Problème lecteur cd/dvd
taty5157
Messages postés
33
Statut
Membre
-
taty5157 Messages postés 33 Statut Membre -
taty5157 Messages postés 33 Statut Membre -
Bonjour, je viens solliciter votre aide car mon pc portable (acer aspire 7220) ne détecte plus les cd ni dvd. Je me demande si par mégarde je n'ai pas effacer sa configuration
j'ai fait un rapport hijacktis que je vous communique. Merci d'avance pour votre aide
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:15:34, on 27/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Joëlle Spadaro\AppData\Local\oyecoku.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Users\JOLLES~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Joëlle Spadaro\Documents\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Joëlle Spadaro\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [oyecoku] "c:\users\joëlle spadaro\appdata\local\oyecoku.exe" oyecoku
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
j'ai fait un rapport hijacktis que je vous communique. Merci d'avance pour votre aide
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:15:34, on 27/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Joëlle Spadaro\AppData\Local\oyecoku.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Users\JOLLES~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Joëlle Spadaro\Documents\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Joëlle Spadaro\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [oyecoku] "c:\users\joëlle spadaro\appdata\local\oyecoku.exe" oyecoku
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- Problème lecteur cd/dvd
- Dvd shrink - Télécharger - Copie & Extraction
- Logiciel lecteur dvd - Télécharger - Lecture
- Lecteur windows media - Télécharger - Lecture
- Hiren's boot cd - Télécharger - Divers Utilitaires
- Cd burner - Télécharger - Gravure
22 réponses
Résumé de la discussion
Le problème est que le lecteur optique de l’Acer Aspire 7220 ne détecte plus les CD/DVD, et le diagnostic clé consiste à vérifier s’il est visible dans le BIOS; en l’absence du lecteur dans le BIOS, il s’agit probablement d’une défaillance matérielle ou d’un débranchement interne. Sur un portable, une vérification physique du raccordement peut nécessiter un démontage et conduit souvent à envisager une réparation. Le rapport de sécurité fourni ne révèle pas d’élément logiciel responsable de la non-détection du lecteur. Les éléments les plus probants orientent donc vers une intervention matérielle plutôt qu’un problème logiciel.
Bonjour,
Je ne vois pas le rapport entre ton problème de lecteur CD/DVD et le rapport HijackThis. Cela dit, le rapport montre plusieurs infections.
---> Télécharge le fichier suivant sur ton Bureau :
http://docxp.mvps.org/b1n/DisparitionCD.inf
---> Clique droit dessus et choisis Installer.
---> Redémarre.
Je ne vois pas le rapport entre ton problème de lecteur CD/DVD et le rapport HijackThis. Cela dit, le rapport montre plusieurs infections.
---> Télécharge le fichier suivant sur ton Bureau :
http://docxp.mvps.org/b1n/DisparitionCD.inf
---> Clique droit dessus et choisis Installer.
---> Redémarre.
taty5157
Messages postés
33
Statut
Membre
voilà qui est fait, que puis-je faire maintenant ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Apparemment, tu n'as pas la rubrique. Tu vois ton lecteur dans Ordinateur (Poste de travail sous XP) ?
Afin d'en connaître un peu plus sur ta config', fais ce qui suit :
---> Télécharge et installe Everest Ultimate.
---> Lance-le, va dans Ordinateur puis Résumé et donne-nous le résumé. Pour prendre le résumé, utilise la fonction Rapport en haut de ton écran : Image
PS : supprime ton adresse mail si elle apparaît dans le rapport.
---> Télécharge et installe Everest Ultimate.
---> Lance-le, va dans Ordinateur puis Résumé et donne-nous le résumé. Pour prendre le résumé, utilise la fonction Rapport en haut de ton écran : Image
PS : supprime ton adresse mail si elle apparaît dans le rapport.
j'espère que c bien cela que je devait faireChamp Valeur
Ordinateur
Type de système PC avec processeur x86 ACPI (Mobile)
Système d'exploitation Microsoft Windows Vista Home Premium
Service Pack du système [ TRIAL VERSION ]
Internet Explorer 8.0.6001.18783
DirectX DirectX 10.1
Nom du système PC-DE-J
Nom de l'utilisateur
Adresse e-mail SMTP
Domaine de connexion [ TRIAL VERSION ]
Date / Heure 2009-06-27 / 18:06
Carte mère
Type de processeur Mobile AMD Sempron, 2000 MHz (10 x 200) 3600+
Nom de la carte mère Acer Aspire 7220
Chipset de la carte mère nVIDIA nForce 7000M-610M, AMD Hammer
Mémoire système [ TRIAL VERSION ]
DIMM1: Nanya NT1GT64U8HB0BN-3C 1 Go DDR2-667 DDR2 SDRAM (5-5-5-15 @ 333 MHz) (4-4-4-12 @ 266 MHz) (3-3-3-9 @ 200 MHz)
DIMM2: Nanya NT1GT64U8HB0BN-3C [ TRIAL VERSION ]
Type de BIOS Phoenix (10/29/07)
Moniteur
Carte vidéo NVIDIA GeForce 7000M / nForce 610M (256 Mo)
Carte vidéo NVIDIA GeForce 7000M / nForce 610M (256 Mo)
Accélérateur 3D nVIDIA GeForce 7000M
Moniteur LG Philips LP171WP4-TLB1 [17.1" LCD]
Multimédia
Carte audio Realtek ALC268 @ nVIDIA MCP67 - High Definition Audio Controller
Stockage
Contrôleur IDE Contrôleur IDE standard double canal PCI
Contrôleur IDE Ricoh Memory Stick Controller
Contrôleur IDE Ricoh SD/MMC Host Controller
Contrôleur IDE Ricoh xD-Picture Card Controller
Contrôleur de stockage Initiateur Microsoft iSCSI
Disque dur WDC WD1600BEVS-22RST0 ATA Device (149 Go, IDE)
État des disques durs SMART OK
Partitions
C: (NTFS) [ TRIAL VERSION ]
D: (NTFS) 71183 Mo (71092 Mo libre)
Taille totale [ TRIAL VERSION ]
Entrée
Clavier Clavier 109 MCIR Microsoft eHome
Clavier Clavier MCIR Microsoft eHome
Clavier Launch Manager
Clavier Touches de clavier de contrôle à distance Microsoft eHome
Souris Alps Pointing-device
Souris Souris HID
Souris Souris HID
Réseau
Adresse IP principale [ TRIAL VERSION ]
Adresse MAC principale 00-1E-4C-5B-AA-93
Carte réseau Atheros AR5007EG Wireless Network Adapter (192. [ TRIAL VERSION ])
Carte réseau NVIDIA nForce Networking Controller
Modem HDAUDIO Soft Data Fax Modem with SmartCP
Périphériques
Imprimante \\Your-10f7d786ed\Lexmark 3500-4500 Series
Imprimante Envoyer à OneNote 2007
Imprimante Lexmark 3500-4500 Series
Imprimante LexmarkFax
Imprimante Microsoft XPS Document Writer
Contrôleur FireWire Ricoh RL5C832 IEEE1394 Controller (PHY: Ricoh RL5C832)
Contrôleur USB1 nVIDIA MCP67 - OHCI USB 1.1 Controller
Contrôleur USB1 nVIDIA MCP67 - OHCI USB 1.1 Controller
Contrôleur USB2 nVIDIA MCP67 - EHCI USB 2.0 Controller
Contrôleur USB2 nVIDIA MCP67 - EHCI USB 2.0 Controller
Périphérique USB Acer Crystal Eye webcam
Périphérique USB USB Human Interface Device
Batterie Adaptateur secteur Microsoft
Batterie Batterie à méthode de contrôle compatible ACPI Microsoft
DMI
Distributeur du BIOS Acer
Version du BIOS V1.10
Fabricant du système Acer
Nom du système Aspire 7220
Version du système V1.10
Numéro de série du système [ TRIAL VERSION ]
UUID du système [ TRIAL VERSION ]
Fabricant de la carte mère Acer
Nom de la carte mère Fuquene
Version de la carte mère N/A
Numéro de série de la carte mère [ TRIAL VERSION ]
Fabricant du châssis Acer
Version du châssis N/A
Numéro de série du châssis [ TRIAL VERSION ]
Identifiant du châssis [ TRIAL VERSION ]
Type du châssis Notebook
Ordinateur
Type de système PC avec processeur x86 ACPI (Mobile)
Système d'exploitation Microsoft Windows Vista Home Premium
Service Pack du système [ TRIAL VERSION ]
Internet Explorer 8.0.6001.18783
DirectX DirectX 10.1
Nom du système PC-DE-J
Nom de l'utilisateur
Adresse e-mail SMTP
Domaine de connexion [ TRIAL VERSION ]
Date / Heure 2009-06-27 / 18:06
Carte mère
Type de processeur Mobile AMD Sempron, 2000 MHz (10 x 200) 3600+
Nom de la carte mère Acer Aspire 7220
Chipset de la carte mère nVIDIA nForce 7000M-610M, AMD Hammer
Mémoire système [ TRIAL VERSION ]
DIMM1: Nanya NT1GT64U8HB0BN-3C 1 Go DDR2-667 DDR2 SDRAM (5-5-5-15 @ 333 MHz) (4-4-4-12 @ 266 MHz) (3-3-3-9 @ 200 MHz)
DIMM2: Nanya NT1GT64U8HB0BN-3C [ TRIAL VERSION ]
Type de BIOS Phoenix (10/29/07)
Moniteur
Carte vidéo NVIDIA GeForce 7000M / nForce 610M (256 Mo)
Carte vidéo NVIDIA GeForce 7000M / nForce 610M (256 Mo)
Accélérateur 3D nVIDIA GeForce 7000M
Moniteur LG Philips LP171WP4-TLB1 [17.1" LCD]
Multimédia
Carte audio Realtek ALC268 @ nVIDIA MCP67 - High Definition Audio Controller
Stockage
Contrôleur IDE Contrôleur IDE standard double canal PCI
Contrôleur IDE Ricoh Memory Stick Controller
Contrôleur IDE Ricoh SD/MMC Host Controller
Contrôleur IDE Ricoh xD-Picture Card Controller
Contrôleur de stockage Initiateur Microsoft iSCSI
Disque dur WDC WD1600BEVS-22RST0 ATA Device (149 Go, IDE)
État des disques durs SMART OK
Partitions
C: (NTFS) [ TRIAL VERSION ]
D: (NTFS) 71183 Mo (71092 Mo libre)
Taille totale [ TRIAL VERSION ]
Entrée
Clavier Clavier 109 MCIR Microsoft eHome
Clavier Clavier MCIR Microsoft eHome
Clavier Launch Manager
Clavier Touches de clavier de contrôle à distance Microsoft eHome
Souris Alps Pointing-device
Souris Souris HID
Souris Souris HID
Réseau
Adresse IP principale [ TRIAL VERSION ]
Adresse MAC principale 00-1E-4C-5B-AA-93
Carte réseau Atheros AR5007EG Wireless Network Adapter (192. [ TRIAL VERSION ])
Carte réseau NVIDIA nForce Networking Controller
Modem HDAUDIO Soft Data Fax Modem with SmartCP
Périphériques
Imprimante \\Your-10f7d786ed\Lexmark 3500-4500 Series
Imprimante Envoyer à OneNote 2007
Imprimante Lexmark 3500-4500 Series
Imprimante LexmarkFax
Imprimante Microsoft XPS Document Writer
Contrôleur FireWire Ricoh RL5C832 IEEE1394 Controller (PHY: Ricoh RL5C832)
Contrôleur USB1 nVIDIA MCP67 - OHCI USB 1.1 Controller
Contrôleur USB1 nVIDIA MCP67 - OHCI USB 1.1 Controller
Contrôleur USB2 nVIDIA MCP67 - EHCI USB 2.0 Controller
Contrôleur USB2 nVIDIA MCP67 - EHCI USB 2.0 Controller
Périphérique USB Acer Crystal Eye webcam
Périphérique USB USB Human Interface Device
Batterie Adaptateur secteur Microsoft
Batterie Batterie à méthode de contrôle compatible ACPI Microsoft
DMI
Distributeur du BIOS Acer
Version du BIOS V1.10
Fabricant du système Acer
Nom du système Aspire 7220
Version du système V1.10
Numéro de série du système [ TRIAL VERSION ]
UUID du système [ TRIAL VERSION ]
Fabricant de la carte mère Acer
Nom de la carte mère Fuquene
Version de la carte mère N/A
Numéro de série de la carte mère [ TRIAL VERSION ]
Fabricant du châssis Acer
Version du châssis N/A
Numéro de série du châssis [ TRIAL VERSION ]
Identifiant du châssis [ TRIAL VERSION ]
Type du châssis Notebook
Il faudrait vérifier que le BIOS détecte le lecteur CD/DVD mais je n'ai pas la manip' pour y entrer ni où regarder dans le BIOS, désolé.
"lecteur de disque", c'est la rubrique où tu trouveras ton disque dur (WD1600BEVS-22RST0) mais ce n'est pas là-dedans que le lecteur CD/DVD doit apparaître.
en fouillant dans le forum, j'ai essayé ceci,mais je n'ai rien trouvé de ce qui est demandé
Lecteurs CD-ROM non reconnus par le système
En premier lieu, vérifier que le lecteur en question n'est pas précédé d'un point d'exclamation dans le Gestionnaire de périphériques
Par Démarrer/Exécuter... (ou Windows+r), saisir devmgmt.msc
Si le lecteur est précédé d'un point d'exclamation, le supprimer
Redémarrer l'ordinateur et vérifier si le lecteur est correctement détecté
Autre cause:
L'impossibilité d'accès au lecteur CD peut provenir d'installation d'anciens logiciels de gravure. Dans ce cas, un message d'erreur Code 31, Code 32, Code 19 ou Code 39 peut s'afficher à l'écran ou dans les entrées de l'Observateur d'événements. Pour retrouver l'accès au lecteur:
Par Démarrer/Exécuter... (ou Windows+r), saisir regedit
Localiser la clé HKLM\SYSTEM\CurrentControlSet\Control\Class\ {4D36E965-E325-11CE-BFC1-08002BE10318}
Dans le volet droit, supprimer les valeurs UpperFilter et LowerFilter
Dans le volet gauche, supprimer les clés suivantes
HKLM\SYSTEM\CurrentControlSet\Services\Cdr4_2K
HKLM\SYSTEM\CurrentControlSet\Services\Cdralw2k
HKLM\SYSTEM\CurrentControlSet\Services\Cdudf
HKLM\SYSTEM\CurrentControlSet\Services\UdfReadr
Lecteurs CD-ROM non reconnus par le système
En premier lieu, vérifier que le lecteur en question n'est pas précédé d'un point d'exclamation dans le Gestionnaire de périphériques
Par Démarrer/Exécuter... (ou Windows+r), saisir devmgmt.msc
Si le lecteur est précédé d'un point d'exclamation, le supprimer
Redémarrer l'ordinateur et vérifier si le lecteur est correctement détecté
Autre cause:
L'impossibilité d'accès au lecteur CD peut provenir d'installation d'anciens logiciels de gravure. Dans ce cas, un message d'erreur Code 31, Code 32, Code 19 ou Code 39 peut s'afficher à l'écran ou dans les entrées de l'Observateur d'événements. Pour retrouver l'accès au lecteur:
Par Démarrer/Exécuter... (ou Windows+r), saisir regedit
Localiser la clé HKLM\SYSTEM\CurrentControlSet\Control\Class\ {4D36E965-E325-11CE-BFC1-08002BE10318}
Dans le volet droit, supprimer les valeurs UpperFilter et LowerFilter
Dans le volet gauche, supprimer les clés suivantes
HKLM\SYSTEM\CurrentControlSet\Services\Cdr4_2K
HKLM\SYSTEM\CurrentControlSet\Services\Cdralw2k
HKLM\SYSTEM\CurrentControlSet\Services\Cdudf
HKLM\SYSTEM\CurrentControlSet\Services\UdfReadr
---> Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.
---> Télécharge OTM (OldTimer) sur ton Bureau.
---> Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:reg
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"UpperFilter"=-
"LowerFilter"=-
[-HKLM\SYSTEM\CurrentControlSet\Services\Cdr4_2K]
[-HKLM\SYSTEM\CurrentControlSet\Services\Cdralw2k]
[-HKLM\SYSTEM\CurrentControlSet\Services\Cdudf]
[-HKLM\SYSTEM\CurrentControlSet\Services\UdfReadr]
:commands
[purity]
[emptytemp]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTM.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
---> Télécharge OTM (OldTimer) sur ton Bureau.
---> Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:reg
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"UpperFilter"=-
"LowerFilter"=-
[-HKLM\SYSTEM\CurrentControlSet\Services\Cdr4_2K]
[-HKLM\SYSTEM\CurrentControlSet\Services\Cdralw2k]
[-HKLM\SYSTEM\CurrentControlSet\Services\Cdudf]
[-HKLM\SYSTEM\CurrentControlSet\Services\UdfReadr]
:commands
[purity]
[emptytemp]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTM.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\\UpperFilter not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\\LowerFilter not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdr4_2K\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdralw2k\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdudf\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UdfReadr\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8Q4I545\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3XZBJDF\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0F7JK93\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\35T822Q0\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8Q4I545\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3XZBJDF\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0F7JK93\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\35T822Q0\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: Joëlle Spadaro
->Temporary Internet Files folder emptied: 56257011 bytes
->Java cache emptied: 2495365 bytes
->FireFox cache emptied: 58652815 bytes
->Apple Safari cache emptied: 197116 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
Folder delete failed. C:\Windows\msdownld.tmp scheduled to be deleted on reboot.
%systemroot% .tmp files removed: 217088 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\zh-tw\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\zh-cn\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\tr\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\th\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\sv\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ru\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\pt-br\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\pl\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\no\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\nl\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ko\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ja\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\it\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\HTML\ui.js scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\fr\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\fi\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\es\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\en-gb\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\en\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\el\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\de\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\da\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\cs\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ci.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\cires.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\GoogleUpdaterAdminPrefs.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\GoogleUpdaterInstallMgr.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\GoogleUpdaterSetup.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\npCIDetect13.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\GoogleUpdater.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\GoogleUpdaterService.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile13.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile14.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile15.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile16.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile17.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile18.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile19.sqm scheduled to be deleted on reboot.
Windows Temp folder emptied: 13818026 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 125,60 mb
OTM by OldTimer - Version 3.0.0.2 log created on 06272009_184829
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\\UpperFilter not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\\LowerFilter not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdr4_2K\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdralw2k\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdudf\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UdfReadr\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8Q4I545\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3XZBJDF\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0F7JK93\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\35T822Q0\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8Q4I545\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3XZBJDF\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0F7JK93\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\35T822Q0\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: Joëlle Spadaro
->Temporary Internet Files folder emptied: 56257011 bytes
->Java cache emptied: 2495365 bytes
->FireFox cache emptied: 58652815 bytes
->Apple Safari cache emptied: 197116 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
Folder delete failed. C:\Windows\msdownld.tmp scheduled to be deleted on reboot.
%systemroot% .tmp files removed: 217088 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\zh-tw\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\zh-cn\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\tr\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\th\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\sv\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ru\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\pt-br\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\pl\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\no\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\nl\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ko\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ja\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\it\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\HTML\ui.js scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\fr\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\fi\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\es\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\en-gb\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\en\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\el\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\de\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\da\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\cs\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\ci.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\cires.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\GoogleUpdaterAdminPrefs.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\GoogleUpdaterInstallMgr.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\GoogleUpdaterSetup.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\2.4.1536.6592\npCIDetect13.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\GoogleUpdater.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gis8ac26\GoogleUpdaterService.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile13.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile14.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile15.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile16.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile17.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile18.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile19.sqm scheduled to be deleted on reboot.
Windows Temp folder emptied: 13818026 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 125,60 mb
OTM by OldTimer - Version 3.0.0.2 log created on 06272009_184829
regardes ici : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/PC/lecteur-graveur-dvd-sujet_21054_1.htm
essaies de démarrer le pc sur un cd de windows ou linux, n'importe quel cd bootable.
si le pc démarres sur le lecteur c'est bon, s'il ne peux pas c'est que le lecteur est mort.
si le pc démarres sur le lecteur c'est bon, s'il ne peux pas c'est que le lecteur est mort.
Si tu veux, je peux quand même retirer tes virus.
Ok.
- Désactive l'UAC le temps de la désinfection.
- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le Bureau.
- Double-clique sur Navilog1.exe afin de lancer l'installation.
- Si le fix ne se lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci de Navilog1 et choisir Exécuter en tant qu'administrateur)
- Appuie sur F ou f puis valide par Entrée.
- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
- Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
- Patiente jusqu'au message : ****** Scan terminé le ..... ******
- Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
- Désactive l'UAC le temps de la désinfection.
- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le Bureau.
- Double-clique sur Navilog1.exe afin de lancer l'installation.
- Si le fix ne se lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci de Navilog1 et choisir Exécuter en tant qu'administrateur)
- Appuie sur F ou f puis valide par Entrée.
- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
- Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
- Patiente jusqu'au message : ****** Scan terminé le ..... ******
- Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
voici le rapport de navilog
Fix Navipromo version 4.0.0 commencé le 27/06/2009 à 20:53:00,25
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 19.06.2009 à 20h00 par IL-MAFIOSO
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Mobile AMD Sempron(tm) Processor 3600+ )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Joëlle Spadaro ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081121-0] 4.8.1290 (Activated)
C:\ (Local Disk) - NTFS - Total:69 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:69 Go)
Recherche exécutée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\Program Files\MessengerSkinner supprimé !
c:\progra~2\micros~1\windows\startm~1\programs\MessengerSkinner supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku.exe supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku.dat supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku_nav.dat supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku_navps.dat supprimé !
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\JOLLES~1\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé le 27/06/2009 à 21:25:55,96 ***
Fix Navipromo version 4.0.0 commencé le 27/06/2009 à 20:53:00,25
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 19.06.2009 à 20h00 par IL-MAFIOSO
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Mobile AMD Sempron(tm) Processor 3600+ )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Joëlle Spadaro ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081121-0] 4.8.1290 (Activated)
C:\ (Local Disk) - NTFS - Total:69 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:69 Go)
Recherche exécutée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\Program Files\MessengerSkinner supprimé !
c:\progra~2\micros~1\windows\startm~1\programs\MessengerSkinner supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku.exe supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku.dat supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku_nav.dat supprimé !
C:\Users\Jo‰lle Spadaro\AppData\Local\oyecoku_navps.dat supprimé !
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\JOLLES~1\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé le 27/06/2009 à 21:25:55,96 ***
Ne réinstalle pas MessengerSkinner, c'est un programme piégé.
● Désinstalle Navilog1.
● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\
● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option L.
● Poste le rapport généré (C:\Ad-Report-CLEAN.log).
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
● Désinstalle Navilog1.
● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\
● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option L.
● Poste le rapport généré (C:\Ad-Report-CLEAN.log).
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:34:24, 27/06/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: PC-DE-| Utilisateur actuel:
.
Administrateur: Administrateur *Desactive*
N'est pas administrateur: ASPNET
N'est pas administrateur: Invité *Desactive*
Administrateur:
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCR\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
HKCR\Interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\KiweeIEToolbar.KiweeToolbar
HKCR\KiweeIEToolbar.KiweeToolbar.1
HKCR\KiweeIEToolbar.ToolbarInfo
HKCR\KiweeIEToolbar.ToolbarInfo.1
HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
HKCU\Software\EoRezo
HKCU\Software\ItsLabel
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\EoRezo
HKLM\Software\ItsLabel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{23A287DB-449A-462F-BDE1-8635A61671CE}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKU\S-1-5-21-2465883835-2094893048-2643455533-1000\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKU\.DEFAULT\Software\AGI
HKCU\Software\AGI
HKLM\Software\Mozilla\Firefox\Extensions\\toolbar@kiwee.com
/!\ NON SUPPRIMÉ - HKLM\Software\AGI
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiweeHook
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Softwarehelper
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
.
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\FAQ.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Help Forum.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Privacy Policy.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Read License Agreement.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Send Us Feedback.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Visit Kiwee.com.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
C:\ProgramData\Kiwee Toolbar\config
C:\ProgramData\Kiwee Toolbar\images
C:\ProgramData\Kiwee Toolbar\config\content_a.xml
C:\ProgramData\Kiwee Toolbar\config\content_ie.xml
C:\ProgramData\Kiwee Toolbar\config\content_m.xml
C:\ProgramData\Kiwee Toolbar\config\content_y.xml
C:\ProgramData\Kiwee Toolbar\config\logger.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIE.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_a.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_m.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_y.xml
C:\ProgramData\Kiwee Toolbar\images\allow.bmp
C:\ProgramData\Kiwee Toolbar\images\block.bmp
C:\ProgramData\Kiwee Toolbar\images\dontsend.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarstextrollover.bmp
C:\ProgramData\Kiwee Toolbar\images\kiwee_iconX16.ico
C:\ProgramData\Kiwee Toolbar\images\kiwee_iconX48.ico
C:\ProgramData\Kiwee Toolbar\images\send.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eg.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_emoticons.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eyeglass.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_gear.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_images.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_kiwee.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_msnlogo.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_news.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_text.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_videos.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_webshots.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_winks.bmp
C:\ProgramData\Kiwee Toolbar\images\X.bmp
C:\ProgramData\Kiwee Toolbar
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\cache
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\db
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoStats
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\host.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\user.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\db\cat.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoStats\eoStats.txt
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\Download
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\help_config.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\Software
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.dat
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\user_config.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\user_profil.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo
C:\Users\JOLLES~1\AppData\Roaming\ItsLabel\ItsTV
C:\Users\JOLLES~1\AppData\Roaming\ItsLabel\ItsTV\itsTV.xml
C:\Users\JOLLES~1\AppData\Roaming\ItsLabel
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar\Logs
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar\Logs\KiweeHook.log
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar\Logs\KiweeIEToolbar.log
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\AolIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\firefox
C:\Program Files\Kiwee Toolbar\2.8.167\FlashCOM.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.tlb
C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll
C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.CRT.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.MFC.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\msimg32.dll
C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\msvcp80.dll
C:\Program Files\Kiwee Toolbar\2.8.167\msvcr80.dll
C:\Program Files\Kiwee Toolbar\2.8.167\RemoteLib.dll
C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf
C:\Program Files\Kiwee Toolbar
C:\ProgramData\agi\config
C:\ProgramData\agi\KiweeToolbar
C:\ProgramData\agi\config\desktopconfig.cfg
C:\ProgramData\agi\config\desktopdata.cfg
C:\ProgramData\agi\config\logging.cfg
C:\ProgramData\agi\KiweeToolbar\config
C:\ProgramData\agi\KiweeToolbar\config\appconfig.cfg
C:\ProgramData\agi\KiweeToolbar\config\appdata.cfg
C:\ProgramData\agi
C:\Users\JOLLES~1\AppData\Roaming\Agi\config
C:\Users\JOLLES~1\AppData\Roaming\Agi\KiweeToolbar
C:\Users\JOLLES~1\AppData\Roaming\Agi\logs
C:\Users\JOLLES~1\AppData\Roaming\Agi\config\userconfig.cfg
C:\Users\JOLLES~1\AppData\Roaming\Agi\KiweeToolbar\config
C:\Users\JOLLES~1\AppData\Roaming\Agi\KiweeToolbar\config\appuserconfig.cfg
C:\Users\JOLLES~1\AppData\Roaming\Agi\logs\pyagcore.log
C:\Users\JOLLES~1\AppData\Roaming\Agi
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-33433340.pf
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
* Mozilla FireFox Version 3.0.11 *
Nom du profil: ze7qqk7y.default (Jo‰lle Spadaro)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "MyStart Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Google");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://orange.fr/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.11");
.
.
* Internet Explorer Version 8.0.6001.18783 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Processus Caches/Bloque ==============
.
PID: 1192 [LOCKED] audiodg.exe
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.0.8089-to-2.4.1.8125-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.0.8102-to-2.4.2.8301-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.1.8125-to-2.4.2.8278-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.2.9056-to-3.0.3.9183-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.3.9183-to-3.0.8.9464-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.0.9767-to-3.1.1.9806-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.1.9806-to-3.1.1.9835-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Patches\WoW-3.0.9-to-3.1.0-frFR-Win-patch\Blizzard Updater.exe
.
===================================
.
13983 Octet(s) - C:\Ad-Report-CLEAN.log
.
17 Fichier(s) - C:\Users\JOLLES~1\AppData\Local\Temp
1 Fichier(s) - C:\Windows\Temp
.
20 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
90 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 22:01:15 | 27/06/2009
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:34:24, 27/06/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: PC-DE-| Utilisateur actuel:
.
Administrateur: Administrateur *Desactive*
N'est pas administrateur: ASPNET
N'est pas administrateur: Invité *Desactive*
Administrateur:
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCR\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKCR\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}
HKCR\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}
HKCR\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}
HKCR\Interface\{5663B370-F3C3-40D1-9C46-0E800AA4D0E8}
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\KiweeIEToolbar.KiweeToolbar
HKCR\KiweeIEToolbar.KiweeToolbar.1
HKCR\KiweeIEToolbar.ToolbarInfo
HKCR\KiweeIEToolbar.ToolbarInfo.1
HKCR\Typelib\{259EEB17-79AA-44DF-8410-8E55F82A902A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCR\Typelib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}
HKCU\Software\EoRezo
HKCU\Software\ItsLabel
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\EoRezo
HKLM\Software\ItsLabel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{23A287DB-449A-462F-BDE1-8635A61671CE}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKU\S-1-5-21-2465883835-2094893048-2643455533-1000\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKU\.DEFAULT\Software\AGI
HKCU\Software\AGI
HKLM\Software\Mozilla\Firefox\Extensions\\toolbar@kiwee.com
/!\ NON SUPPRIMÉ - HKLM\Software\AGI
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiweeHook
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Softwarehelper
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
.
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\FAQ.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Help Forum.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Privacy Policy.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Read License Agreement.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Send Us Feedback.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar\Visit Kiwee.com.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
C:\ProgramData\Kiwee Toolbar\config
C:\ProgramData\Kiwee Toolbar\images
C:\ProgramData\Kiwee Toolbar\config\content_a.xml
C:\ProgramData\Kiwee Toolbar\config\content_ie.xml
C:\ProgramData\Kiwee Toolbar\config\content_m.xml
C:\ProgramData\Kiwee Toolbar\config\content_y.xml
C:\ProgramData\Kiwee Toolbar\config\logger.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIE.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_a.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_m.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_y.xml
C:\ProgramData\Kiwee Toolbar\images\allow.bmp
C:\ProgramData\Kiwee Toolbar\images\block.bmp
C:\ProgramData\Kiwee Toolbar\images\dontsend.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarstextrollover.bmp
C:\ProgramData\Kiwee Toolbar\images\kiwee_iconX16.ico
C:\ProgramData\Kiwee Toolbar\images\kiwee_iconX48.ico
C:\ProgramData\Kiwee Toolbar\images\send.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eg.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_emoticons.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eyeglass.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_gear.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_images.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_kiwee.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_msnlogo.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_news.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_text.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_videos.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_webshots.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_winks.bmp
C:\ProgramData\Kiwee Toolbar\images\X.bmp
C:\ProgramData\Kiwee Toolbar
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\cache
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\db
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoStats
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\host.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\user.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\db\cat.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\eoStats\eoStats.txt
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\Download
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\help_config.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\Software
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.dat
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\user_config.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo\SoftwareUpdate\user_profil.cyp
C:\Users\JOLLES~1\AppData\Roaming\EoRezo
C:\Users\JOLLES~1\AppData\Roaming\ItsLabel\ItsTV
C:\Users\JOLLES~1\AppData\Roaming\ItsLabel\ItsTV\itsTV.xml
C:\Users\JOLLES~1\AppData\Roaming\ItsLabel
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar\Logs
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar\Logs\KiweeHook.log
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar\Logs\KiweeIEToolbar.log
C:\Users\Jo‰lle Spadaro\AppData\LocalLow\Kiwee Toolbar
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\AolIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\firefox
C:\Program Files\Kiwee Toolbar\2.8.167\FlashCOM.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.tlb
C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll
C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.CRT.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.MFC.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\msimg32.dll
C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\msvcp80.dll
C:\Program Files\Kiwee Toolbar\2.8.167\msvcr80.dll
C:\Program Files\Kiwee Toolbar\2.8.167\RemoteLib.dll
C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf
C:\Program Files\Kiwee Toolbar
C:\ProgramData\agi\config
C:\ProgramData\agi\KiweeToolbar
C:\ProgramData\agi\config\desktopconfig.cfg
C:\ProgramData\agi\config\desktopdata.cfg
C:\ProgramData\agi\config\logging.cfg
C:\ProgramData\agi\KiweeToolbar\config
C:\ProgramData\agi\KiweeToolbar\config\appconfig.cfg
C:\ProgramData\agi\KiweeToolbar\config\appdata.cfg
C:\ProgramData\agi
C:\Users\JOLLES~1\AppData\Roaming\Agi\config
C:\Users\JOLLES~1\AppData\Roaming\Agi\KiweeToolbar
C:\Users\JOLLES~1\AppData\Roaming\Agi\logs
C:\Users\JOLLES~1\AppData\Roaming\Agi\config\userconfig.cfg
C:\Users\JOLLES~1\AppData\Roaming\Agi\KiweeToolbar\config
C:\Users\JOLLES~1\AppData\Roaming\Agi\KiweeToolbar\config\appuserconfig.cfg
C:\Users\JOLLES~1\AppData\Roaming\Agi\logs\pyagcore.log
C:\Users\JOLLES~1\AppData\Roaming\Agi
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-33433340.pf
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
* Mozilla FireFox Version 3.0.11 *
Nom du profil: ze7qqk7y.default (Jo‰lle Spadaro)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "MyStart Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Google");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://orange.fr/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.11");
.
.
* Internet Explorer Version 8.0.6001.18783 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Processus Caches/Bloque ==============
.
PID: 1192 [LOCKED] audiodg.exe
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.0.8089-to-2.4.1.8125-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.0.8102-to-2.4.2.8301-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.1.8125-to-2.4.2.8278-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.2.9056-to-3.0.3.9183-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.3.9183-to-3.0.8.9464-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.0.9767-to-3.1.1.9806-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.1.9806-to-3.1.1.9835-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-frFR-patch.exe
C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Patches\WoW-3.0.9-to-3.1.0-frFR-Win-patch\Blizzard Updater.exe
.
===================================
.
13983 Octet(s) - C:\Ad-Report-CLEAN.log
.
17 Fichier(s) - C:\Users\JOLLES~1\AppData\Local\Temp
1 Fichier(s) - C:\Windows\Temp
.
20 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
90 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 22:01:15 | 27/06/2009
.
============== E.O.F ==============
.
--> Supprime les traces de Norton avec ceci.
--> Refais un scan HijackThis et poste le rapport.
--> Refais un scan HijackThis et poste le rapport.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29:21, on 28/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Users\JOLLES~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Users\Joëlle Spadaro\Documents\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 15:29:21, on 28/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Users\JOLLES~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Users\Joëlle Spadaro\Documents\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Tu n'as pas installé le SP2.
j'ai installé sp2 et voilà le nouveau rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:39, on 28/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Users\JOLLES~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Users\Joëlle Spadaro\Documents\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:39, on 28/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Users\JOLLES~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Users\Joëlle Spadaro\Documents\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
