\dido.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe merci

bonjour bruce lee, j'ai copier coller l'adresse que tu m'a donné et j'ai cherché dans le dossier Temp, mais je n'arrive pas à trouver le dossier Rar$EX00.401 qui contient HijackThis.exe. merci

Bonjour, Je ne me rappelle pas exactement, parce qu'à chaque fois lorsqu'ils s'affichaient en me demandant de cliquer sur oui, moi je cliquais rapidement sur annuler. Par contre, celui que je me rappelle de lui est le site systemedoctor.fr parce qu'il a apparu hier soir. Merci

bonsoir, j'ai appliqué ce que tu m'a indiqué. rapport vundofix : VundoFix V6.5.4 Checking Java version... Scan started at 23:45:27 01/07/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.4 Checking Java version... Scan started at 23:52:01 01/07/2007 Listing files found while scanning.... No infected files were found. Beginning removal... et le rapport hijackthis aprés execution de vundofix : Logfile of HijackThis v1.99.1 Scan saved at 23:59:25, on 01/07/2007 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\Windows\Explorer.EXE C:\Windows\helppane.exe C:\Program Files\WinRAR\WinRAR.exe C:\Users\kenpachi\AppData\Local\Temp\Rar$EX00.401\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe merci