joe65

et après analyse des clés je vous renvoi les rapports??? aussi autre question a chaque allumage de l ordi j ai un fichier desktop qui apparait il faut le laisser ou sinon comment faire pour s en débarrasser et puis est ce que je garde les logiciels rogue killer,adwcleaner,aswmbr,zhp?????

bonjour Pear ah le pc semble de nouveau se rediriger correctement pour l instant a voir sur quelques jours sinon j ai bien un antivirus "antivir version free" mais il était déconnecter pour l analyse combo dois je télécharger quand même microsoft security ???? et puis autre petite question lors de l analyse combo il fallait aussi connecter clé usb mais quand on en a plusieurs il faut refaire une analyse combo pour chaque clé???? merci

bonsoir ci joint rapport combo-fix ComboFix 12-03-11.01 - FRANCE 11/03/2012 21:49:11.1.2 - x86 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3069.2133 [GMT 1:00] Lancé depuis: c:\users\FRANCE\Downloads\ComboFix.exe AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\WinPCap c:\program files\WinPCap\INSTALL.LOG c:\program files\WinPCap\Uninstall.exe C:\Thumbs.db c:\windows\bcmCFAE.tmp c:\windows\bcmCFBF.tmp c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\drivers\npf.sys c:\windows\system32\Packet.dll c:\windows\system32\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_NPF . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-02-11 au 2012-03-11 )))))))))))))))))))))))))))))))))))) . . 2012-03-11 20:57 . 2012-03-11 20:57 -------- d-----w- c:\users\Invité\AppData\Local\temp 2012-03-11 20:57 . 2012-03-11 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-11 13:11 . 2012-03-11 13:11 -------- d-----w- c:\program files\EA GAMES 2012-03-04 12:09 . 2012-03-04 12:09 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-27 17:54 . 2012-02-27 17:54 -------- d--h--w- c:\windows\PIF 2012-02-26 20:54 . 2012-03-06 18:43 -------- d-----w- C:\ZHP 2012-02-26 20:54 . 2012-03-04 14:29 -------- d-----w- c:\program files\ZHPDiag 2012-02-20 18:29 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-20 18:08 . 2012-03-05 21:38 -------- d-----w- c:\program files\Enigma Software Group 2012-02-20 18:08 . 2012-02-20 22:17 -------- d-----w- C:\sh4ldr 2012-02-20 18:08 . 2012-02-20 22:17 -------- d-----w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP 2012-02-20 18:08 . 2012-02-20 18:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-02-17 15:51 . 2012-02-17 15:51 22 --s-a-w- c:\users\FRANCE\AppData\Roaming\Sys2662.Config.Repository.bin 2012-02-17 15:51 . 2012-02-17 15:52 -------- d-----w- c:\program files\jv16 PowerTools 2011 2012-02-16 18:55 . 2012-02-16 18:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-02-16 18:46 . 2012-02-16 18:46 -------- d-----w- c:\program files\Lavasoft 2012-02-15 21:33 . 2012-02-15 21:33 -------- d-----w- C:\MyHosts 2012-02-13 20:39 . 2012-02-13 20:39 -------- d-----w- c:\users\FRANCE\AppData\Local\Apple Computer 2012-02-12 22:39 . 2012-02-12 22:39 102400 --sha-r- c:\windows\system32\wuapiy.dll 2012-02-12 22:39 . 2012-02-12 22:39 102400 --sha-r- c:\windows\system32\resmons.dll 2012-02-12 17:22 . 2012-02-12 17:24 -------- d-----w- c:\users\FRANCE\AppData\Roaming\NCH Software 2012-02-12 17:17 . 2012-02-12 17:17 -------- d-----w- c:\users\FRANCE\AppData\Roaming\AVS4YOU 2012-02-12 17:13 . 2012-02-12 17:19 -------- d-----w- c:\program files\Common Files\AVSMedia 2012-02-12 17:13 . 2011-08-22 15:33 1700352 ----a-w- c:\windows\system32\GdiPlus.dll 2012-02-12 17:13 . 2011-08-22 15:32 24576 ----a-w- c:\windows\system32\msxml3a.dll 2012-02-12 17:13 . 2012-02-12 17:19 -------- d-----w- c:\program files\AVS4YOU 2012-02-12 16:43 . 2012-02-16 21:52 -------- d-----w- c:\users\FRANCE\AppData\Roaming\IrfanView . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-25 07:46 . 2011-05-21 13:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-26 23:21 . 2010-08-21 08:22 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-01-14 15:59 . 2010-07-09 12:38 431616 ----a-w- c:\windows\system32\drivers\stwrt.sys 2012-01-14 15:59 . 2012-01-14 16:01 531968 ------w- c:\windows\system32\stapi32.dll 2012-01-14 15:59 . 2012-01-14 16:01 495708 ----a-w- c:\windows\sttray.exe 2012-01-14 15:59 . 2012-01-14 16:01 380928 ----a-w- c:\windows\system32\aestecap.dll 2012-01-14 15:59 . 2012-01-14 16:01 1953792 ----a-w- c:\windows\system32\stlang.dll 2012-01-14 15:59 . 2012-01-14 16:01 12705884 ----a-w- c:\windows\system32\idtcpl.cpl 2012-01-14 15:59 . 2012-01-14 16:00 179712 ----a-w- c:\windows\system32\staco.dll 2012-01-14 15:59 . 2010-07-09 12:38 934912 ----a-w- c:\windows\system32\stapo.dll 2012-01-14 15:59 . 2010-07-09 12:38 405504 ----a-w- c:\windows\system32\stcplx.dll 2012-01-14 15:59 . 2012-01-14 16:01 86016 ----a-w- c:\windows\system32\AESTCom.dll 2012-01-14 15:59 . 2012-01-14 16:01 61440 ----a-w- c:\windows\system32\aestaren.dll 2012-01-14 15:59 . 2012-01-14 16:01 140288 ----a-w- c:\windows\system32\aestacap.dll 2012-01-06 04:19 . 2012-02-10 09:59 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{086CCFC7-99D8-400C-BDFA-DAFDD6C1F515}\mpengine.dll ERROR(0x00000005) 2012-01-06 04:19 . 2010-08-28 17:09 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2011-12-14 14:16 . 2010-08-28 20:25 639312 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll ERROR(0x00000005) . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2009-07-23 24848] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2012-01-14 495708] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\HEWLET~1\IAM\Bin\APSHook.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] 2010-08-17 12:38 281768 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2012-01-13 13:53 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR] 2009-07-30 11:28 354360 ----a-w- c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume "PDF Complete"=c:\program files\PDF Complete\pdfsty.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QlbCtrl.exe"=c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot "SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe "PlusService"=c:\program files\Yuna Software\Messenger Plus!\PlusService.exe "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "Eraser"="c:\progra~1\Eraser\Eraser.exe" --atRestart "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-09 135664] R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-09 135664] R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056] R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-18 14848] R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2008-10-06 15656] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1343400] S0 SafeBoot;SafeBoot; [x] S0 SbAlg;SbAlg; [x] S0 SbFsLock;SbFsLock; [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-06-21 691696] S1 RsvLock;RsvLock; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2012-01-14 81920] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 176128] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360] S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 ASChannel;Canal de communication local;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416] S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-01-19 2789160] S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992] S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-30 12:01 118656] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASBroker Bioscrypt REG_MULTI_SZ ASChannel GPSvcGroup REG_MULTI_SZ GPSvc yksvcs REG_MULTI_SZ yksvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-06-17 20:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' . 2012-03-11 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2010-12-28 22:31] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-09 22:47] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-09 22:47] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1777413024-377874922-3227030324-1001Core.job - c:\users\FRANCE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-20 17:50] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1777413024-377874922-3227030324-1001UA.job - c:\users\FRANCE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-20 17:50] . 2012-03-09 c:\windows\Tasks\hpwebreg_CN0851N2SM05HX.job - c:\program files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe [2010-11-16 19:16] . 2012-03-11 c:\windows\Tasks\Mdvvnlsd.job - c:\windows\system32\resmons.dll [2012-02-12 22:39] . 2012-03-11 c:\windows\Tasks\Nnbfo.job - c:\windows\system32\wuapiy.dll [2012-02-12 22:39] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.fr/ TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-Locked - (no file) WebBrowser-{343DB173-0E5A-4F2A-B7BB-71A49085D70E} - (no file) WebBrowser-{3D4D238C-9C48-47CD-A95C-53259ACF9E56} - (no file) WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file) MSConfigStartUp-bi0b1g5a - (no file) AddRemove-Online_Radio_1.1 Toolbar - c:\progra~1\ONLINE~1.1\UNWISE.EXE AddRemove-WinPcapInst - c:\program files\WinPcap\Uninstall.exe AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4} . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-1777413024-377874922-3227030324-1001\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles] @DACL=(02 0000) "CheckingForSolutionDialog"=hex(b):86,03,05,00,00,00,00,00 "FirstLevelConsentDialog"=hex(b):86,03,05,00,00,00,00,00 "RecoveryDialog"=hex(b):ba,09,16,00,00,00,00,00 "CloseDialog"=hex(b):2a,04,0b,00,00,00,00,00 "RestartDialog"=hex(b):ac,06,2d,00,00,00,00,00 "CollectingDataDialog"=hex(b):9a,07,05,00,00,00,00,00 "SecondLevelConsentDialog"=hex(b):c6,07,05,00,00,00,00,00 . [HKEY_LOCAL_MACHINE\software\Classes\CDEX.Autoplay.1\DefaultIcon\shell] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000001 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000001 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Answer] @DACL=(02 0000) "1"="ATA<cr>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Clients] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Fax] @DACL=(02 0000) "HardwareFlowControl"="1" "CL1FCS"="2" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Hangup] @DACL=(02 0000) "1"="ATHE1<cr>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Init] @DACL=(02 0000) "1"="AT<cr>" "2"="ATE0V1&D2&C1S0=0<cr>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Monitor] @DACL=(02 0000) "1"="ATS0=0<cr>" "2"="None" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\Settings] @DACL=(02 0000) "Prefix"="AT" "Terminator"="<cr>" "DialPrefix"="D" "DialSuffix"="" "Pulse"="P" "Tone"="T" "CallSetupFailTimer"="S7=<#>" "InactivityTimeout"="S30=<#>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\Answer] @DACL=(02 0000) "1"="ATA<cr>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\Clients] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\Hangup] @DACL=(02 0000) "1"="ATH E1<cr>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\Init] @DACL=(02 0000) "1"="AT<cr>" "2"="AT&FE0V1X1&D2&C1S0=0<cr>" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\Monitor] @DACL=(02 0000) "1"="ATS0=0<cr>" "2"="None" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\Settings] @DACL=(02 0000) "Prefix"="AT" "Terminator"="<cr>" "DialPrefix"="D" "DialSuffix"="" "Pulse"="P" "Tone"="T" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'Explorer.exe'(6052) c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\IDT\WDM\STacSV.exe c:\windows\system32\atieclxx.exe c:\windows\SYSTEM32\WISPTIS.EXE c:\windows\system32\rundll32.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\SYSTEM32\WISPTIS.EXE c:\program files\Common Files\microsoft shared\ink\TabTip.exe c:\windows\system32\WTablet\Pen_TabletUser.exe c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\conhost.exe c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Hewlett-Packard\Shared\hpqToaster.exe c:\program files\Hewlett-Packard\Shared\hpCaslNotification.exe c:\windows\system32\sppsvc.exe c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE c:\windows\ehome\ehRecvr.exe . ************************************************************************** . Heure de fin: 2012-03-11 22:06:47 - La machine a redémarré ComboFix-quarantined-files.txt 2012-03-11 21:06 . Avant-CF: 182 632 878 080 octets libres Après-CF: 181 766 447 104 octets libres . - - End Of File - - 136D25619A2C2ADCA1DCE91A5764647F

bonjour "pear" oups desolé oublie de ma part je refais RogueKiller V7.3.1 [10/03/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/47) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: FRANCE [Droits d'admin] Mode: Recherche -- Date: 11/03/2012 13:24:39 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 2 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ SSDT[84] : NtCreateSection @ 0x83642F8D -> HOOKED (Unknown @ 0x9ABF9BD6) SSDT[316] : NtSetContextThread @ 0x836FCDEF -> HOOKED (Unknown @ 0x9ABF9BDB) SSDT[370] : NtTerminateProcess @ 0x8367AA7D -> HOOKED (Unknown @ 0x9ABF9B77) S_SSDT[585] : Unknown -> HOOKED (Unknown @ 0x9ABF9BE0) S_SSDT[588] : Unknown -> HOOKED (Unknown @ 0x9ABF9BE5) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: ST9320423AS ATA Device +++++ --- User --- [MBR] d97325cedfb042aa1a5b843341234bfb [bSP] 105f9af342c35b20a8e8bbcce415437b : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1].txt >> RKreport[1].txt RogueKiller V7.3.1 [10/03/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/47) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: FRANCE [Droits d'admin] Mode: Suppression -- Date: 11/03/2012 13:32:40 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 2 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NOT SELECTED [HJ] HKLM\[...]\System : EnableLUA (0) -> NOT SELECTED ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ SSDT[84] : NtCreateSection @ 0x83642F8D -> HOOKED (Unknown @ 0x9ABF9BD6) SSDT[316] : NtSetContextThread @ 0x836FCDEF -> HOOKED (Unknown @ 0x9ABF9BDB) SSDT[370] : NtTerminateProcess @ 0x8367AA7D -> HOOKED (Unknown @ 0x9ABF9B77) S_SSDT[585] : Unknown -> HOOKED (Unknown @ 0x9ABF9BE0) S_SSDT[588] : Unknown -> HOOKED (Unknown @ 0x9ABF9BE5) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: ST9320423AS ATA Device +++++ --- User --- [MBR] d97325cedfb042aa1a5b843341234bfb [bSP] 105f9af342c35b20a8e8bbcce415437b : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt RogueKiller V7.3.1 [10/03/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/47) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: FRANCE [Droits d'admin] Mode: HOSTS RAZ -- Date: 11/03/2012 13:35:42 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ Nouveau fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[4].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt RogueKiller V7.3.1 [10/03/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/47) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: FRANCE [Droits d'admin] Mode: Raccourcis RAZ -- Date: 11/03/2012 13:38:40 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ ¤¤¤ Attributs de fichiers restaures: ¤¤¤ Bureau: Success 1 / Fail 0 Lancement rapide: Success 1 / Fail 0 Programmes: Success 0 / Fail 0 Menu demarrer: Success 0 / Fail 0 Dossier utilisateur: Success 367 / Fail 0 Mes documents: Success 0 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 48 / Fail 0 Sauvegarde: [NOT FOUND] Lecteurs: [C:] \Device\HarddiskVolume2 -- 0x3 --> Restored [E:] \Device\HarddiskVolume4 -- 0x3 --> Restored [F:] \Device\CdRom0 -- 0x5 --> Skipped ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[7].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt ; RKreport[7].txt nota dans la restauration des SSDT 2 lignes ne marche pas message :impossible de restaurer la shadow SSDT

apres rescan aswMBR touche fix grise mais fixMBR ok seulement j ai un message d avertissement me disant que ça ne peut pas etre bon pour la partition cela peut causer des problemespour finir etes vous sur de vouloir fixMBR on peut faire ok?????????????ça risque rien??

Bonjour ci joint le rapport asw aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software Run date: 2012-03-10 17:04:10 ----------------------------- 17:04:10.828 OS Version: Windows 6.1.7601 Service Pack 1 17:04:10.828 Number of processors: 2 586 0x602 17:04:10.828 ComputerName: JOUJOU UserName: FRANCE 17:04:13.703 Initialize success 17:04:32.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 17:04:32.919 Disk 0 Vendor: ST9320423AS 0006HPM1 Size: 305245MB BusType: 11 17:04:32.939 Disk 0 MBR read successfully 17:04:32.949 Disk 0 MBR scan 17:04:32.959 Disk 0 Windows VISTA default MBR code 17:04:32.979 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048 17:04:32.989 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287535 MB offset 616448 17:04:33.029 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589488128 17:04:33.059 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620945408 17:04:33.069 Disk 0 scanning sectors +625129472 17:04:33.139 Disk 0 scanning C:\windows\system32\drivers 17:04:46.289 Service scanning 17:04:58.126 Service SafeBoot C:\windows\System32\Drivers\SafeBoot.sys **LOCKED** 32 17:04:59.878 Service sptd C:\windows\System32\Drivers\sptd.sys **LOCKED** 32 17:05:05.290 Modules scanning 17:05:18.670 Disk 0 trace - called modules: 17:05:18.705 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x872461f8]<< 17:05:18.724 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x874c4030] 17:05:18.744 3 CLASSPNP.SYS[8c2e359e] -> nt!IofCallDriver -> [0x874c2b48] 17:05:18.763 5 hpdskflt.sys[8cdde090] -> nt!IofCallDriver -> [0x86538c10] 17:05:18.782 7 ACPI.sys[8c15a3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8747e908] 17:05:18.802 \Driver\atapi[0x87317c60] -> IRP_MJ_CREATE -> 0x872461f8 17:05:18.821 Scan finished successfully 17:06:02.168 Disk 0 MBR has been saved successfully to "C:\Users\FRANCE\Desktop\MBR.dat" 17:06:02.189 The log file has been saved successfully to "C:\Users\FRANCE\Desktop\aswMBR.txt"

bonjour Help le probleme n est pas resolu ça recommence redirection et pub intempestives il y a t il vraiment une solution ????? merci

bonjour tout le monde je pense avoir ete oublie mon post Joe65 redirection google-forum zebulon je ne suis pas sur que mon pc soit clean dans l attente d une d une reponse je vous remercie d avance

je fais quoi maintenant????? merci

bonjour bien j ai lance le nettoyage quand meme ci joint le rapport Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-3-6-2012-7-43-14 PM.txt Run by FRANCE at 3/6/2012 7:43:14 PM Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Logiciel(s) ========== ABSENT Software Key: {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 ABSENT Software Key: Messenger_Plus_FR Toolbar ========== Clé(s) du Registre ========== ABSENT Key: HKCU\Software\PopCap ABSENT Key: HKCU\Software\Totem ABSENT Key: HKLM\Software\Mircrosoft ABSENT Key: HKLM\Software\Trymedia Systems ABSENT Key: HKLM\Software\Classes\escort.escrtBtn.1 ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0} ABSENT Key: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} ABSENT Key: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} ABSENT Key: Service: SBSDWSCService ABSENT Key: HKCU\Software\Boonty ABSENT Key: HKLM\Software\Boonty ABSENT Key: Service: Boonty Games ABSENT Key: HKCU\Software\AppDataLow\Software\Messenger_Plus_FR ABSENT Key: HKCU\Software\AppDataLow\Software\Online_Radio_1.1 ABSENT Key: HKLM\Software\Messenger_Plus_FR ABSENT Key: HKLM\Software\Online_Radio_1.1 ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3d4d238c-9c48-47cd-a95c-53259acf9e56} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3d4d238c-9c48-47cd-a95c-53259acf9e56} ABSENT Key: HKLM\Software\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Messenger_Plus_FR Toolbar ========== Valeur(s) du Registre ========== ABSENT {6C5D4E6B-8829-4113-8866-5C974B749A52} ABSENT {62A27FFD-E772-452E-B3BB-BC776DCC9ED9} ABSENT TCP Query User{AB4DC2DA-EFF6-44AA-BD0F-71A60700EC9C}C:/program files/imesh applications/imesh/imesh.exe ABSENT UDP Query User{E43E06D8-7128-4856-AAD5-8AD710075B99}C:/program files/imesh applications/imesh/imesh.exe ABSENT TCP Query User{581997FD-886E-4CB7-8178-ED3ED7A5DA75}C:/users/france/appdata/local/mediaget2/mediaget.exe ABSENT UDP Query User{FE11A58D-E104-4779-8D9F-2ECF01347A5C}C:/users/france/appdata/local/mediaget2/mediaget.exe ABSENT {1C992A64-B365-4418-9F71-30E4FF902E62} ABSENT {D2FD95EB-6C48-431C-B1C0-C55214F7D5FC} ABSENT {24C43582-C7C3-4DCC-82EF-43686CE4C873} ABSENT {69299D08-D817-4AA1-B9A8-FBB1B34EC9ED} ABSENT {36EB63D7-8659-4247-8FD5-4A5DFC2D2A14} ABSENT {D94334B4-4AF8-437A-81C7-5F331CB27111} ABSENT {895AB023-324D-4DA3-9C04-B6A746159CC4} ABSENT {ADE53C7D-02F8-447E-914D-73B1E829A73B} ABSENT {3BA8185F-2B09-48AA-9618-FBDF43295E62} ABSENT {F3DCD54F-E33E-4706-93D8-BA2B2DDC62BE} ABSENT {7503AB1C-11D7-443B-84AC-D01E072ADAE3} ABSENT {98A99D75-9B68-4473-9FE1-4A53D4ABEFF6} ABSENT URLSearchHook: {343db173-0e5a-4f2a-b7bb-71a49085d70e} ABSENT URLSearchHook: {3d4d238c-9c48-47cd-a95c-53259acf9e56} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : SUPPRIME FirewallRaz (Domain) : NetPres-In-TCP-NoScope SUPPRIME FirewallRaz (Domain) : NetPres-Out-TCP-NoScope SUPPRIME FirewallRaz (None) : NetPres-WSD-In-UDP SUPPRIME FirewallRaz (None) : NetPres-WSD-Out-UDP SUPPRIME FirewallRaz (Public) : NetPres-In-TCP SUPPRIME FirewallRaz (Public) : NetPres-Out-TCP SUPPRIME FirewallRaz (Public) : {D7894393-9DE6-459A-8D51-A1589615551A} SUPPRIME FirewallRaz (Public) : {3DBAE30B-D196-45EC-9A8A-46C481F416D4} SUPPRIME FirewallRaz (Private) : {0B06C52B-8E48-4271-968E-E36FC7961024} SUPPRIME FirewallRaz (Private) : {8E0839D3-B1DB-48E9-AB38-70CB368EA130} SUPPRIME FirewallRaz (Private) : {63210FE6-0A86-4515-B12E-1AA8B59B2392} SUPPRIME FirewallRaz (Private) : {16BD21D2-D02E-442B-A50D-65FB87840DCF} SUPPRIME FirewallRaz (Private) : {3D42B857-C4D0-4D67-8E07-B99B19FB6FEA} SUPPRIME FirewallRaz (Private) : {180AB897-932D-4779-8A28-14BA780F5660} SUPPRIME FirewallRaz (Private) : {5933B27C-FA10-450C-820F-A7C7E8B28A95} SUPPRIME FirewallRaz (Private) : {826ACE80-B62B-446D-B6FB-754803CC576B} SUPPRIME FirewallRaz (Private) : TCP Query User{FBA4D3DE-D0A0-4B43-BAB2-8F66BD58877D}C:\program files\java\jre6\bin\java.exe SUPPRIME FirewallRaz (Private) : UDP Query User{29BA726B-3327-4874-90BA-CEDF03D7D982}C:\program files\java\jre6\bin\java.exe SUPPRIME FirewallRaz (None) : {214C1D81-DFED-4B38-96F3-E58CA648424F} SUPPRIME FirewallRaz (Private) : TCP Query User{2350FCFA-CC32-4D32-9B04-2199C103B634}C:\program files\oovoo\oovoo.exe SUPPRIME FirewallRaz (Private) : UDP Query User{07167A42-80B9-4210-944B-937EF464F48A}C:\program files\oovoo\oovoo.exe SUPPRIME FirewallRaz (Public) : TCP Query User{D3CA834A-7D64-45D5-B183-B30FA7800294}C:\program files\oovoo\oovoo.exe SUPPRIME FirewallRaz (Public) : UDP Query User{B0D2D6E4-923B-4FAD-8D6C-BAD97A1E1333}C:\program files\oovoo\oovoo.exe SUPPRIME FirewallRaz (None) : {92A2AA03-FB11-44A3-A221-507081DB2894} SUPPRIME FirewallRaz (None) : {06B6A6B3-50A1-4FDD-A63A-D57FB4F05236} SUPPRIME FirewallRaz (None) : {C34DF4CF-944C-4AB1-8397-E47D92FC4E73} SUPPRIME FirewallRaz (None) : {8693AC09-0755-47FC-8046-F833FFBED10D} ========== Elément(s) de donnée du Registre ========== SUPPRIME AppInit: \Program Files\wia6eb~1\datamngr\datamngr.dll ========== Dossier(s) ========== ABSENT C:\ProgramData\Trymedia ABSENT C:\Users\FRANCE\AppData\Local\vghd ABSENT C:\Program Files\BoontyGames ABSENT C:\Program Files\Spybot - Search & Destroy ABSENT C:\Program Files\Common Files\BOONTY Shared ABSENT C:\ProgramData\BOONTY ABSENT C:\ProgramData\Spybot - Search & Destroy ABSENT C:\Program Files\Messenger_Plus_FR ABSENT C:\Program Files\Online_Radio_1.1 SUPPRIME Flash Cookies: 1 SUPPRIME Temporaires Windows: : 78 ========== Fichier(s) ========== ABSENT File: \program files\wia6eb~1\datamngr\datamngr.dll ABSENT Folder/File: c:\program files\enigma software group\spyhunter => infection fakealert (crapware.spyhunter) ABSENT Folder/File: c:\programdata\trymedia => infection bt (adware.trymedia) ABSENT Folder/File: c:\users\france\appdata\local\vghd => infection diverse (adware.virtualgirl) ABSENT File: c:\users\france\desktop\aller sur msn.fr.lnk ABSENT File: c:\program files\spybot - search & destroy\sdwinsec.exe ABSENT File: c:\immudebug.log ABSENT File: c:\program files\common files\boonty shared\service\boonty.exe ABSENT File: c:\program files\online_radio_1.1\tbonli.dll ABSENT File: c:\program files\messenger_plus_fr\prxtbmess.dll ABSENT Folder/File: c:\program files\online_radio_1.1 => toolbar.conduit ABSENT Folder/File: c:\users\france\appdata\locallow\online_radio_1.1 => toolbar.conduit SUPPRIME Flash Cookies: 0 SUPPRIME Temporaires Windows: : 16 ========== Tache planifiée ========== ABSENT Task: Ad-Aware Update (Weekly) ABSENT Task: {7B2DABF5-C656-4F5F-8128-F19A115FBA9A} ABSENT Task: {8C6D14DA-E5B9-4D95-A0E5-D43E3E6FC370} ABSENT Task: {A95E810C-FA46-47F7-ADD3-3DE2C333DF88} ABSENT Task: {B58D2B7C-9E77-4FDD-8AEA-0EFD1E2ECC90} ABSENT Task: {FD24E1BE-9FE8-4F32-9C71-505867A729C5} ========== Récapitulatif ========== 26 : Clé(s) du Registre 49 : Valeur(s) du Registre 1 : Elément(s) de donnée du Registre 11 : Dossier(s) 14 : Fichier(s) 2 : Logiciel(s) 6 : Tache planifiée End of clean in 10mn AMs ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 3/6/2012 7:43:14 PM [8133]

bonjour c est ok pour mbam mais maintenant j ai un autre problème documents and setting est bloqué par une icône de raccourci me disant que je n ai pas les autorisations requises pour accéder a ce dossier ainsi que d autres dossiers ma musique mes images etc. que puis-je faire ? je comprend plus rien alors qu il n y a pas longtemps j y avait accès nota je suis en compte administrateur bon j ai commencé la procédure mais a la fin j ai ce message uninstall applicatio you have chosen to uninstall please help use improve our products by telling us why you chose to uninstall our product.your feedback is completely anonymous and will be kept strictly cofidential I want to uninstall because: I am just unhappy user I want to undo changes spybot et tout d autres dialogue puis a la fin ; cancel /just uninstall/submit&uninstall donc on fait quoi ? merci

ok merci DYLAV et desolé je ne savais pas pour le post et maintenant quelle est la procédure a suivre ? merci

bonjour ci joint le rapport adwcleaner,puis leZHP # AdwCleaner v1.500 - Rapport créé le 04/03/2012 à 15:23:16 # Mis à jour le 23/02/2012 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits) # Nom d'utilisateur : FRANCE - JOUJOU # Exécuté depuis : C:\Users\FRANCE\Desktop\adwcleaner.exe # Option [Recherche] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [H. Navipromo] ***** ***** [Registre] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Google Chrome v10.0.648.205 Fichier : C:\Users\FRANCE\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [11383 octets] - [29/02/2012 15:26:58] AdwCleaner[s1].txt - [318 octets] - [29/02/2012 15:27:41] AdwCleaner[s2].txt - [11621 octets] - [29/02/2012 15:31:11] AdwCleaner[s3].txt - [1074 octets] - [02/03/2012 19:10:53] AdwCleaner[R2].txt - [1133 octets] - [03/03/2012 16:32:38] AdwCleaner[R3].txt - [1193 octets] - [03/03/2012 18:04:34] AdwCleaner[s4].txt - [1255 octets] - [04/03/2012 09:33:34] AdwCleaner[R4].txt - [1184 octets] - [04/03/2012 15:23:16] ########## EOF - C:\AdwCleaner[R4].txt - [1312 octets] ########## Rapport de ZHPDiag est ce que je doit suivre la procédure jointe (tester votre machine/roguekiller/ect...) ou attendre l analyse des rapports

Bonjour a toutes et a tous voila ,depuis quelques temps lors de recherche sur google je suis redirigé vers d autres sites aussi divers que possible j ai antivir , ccleaner et j ai essayé Malwarebytes , adwcleaner , rkill ,TDSiller, spybot mais rien y fait j ai toujours le même problème j ai fait une analyse kijackthis et ZHPdiag mais la je suis bloqué je suis novice dans ce genre d analyse c est pourquoi a ce stade j aimerais avoir un peu d aide et savoir comment faire Merci