Aide pour lire ZHPDiag, virer Asktoolbar, etc

touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 - 29 mars 2010 à 02:20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 8 avril 2010 à 00:01

Quelqu'un pourrait-il m'aider pour interpréter le résultat ZHPdiag
obtenu sur un portable fonctionnant sous XP avec avast 5 comme antivirus.
L'appareil occasionnellement connecté au net
n'étais pas très à jour côté Windows at antivirus.

J'ai remarqué qu'il y a une ask toolbar, mais il y a surment encore d'autres pb
sur le résultat ci dessous.
Remarque je poste d'un fixe
et non pas du portable.

J'ai également fait tourner USBFix
et RSIT si jamais ça peur servir

pour commencer ci dessous le lien du rapport obtenu avec zebulon

End of the scan (616 lines in 00mn 24s)

Remarque : quand j'étais sur le portable il y a eu l'ouverture d'une fenêtre non sollicitée.
Merci a qui peur suivre.

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 mars 2010 à 02:24

● Désinstalle pdfforge Toolbar.

● Télécharge Ad-Remover (de C_XX) sur ton Bureau.
● Déconnecte-toi d'Internet et ferme toutes applications en cours.
● Double-clique sur le programme AD-R situé sur ton Bureau.
● Clique sur Nettoyer puis valide.
● Poste le rapport généré (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 02:37
merci pour la reéponse rapide.
Je fais ça et je reposte.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 02:54
cidessous le resultat obtenu
aprsè le nettoyage d'Ad Remover

Mis à jour par C_XX le 27/03/10 à 10:40
Site web:
Lancé à: 02:40:38 le 29/03/2010 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows XP(TM) Service Pack 3 - X86
Nom du PC: XXX-3CCDDE63BBF | Utilisateur actuel: JO (Administrateur)
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
C:\Documents and Settings\JO\Application Data\pdfforge
[b]ERREUR SUPPRESSION !![/b] : C:\Documents and Settings\JO\Application Data\Search Settings
C:\Documents and Settings\xxx\Application Data\pdfforge
C:\Documents and Settings\xxx\Application Data\Search Settings
C:\Program Files\AskBarDis
C:\Program Files\pdfforge Toolbar

(!) -- Fichiers temporaires supprimés.
HKCU\Software\Search Settings
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
HKLM\Software\Search Settings
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SearchSettings.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SearchSettings.exe
(Orpheline) HKLM,Run - BluetoothAuthenticationAgent - rundll32.exe bthprops.cpl
(Orpheline) HKLM,Run - AlcWzrd - ALCWZRD.EXE
(Orpheline) HKLM,Run - CtrlVol - C:\Program Files\Launch Manager\CtrlVol.exe
(Orpheline) HKLM,Run - Wbutton - C:\Program Files\Launch Manager\WButton.exe
============== SCAN ADDITIONNEL ==============
* Internet Explorer Version 8.0.6001.18702 *
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://
Default_Search_URL: hxxp://
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://
Show_ToolBar: yes
Start Page: hxxp://
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://
Default_Search_URL: hxxp://
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://
Search Page: hxxp://
Start Page: hxxp://
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
C:\DOCUME~1\JO~1\LOCALS~1\Temp: 2 Fichier(s), 3 Dossier(s)
C:\WINDOWS\temp: 3 Fichier(s), 2 Dossier(s)
Temporary Internet Files: 2 Fichier(s), 5 Dossier(s)
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 12 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 6209 Octet(s)
Fin à: 02:44:53, 29/03/2010
============== E.O.F - CLEAN[1] ==============

et maintenat, je fais quoi STP
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 mars 2010 à 03:07
---> Relance Ad-Remover et choisis Désinstaller.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 03:18

J'avais aussi fait un MBAM
mais qui n'a rien donné
ci dessous le résultat

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3924
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/03/2010 23:43:03
mbam-log-2010-03-28 (23-43-03).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 172803
Temps écoulé: 35 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 mars 2010 à 03:30
Le PC va comment ?

--> Télécharge OTL (de OldTimer) sur ton Bureau.
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche Minimal Output.
--> Coche également les cases à côté de LOP Check et Purity Check.
--> Enfin, clique sur le bouton Run Scan. Le scan ne prendra pas beaucoup de temps.
--> Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

Pour me transmettre les rapports :
--> Clique sur ce lien :
--> Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
--> Clique sur Ouvrir.
--> Clique sur Cliquez ici pour déposer le fichier.
--> Un lien de cette forme, hxxp://, est ajouté dans la page.
--> Copie-colle ce lien dans ta réponse.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 04:36

ci dessous les liens pour OTL text

et pour Extras tesxt.

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 mars 2010 à 04:37
Ce sont des rapports ZHPDiag.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 04:47

j'avais oublié de cliquer pour déposert les dossiers
ci desous donc le lien pour OTL.txt

et celui pour Extras.txt
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 mars 2010 à 04:50
Tu as deux antivirus, Avast et Norton, il faut en désinstaller un.

--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Sous l'onglet Custom Scans/Fixes en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

[2009/05/31 19:41:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JO\Application Data\Search Settings


--> Puis clique sur le bouton Run Fix en haut de la fenêtre.
--> Laisse le programme travailler, redémarre une fois le fix terminé.
--> Poste le rapport qui s'affichera après redémarrage.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 05:17

Norton a été supprimé il y a très longtemps,
mais est resté affiché dans la liste programmes fonctionnaliés du tableau de configuration
j'ai essayer d'enlever manuellement ce qui restait
s'il y avait un tool ou une astuce pour finaliser ce serait bien.

pour le rapport demandé il est ci desous

All processes killed
========== OTL ==========
C:\Documents and Settings\JO\Application Data\Search Settings moved successfully.
========== COMMANDS ==========


User: All Users

User: JO
->Temp folder emptied: 274034 bytes
File delete failed. C:\Documents and Settings\JO\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32768 bytes
->Google Chrome cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 2476469 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: xxx
->Temp folder emptied: 1771217 bytes
->Temporary Internet Files folder emptied: 924795 bytes

C:\DeskUpdate.tmp\1022345\SBDrv\SMBUS folder deleted successfully.
C:\DeskUpdate.tmp\1022345\SBDrv folder deleted successfully.
C:\DeskUpdate.tmp\1022345\NET64A folder deleted successfully.
C:\DeskUpdate.tmp\1022345\NET32 folder deleted successfully.
C:\DeskUpdate.tmp\1022345\Driver\XP_INF\B_61170 folder deleted successfully.
C:\DeskUpdate.tmp\1022345\Driver\XP_INF folder deleted successfully.
C:\DeskUpdate.tmp\1022345\Driver\XP6A_INF\B_61170 folder deleted successfully.
C:\DeskUpdate.tmp\1022345\Driver\XP6A_INF folder deleted successfully.
C:\DeskUpdate.tmp\1022345\Driver folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Utility64 folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Utility folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Skins folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\zh-CHT folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\zh-CHS folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\tr folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\th folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\sv folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\ru folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\pt-BR folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\pl folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\no folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\nl folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\ko folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\ja folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\it folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\hu folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\fr folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\fi folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\es folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\el folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\de folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\da folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization\cs folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Localization folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\zh-CHT folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\zh-CHS folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\tr folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\th folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\sv folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\ru folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\pt-BR folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\pl folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\no folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\nl folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\ko folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\ja folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\it folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\hu folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\fr folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\fi folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\es folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\en-us folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\el folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\de folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\da folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help\cs folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Help folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Graphics-Light folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Graphics-Full-New folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Graphics-Full-Existing folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Core-Static folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Core-PreInstall folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Core-Implementation folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC\Branding folder deleted successfully.
C:\DeskUpdate.tmp\1022345\CCC folder deleted successfully.
C:\DeskUpdate.tmp\1022345\BIN folder deleted successfully.
C:\DeskUpdate.tmp\1022345\ATIPCE folder deleted successfully.
C:\DeskUpdate.tmp\1022345 folder deleted successfully.
C:\DeskUpdate.tmp\1022344\VISTAXP2K\x86 folder deleted successfully.
C:\DeskUpdate.tmp\1022344\VISTAXP2K\amd64 folder deleted successfully.
C:\DeskUpdate.tmp\1022344\VISTAXP2K folder deleted successfully.
C:\DeskUpdate.tmp\1022344 folder deleted successfully.
C:\DeskUpdate.tmp folder deleted successfully.
C:\fsc.tmp\1025972\WinWDF\x86 folder deleted successfully.
C:\fsc.tmp\1025972\WinWDF\x64 folder deleted successfully.
C:\fsc.tmp\1025972\WinWDF folder deleted successfully.
C:\fsc.tmp\1025972\WinNT5\x86 folder deleted successfully.
C:\fsc.tmp\1025972\WinNT5\x64 folder deleted successfully.
C:\fsc.tmp\1025972\WinNT5 folder deleted successfully.
C:\fsc.tmp\1025972 folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\trk folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\tha folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\sve folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\SLV folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\SKY folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\rus folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\ptg folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\ptb folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\plk folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\nor folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\nld folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\kor folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\jpn folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\ita folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\hun folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\heb folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\fra folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\fin folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\esp folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\ENU folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\ell folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\deu folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\dan folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\csy folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\cht folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\chs folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI\ara folder deleted successfully.
C:\fsc.tmp\1025254\Lang\HDMI folder deleted successfully.
C:\fsc.tmp\1025254\Lang folder deleted successfully.
C:\fsc.tmp\1025254\HDMI folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\trk folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\tha folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\sve folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\SLV folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\SKY folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\rus folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\ptg folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\ptb folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\plk folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\nor folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\nld folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\kor folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\jpn folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\ita folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\hun folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\heb folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\fra folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\fin folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\esp folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\ENU folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\ell folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\deu folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\dan folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\csy folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\cht folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\chs folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI\ara folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG\HDMI folder deleted successfully.
C:\fsc.tmp\1025254\Graphics\LANG folder deleted successfully.
C:\fsc.tmp\1025254\Graphics folder deleted successfully.
C:\fsc.tmp\1025254 folder deleted successfully.
C:\fsc.tmp\1024831\ndis5x64 folder deleted successfully.
C:\fsc.tmp\1024831\ndis5x folder deleted successfully.
C:\fsc.tmp\1024831 folder deleted successfully.
C:\fsc.tmp\1022348 folder deleted successfully.
C:\fsc.tmp\1022347\WINXP folder deleted successfully.
C:\fsc.tmp\1022347\WINME folder deleted successfully.
C:\fsc.tmp\1022347\WIN98SE folder deleted successfully.
C:\fsc.tmp\1022347\WIN2000 folder deleted successfully.
C:\fsc.tmp\1022347 folder deleted successfully.
C:\fsc.tmp\1022180\Driver\x32 folder deleted successfully.
C:\fsc.tmp\1022180\Driver\amd64 folder deleted successfully.
C:\fsc.tmp\1022180\Driver folder deleted successfully.
C:\fsc.tmp\1022180\Cardreader_Jmicron_WinXP&Vista_R1.0.11.2_logo\JMB38X_WinDrv_WHQL_R1.00.11.02_NS folder deleted successfully.
C:\fsc.tmp\1022180\Cardreader_Jmicron_WinXP&Vista_R1.0.11.2_logo folder deleted successfully.
C:\fsc.tmp\1022180\Application\x64 folder deleted successfully.
C:\fsc.tmp\1022180\Application\res folder deleted successfully.
C:\fsc.tmp\1022180\Application folder deleted successfully.
C:\fsc.tmp\1022180 folder deleted successfully.
C:\fsc.tmp\1022157\WDM folder deleted successfully.
C:\fsc.tmp\1022157\Vista64 folder deleted successfully.
C:\fsc.tmp\1022157\Vista folder deleted successfully.
C:\fsc.tmp\1022157\MSHDQFE\Win2K_XP\us folder deleted successfully.
C:\fsc.tmp\1022157\MSHDQFE\Win2K_XP folder deleted successfully.
C:\fsc.tmp\1022157\MSHDQFE\Win2K3\us folder deleted successfully.
C:\fsc.tmp\1022157\MSHDQFE\Win2K3 folder deleted successfully.
C:\fsc.tmp\1022157\MSHDQFE folder deleted successfully.
C:\fsc.tmp\1022157\Config folder deleted successfully.
C:\fsc.tmp\1022157 folder deleted successfully.
C:\fsc.tmp\1022156\x64 folder deleted successfully.
C:\fsc.tmp\1022156\Vista folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\TRK folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\THA folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\SVE folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\RUS folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\PTG folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\PTB folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\PLK folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\NOR folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\NLD folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\KOR folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\JPN folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ITA folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\HUN folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\HEB folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\FRC folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\FRA folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\FIN folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ESP folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ENU folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ENG folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ELL folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\DEU folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\DAN folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\CSY folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\CHT folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\CHS folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ARB folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP\ARA folder deleted successfully.
C:\fsc.tmp\1022156\Lang\CHIP folder deleted successfully.
C:\fsc.tmp\1022156\Lang folder deleted successfully.
C:\fsc.tmp\1022156\All folder deleted successfully.
C:\fsc.tmp\1022156 folder deleted successfully.
C:\fsc.tmp\1002126 folder deleted successfully.
C:\fsc.tmp folder deleted successfully.
C:\nps.tmp folder deleted successfully.
%systemdrive% .tmp files removed: 462093510 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 2148155 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
File delete failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6b8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 918237 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 448,90 mb

OTL by OldTimer - Version log created on 03292010_050025

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6b8.dat not found!

Registry entries deleted on Reboot...

remarques :
1°) qd j'ouvre une session il y aussi une fenêtre qui prétend que
"the feature" (application ?) que j'essaye d'utiliser est sur un CD rom où un amovible qui n'est pas disponible
il s'agit de 'ccCommon'

2°) par ailleurs, il y a souvent des problèmes d'affichage de la clé USBet un programme NBScanKey ou quelquechose comme cela qui se manifeste.

ces problèmes qui existaient avant persistent sans grand changement.
Sont-ils les symptomes d'autre chose ?

touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 05:32
il se fais tard je me reconnecterai demain.
merci pour ta dispoibiliré
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
29 mars 2010 à 05:50
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
--> C'est un programme de Nero.

Tu as bien désinstallé un antivirus ?
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 08:46

Le problème c'est qu'à ma connaissance Nero n'a jamais été installé sur cette appareil.
A l'origien (à l'achat) il a été instalé avec Norton et des options de Symantec.
après quoi je lui ai installé successivemment
Avast 4.8, puis et Avira
puis re Avast 4.8 et finalerment Avast 5.0.

Qoiqu'il en soit, comment puis-je enlever ce composant de Nero ?
(Mêsi c'est un composant légitime, depuis qu'il apparaît sur la machine,
j'ai des problème pour visualiser certaines clés et certains ports USB
ont/semblent avoir du mal à fonctionner.

S'il ce composant a été installé c'est à mon insu
et à celui du propriétaire de l'appareil (conjoint)
qui ne connait rien à l'informatique
mais prête à l'occasion sa machine à des tiers
et accepte des clés étrangères.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
29 mars 2010 à 08:48
Je n'ai pas l'appareil sous la main ce matin
et je dois aller bosser
Si tu as le temps de me donner les manip
à faire dans l'après mifi.

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
1 avril 2010 à 00:18
Plus de souci ?

--> Refais un scan OTL et poste le rapport OTL.
touvabien Messages postés 493 Date d'inscription mardi 26 mai 2009 Statut Membre Dernière intervention 27 avril 2024 2
1 avril 2010 à 01:20
Non plus de soucis merci, je vais coché comme résolu
Ci dessous le résultat du dernier scan OTL

OTL logfile created on: 01/04/2010 01:09:41 - Run 3
OTL by OldTimer - Version Folder = C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 76,19% Memory free
3,29 Gb Paging File | 3,01 Gb Available in Paging File | 91,70% Paging File free
Paging file location(s): C:\pagefile.sys 1476 2952 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 137,10 Gb Free Space | 91,99% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XXX-3CCDDE63BBF
Current User Name: JO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
PRC - C:\WINDOWS\System32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Program Files\Glary Utilities\Integrator.exe (Glarysoft Ltd)
PRC - C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\OTL\OTL.exe (OldTimer Tools)

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Stopped]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-110408-113106 [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gupdate [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (WisLMSvc [On_Demand | Running]) -- C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (AR5416 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\athw.sys (Atheros Communications, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (CO_Mon [Disabled | Running]) -- File not found
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider)
DRV - (Hotkey [System | Running]) -- C:\WINDOWS\System32\drivers\HOTKEY.sys ()
DRV - (ialm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (JMCR [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\jmcr.sys (JMicron Technology Corp.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTLE8023xp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS ( and
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( and
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ( and
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (smserial [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\smserial.sys (Motorola Inc.)
DRV - (SYMDNS [Unknown | Stopped]) -- Service key not found. File not found
DRV - (SymEvent [Unknown | Running]) -- Service key not found. File not found
DRV - (SYMFW [Unknown | Stopped]) -- Service key not found. File not found
DRV - (SYMIDS [Unknown | Stopped]) -- Service key not found. File not found
DRV - (SYMIDSCO [Unknown | Stopped]) -- Service key not found. File not found
DRV - (SYMNDIS [Unknown | Stopped]) -- Service key not found. File not found
DRV - (SYMREDRV [Unknown | Stopped]) -- Service key not found. File not found
DRV - (SYMTDI [Unknown | Running]) -- Service key not found. File not found
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (zteusbser [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\zteusbser.sys (ZTE Corporation)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 01:57:51 | 00,000,000 | ---D | M]

O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [] C:\Program Files\\UpdateChecker.exe (
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\CLN MONDJO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [SYMNRT] C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/22 12:17:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/05/31 18:28:33 | 00,000,000 | -HSD | M] - C:\autorun(2).inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/31 19:41:31 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/04/01 01:08:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/04/01 01:07:55 | 00,774,144 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB
[2010/04/01 01:07:54 | 01,414,440 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\ShellManager310E2D762.dll
[2010/04/01 01:07:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010/04/01 01:07:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JO\Application Data\Nero
[2010/04/01 00:04:06 | 00,000,322 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/04/01 00:04:05 | 00,000,675 | ---- | C] () -- C:\Documents and Settings\JO\Bureau\Glary Utilities.lnk
[2010/04/01 00:04:03 | 00,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2010/03/31 23:53:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/03/29 05:00:25 | 00,000,000 | ---D | C] -- C:\_OTL
[2010/03/28 23:41:51 | 00,000,000 | ---D | C] -- C:\Program Files\
[2010/03/28 22:51:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\
[2010/03/28 22:51:03 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/03/28 22:51:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JO\Application Data\
[2010/03/28 22:50:48 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2010/03/28 22:44:36 | 00,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2010/03/24 16:30:18 | 00,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/24 16:30:17 | 00,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/24 16:24:56 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/03/21 13:16:57 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2010/03/21 13:16:52 | 03,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/05/18 10:05:19 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/05/09 21:09:26 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/22 15:49:56 | 00,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/22 12:53:12 | 00,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2008/12/22 12:49:46 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4969.dll
[2006/03/02 13:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/03/02 13:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/04/01 11:58:02 | 00,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010/04/01 01:07:18 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini
[2010/04/01 00:04:07 | 00,000,322 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/04/01 00:04:05 | 00,000,675 | ---- | M] () -- C:\Documents and Settings\JO\Bureau\Glary Utilities.lnk
[2010/03/31 23:50:05 | 00,001,166 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-362288127-725345543-1004UA.job
[2010/03/31 23:49:05 | 00,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/31 23:39:09 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/31 23:39:06 | 00,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/31 23:38:20 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/31 23:38:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/31 23:38:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/29 13:50:00 | 00,001,114 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-362288127-725345543-1004Core.job
[2010/03/29 11:04:04 | 00,000,385 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/03/29 04:19:39 | 01,102,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/29 04:19:39 | 00,503,476 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/03/29 04:19:39 | 00,435,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/29 04:19:39 | 00,081,584 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/03/29 04:19:39 | 00,068,354 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/28 23:04:24 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\JO\Bureau\Defraggler.lnk
[2010/03/24 14:24:37 | 00,244,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
< End of report >

encore merci pour ton aide et pour ta disponibilité.
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
1 avril 2010 à 01:53

---> Télécharge ToolsCleaner2 sur ton Bureau.
* Double-clique sur ToolsCleaner2.exe pour le lancer.
* Clique sur Recherche et laisse le scan agir.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options Facultatives.
* Clique sur Quitter pour obtenir le rapport.
* Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


---> Télécharge et installe CCleaner (N'installe pas la Yahoo! Toolbar) :
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien

Sois plus vigilant(e) sur Internet ;)
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\HijackThis: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Rsit: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\AD Remover\Ad-R.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Hijackthis\HJTInstall.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\NE PAS TOUCHE OTM\OTM.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\RSIT\Rsit.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\USB Fix\UsbFix.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\USB Fix mars 2010\UsbFix.exe: trouvé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Zébulon diagnostic\ZHPdiag.exe: trouvé !
C:\Program Files\ZHPDiag: trouvé !
C:\Program Files\trend micro\HijackThis: trouvé !
C:\Program Files\trend micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !

--> Suppression:

C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\AD Remover\Ad-R.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Hijackthis\HijackThis.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Hijackthis\HJTInstall.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\NE PAS TOUCHE OTM\OTM.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Zébulon diagnostic\ZHPdiag.exe: supprimé !
C:\Program Files\trend micro\HijackThis\HijackThis.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\RSIT\Rsit.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\USB Fix\UsbFix.exe: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\USB Fix mars 2010\UsbFix.exe: supprimé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\HijackThis: supprimé !
C:\Documents and Settings\JO\Mes documents\Mes fichiers reçus\Rsit: supprimé !
C:\Program Files\ZHPDiag: supprimé !
C:\Program Files\trend micro\HijackThis: supprimé !
Comme j'avais coché résolu
Je n'avais pas lu le message précédent.
Merci pour cette finalisation.
et pour la lecture
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
8 avril 2010 à 00:01
Tu peux supprimer ToolsCleaner.