Sujet Précédent Sujet Suivant

Help,pc rame ,acces internet quasi impossible

Fermé
cath2309 - 31 août 2010 à 10:43
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 - 1 sept. 2010 à 13:35
Bonjour,
depuis que je suis rentrée de vacances mon pc rame ,une page internet met 3 plombes
a s afficher ,j exagere a peine,donc est ce un virus ou pas ? j en sais rien .si vous pouviez m aider ca serait sympa!


A voir également:

24 réponses

  • 1
  • 2
Réponse 1 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 13:01
bonjour

pas d'antivirus....!!

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

1
Réponse 2 / 24
webmaster45 Messages postés 386 Date d'inscription mercredi 3 mars 2010 Statut Membre Dernière intervention 3 février 2011 94
31 août 2010 à 10:43
A tu fait un test avec ton antivirus?
0
Réponse 3 / 24
cath2309
31 août 2010 à 10:45
justement y a pas d antivirus,je sais pas bien
0
Réponse 4 / 24
webmaster45 Messages postés 386 Date d'inscription mercredi 3 mars 2010 Statut Membre Dernière intervention 3 février 2011 94
31 août 2010 à 10:54
Et bien télécharge en un
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 24
cath2309
31 août 2010 à 17:00
oui je sais pas bien !alors voici le fichier et merci de m avoir repondu
Rapport de ZHPDiag v1.26.56 par Nicolas Coolman, Update du 24/08/2010
Run by cathy pardon at 31/08/2010 16:46:58
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.5512

---\\ System Information
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
Processor: x86 Family 15 Model 44 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 447 MB (23% free)
System drive C: has 10 GB (13%) free of 73 GB

---\\ Logged in mode
Computer Name: ACER-73356C3771
User Name: cathy pardon
All Users Names: SUPPORT_388945a0, HelpAssistant, cathy pardon, ASPNET, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 73 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 73 Go of 73 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK


---\\ Processus lancés
[MD5.031DD8DBD4B958B5765C8C111CB1EA03] - (.AVG Technologies CZ, s.r.o. - AVG Cache Server.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe [1101152]
[MD5.5654DB4719A3C52684A20C1CA443BF8F] - (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\Program Files\AVG\AVG9\avgrsx.exe [515424]
[MD5.78EF60FECB03144780151FD934BBAB94] - (.AVG Technologies CZ, s.r.o. - AVG Scanning Core Module - Server Part.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe [723296]
[MD5.03525DE05261D075EC9F56989B18065E] - (.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\acer\Acer eConsole\MediaServerService.exe [442368]
[MD5.C4D15594DB5BE042D3346EA58DF87D89] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136]
[MD5.126A16F569122AE00AD3D12EF831D651] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.AA054CD537357F03D5BA6ABA7562B35F] - (.AVG Technologies CZ, s.r.o. - AVG E-Mail Scanner.) -- C:\Program Files\AVG\AVG9\avgemc.exe [921952]
[MD5.7C8E0F172E0BE4F9A25E766F84D22E64] - (.AVG Technologies CZ, s.r.o. - AVG Network scanner Service.) -- C:\Program Files\AVG\AVG9\avgnsx.exe [620896]
[MD5.6351B9D79370A6795921FA3C3950DED6] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [77824]
[MD5.7A011702C0AA86AD79EFA86E66F411DC] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768]
[MD5.6D03048EF846508B3D2EA61ADAA518EC] - (.acer Inc. - Monitor.) -- C:\Program Files\Acer\eRecovery\Monitor.exe [352256]
[MD5.0FB9595345CCC1DA5975E29E23E11DC3] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88363]
[MD5.09F1A97848BFAB3F36EB216681465B85] - (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe [53248]
[MD5.F7CB7A9DFAAE43DE51D58C917F6B9891] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\VTtrayp.exe [143360]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248552]
[MD5.D816435986DE77F76F25FC17DD047439] - (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe [110592]
[MD5.002AC565956F140010DDB9E609973704] - (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe [421888]
[MD5.67F4CE7A350519B69A4DE226F2843C92] - (.1-Click Media - e-TF1 Embedded Download Manager.) -- C:\Program Files\TF1Vision\TF1vision.exe [397312]
[MD5.C7404423DED500729407CE45B705BBF5] - (.Tuto4PC - Tuto4PC.) -- C:\Program Files\Tuto4pc\tuto4pc.exe [966656]
[MD5.E9B04FD2921ACE22CA17FA7D5131F491] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\PROGRA~1\AVG\AVG9\avgtray.exe [2065760]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.090FA5F64CFB050B8FFAEC7F57C31834] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe [322352]
[MD5.4B789A62BFD74CDBDA5B53359030ACD5] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG9\avgui.exe [4093792]
[MD5.3D3C316BD1E112F3B9C532D8B9939BDC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [93184]
[MD5.731F05B5C01B3CA9B813561C0B90E722] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe [224632]
[MD5.1412A6785B953D99A2A83A1ED706ACE8] - (.Adobe Systems Incorporated - Adobe Reader 7.0.) -- c:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe [65536]
[MD5.4395BCEC356126F2020B478BBB003ABD] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [547328]


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - AVG Security Toolbar.) (4.906.030.002) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: T4PCBHO - {AB720781-0670-4e46-B82E-376AEF228F25} . (.Tuto4PC - ....) -- C:\Program Files\Tuto4pc\Tuto4pcBHO.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [MSPY2002] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\Windows\AGRSMMSG.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - Pas de description.) -- C:\Windows\System32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\Windows\System32\VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] . (.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [e-TF1] . (.1-Click Media - e-TF1 Embedded Download Manager.) -- C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [EoTraduction] Clé orpheline
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Tuto4pc] . (.Tuto4PC - Tuto4PC.) -- C:\Program Files\Tuto4pc\tuto4pc.exe
O4 - HKLM\..\Run: [UpdateTuto4PCHP] C:\Documents and Settings\cathy pardon\Application Data\PCtuto\SoftwareUpdate\UpdateTuto4PCHP.exe (.not file.)
O4 - HKLM\..\Run: [AVG9_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1570106061-833509052-641237796-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1570106061-833509052-641237796-1006\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1570106061-833509052-641237796-1006\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1570106061-833509052-641237796-1006\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1570106061-833509052-641237796-1006\..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (.not file.)
O4 - Global Startup: Adobe Reader Speed Launch.lnk . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{B454972F-88A4-4D19-BE8F-C81E0D49E960}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2


---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} . (.Google Inc. - Fast Search.) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: avgrsstarter . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Starter.) -- C:\WINDOWS\System32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer Media Server (Acer Media Server) . (.Acer Inc. - Acer UPnP Media Server Service.) - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) . (.AVG Technologies CZ, s.r.o. - AVG E-Mail Scanner.) - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf
O40 - ASIC: PixiePack Codec Pack 1.0.100.0 - {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r22.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: AVG Free AVI Loader Driver x86 (AvgLdx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\system32\Drivers\avgldx86.sys
O41 - Driver: AVG Free On-access Scanner Minifilter Driver x86 (AvgMfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\system32\Drivers\avgmfx86.sys
O41 - Driver: AVG Free Network Redirector (AvgTdiX) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\system32\Drivers\avgtdix.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: AVG Free 9.0 - (.AVG Technologies.) [HKLM] -- AVG9Uninstall
O42 - Logiciel: Acer eConsole - (.Pas de propriétaire.) [HKLM] -- {EC028E6B-F3F1-4192-B63E-A7C97302ED5A}
O42 - Logiciel: Acer eMode Management - (.Pas de propriétaire.) [HKLM] -- {65CDEC30-4BF4-48FB-8059-9FC480E4E94F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 7.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A70000000000}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agere Systems PCI Soft Modem - (.Pas de propriétaire.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Courriers Types et CV - (.Pas de propriétaire.) [HKLM] -- {475ED05A-015D-4FF3-A3FF-0EF7515DD15F}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150020}
O42 - Logiciel: Java(TM) 6 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216021FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: K-Lite Codec Pack 5.2.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LiveUpdate 2.5 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: NTI HomeVideo-Maker - (.ArcSoft.) [HKLM] -- {B8A6F713-D72D-47AD-A92D-B5C0E13F98C1}
O42 - Logiciel: Nero 6 - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre
O42 - Logiciel: PixiePack Codec Pack - (.None.) [HKLM] -- {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}
O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: SoftwareUpdate 1.0 - (.PCtuto.) [HKLM] -- SoftwareUpdate
O42 - Logiciel: TF1Vision version 1.3.1.5 - (.e-TF1 / 1-Click Media.) [HKLM] -- {1D66CBE2-F5A1-4BBB-A842-B32CC295D6AF}_is1
O42 - Logiciel: Tuto Avast1.0.0.0 - (.Tuto4pc.) [HKLM] -- Tuto Avast
O42 - Logiciel: Tuto4pc 1.0 - (.Tuto4pc.) [HKLM] -- Tuto4pc
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.0 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVG Security Toolbar]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Cyberlink]
[HKCU\Software\EoRezo]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hotbar]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaInfo]
[HKCU\Software\Mediachance]
[HKCU\Software\Monitored]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RapidSolution]
[HKCU\Software\TomTom]
[HKCU\Software\Tuto4PC]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\acer]
[HKCU\Software\eMule]
[HKCU\Software\settings]
[HKLM\Software\58f]
[HKLM\Software\5ac]
[HKLM\Software\781]
[HKLM\Software\AVG Security Toolbar]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Audible]
[HKLM\Software\Avg]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Conduit]
[HKLM\Software\CyberLink]
[HKLM\Software\EoRezo]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\InstallShield]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Macromedia]
[HKLM\Software\Micro Application]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RapidSolution]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Symantec]
[HKLM\Software\TomTom]
[HKLM\Software\Via4in1Driver]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Yahoo]
[HKLM\Software\acer]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]


---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\AVG
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\AvRack
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek Sound Manager
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\acer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Labtec
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD:Common File Directory ----D- C:\Program Files\TF1Vision
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\Symantec
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\PixiePack Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft WSE
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Saving Optimizer
O43 - CFD:Common File Directory ----D- C:\Program Files\Media Access Startup
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\rkfree
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\System Search Dispatcher
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update(2)
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application
O43 - CFD:Common File Directory ----D- C:\Program Files\Tuto4pc
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Symantec Shared(2)
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Electronic Arts


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 31/08/2010 - 11:19:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1301098]
O44 - LFC:[MD5.A35CBCDE49DA85E3A05722C8DD7E0B23] - 31/08/2010 - 11:19:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [98581]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/08/2010 - 11:19:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - 31/08/2010 - 11:18:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 31/08/2010 - 11:18:04 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.00000000000000000000000000000000] - 31/08/2010 - 11:17:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [31926]
O44 - LFC:[MD5.00000000000000000000000000000000] - 31/08/2010 - 11:17:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.D2A2B291414EB3D256B9E49331ED06C3] - 31/08/2010 - 10:14:18 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Starter.) -- C:\WINDOWS\System32\avgrsstx.dll [12536]
O44 - LFC:[MD5.B8C187439D27ABA430DD69FDCF1FA657] - 31/08/2010 - 10:14:16 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [216400]
O44 - LFC:[MD5.22E3B793C3E61720F03D3A22351AF410] - 31/08/2010 - 10:14:16 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [243024]
O44 - LFC:[MD5.53B3F979930A786A614D29CAFE99F645] - 31/08/2010 - 10:14:16 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [29584]
O44 - LFC:[MD5.3E2B8C32D2928FF034EBA7F5DDF04DF0] - 28/08/2010 - 20:59:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1176558]
O44 - LFC:[MD5.808300DCDE8C678A29E5DF6A9D64FFEA] - 28/08/2010 - 20:59:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [84250]
O44 - LFC:[MD5.2CDC969A512740CD67477C3FDF6C8FE5] - 28/08/2010 - 20:59:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [101282]
O44 - LFC:[MD5.7F08F92B60C46AD91042332356778B99] - 28/08/2010 - 20:59:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [472856]
O44 - LFC:[MD5.60EFCEEA8EF2D98361FA32CB98A5B730] - 28/08/2010 - 20:59:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [546792]
O44 - LFC:[MD5.4551DCD8F65AF4C2FF45005B17DEC95C] - 28/08/2010 - 11:59:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [404]
O44 - LFC:[MD5.7699A12A9FC749ABD620EEF10594643B] - 27/08/2010 - 19:55:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [1158]
O44 - LFC:[MD5.B59867C38B1F3FFC1B9C5E03510E1B16] - 24/08/2010 - 09:48:56 ---A- . (.Sun Microsystems, Inc. - Java(TM) Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728]
O44 - LFC:[MD5.E4478DF37C06221A5E3F4EAE52F88F90] - 24/08/2010 - 09:48:56 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]
O44 - LFC:[MD5.359B080F9226D078847E363C7AEDA903] - 24/08/2010 - 09:48:56 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]
O44 - LFC:[MD5.06CCE24882D9577D3795432E1B22FE4A] - 24/08/2010 - 09:48:56 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376]
O44 - LFC:[MD5.0686CD90E881F84A2950951A305443E7] - 24/08/2010 - 09:48:54 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [423656]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 17/08/2010 - 20:32:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.BB722A7BC82CA8A4466F466DF9F07BE0] - 17/08/2010 - 20:30:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NAVIGMA.INI [40]
O44 - LFC:[MD5.83153070BA06DF0E19395E3197309BA8] - 17/08/2010 - 20:27:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\Odbcjet.cnt [7348]
O44 - LFC:[MD5.9793ADBD11FD0E8D1DEED0F2B680410B] - 17/08/2010 - 20:27:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\Odbcjet.hlp [171967]
O44 - LFC:[MD5.C750112871FC7D6A37B9DB626D2ACCE4] - 17/08/2010 - 20:27:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\odbcinst.cnt [324]
O44 - LFC:[MD5.30D91C92F2D01F733C8B838253421BCE] - 17/08/2010 - 20:27:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\odbcinst.hlp [37062]
O44 - LFC:[MD5.95D9970A2CD07E94D42E78F8D74075D1] - 17/08/2010 - 20:27:42 ---A- . (.Infragistics, Inc. - ActiveScroll Control.) -- C:\WINDOWS\System32\ssscrl30.ocx [194320]
O44 - LFC:[MD5.6C9E8E1401D78C04FEC2F8C8F5118772] - 17/08/2010 - 20:27:42 ---A- . (.Infragistics, Inc. - ActiveSplitter Control.) -- C:\WINDOWS\System32\sssplt30.ocx [177936]
O44 - LFC:[MD5.49278B08E16800C3E7C59616FD779A45] - 17/08/2010 - 20:27:42 ---A- . (.Infragistics, Inc. - ActiveThreed Controls.) -- C:\WINDOWS\System32\ssa3d30.ocx [349968]
O44 - LFC:[MD5.26FC83BBD2E84EACA79B34E57225AC34] - 17/08/2010 - 20:27:42 ---A- . (.Infragistics, Inc. - SSPng.) -- C:\WINDOWS\System32\SSPng2.dll [67288]
O44 - LFC:[MD5.40239602E1FB6FEFC6F1DFC15922A26C] - 17/08/2010 - 20:27:42 ---A- . (.Infragistics, Inc. - SSTree ActiveX Control.) -- C:\WINDOWS\System32\SSTree.ocx [337672]
O44 - LFC:[MD5.D9F58F43FFB7AD9F0562740C737FD458] - 17/08/2010 - 20:27:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\Tx32.dll [446464]
O44 - LFC:[MD5.C34A8EAD7653C0E9DD709DA9E0EEC017] - 17/08/2010 - 20:27:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ic32.ini [151]
O44 - LFC:[MD5.EE2D9927A3D6319AA5764373A37526DC] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - Control Window Management Tool.) -- C:\WINDOWS\System32\wndtls32.dll [61440]
O44 - LFC:[MD5.DA6930335665C1FB5AB9979FAC16956C] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - IC Image Control.) -- C:\WINDOWS\System32\ic32.dll [69632]
O44 - LFC:[MD5.F41170C140E32F35746B00803029B17D] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - Image Import Filter for TIFF files.) -- C:\WINDOWS\System32\tx_tif32.flt [45056]
O44 - LFC:[MD5.C8C2F986408700512C210017B54DB8F7] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - Image Import Filter for Windows Bitmaps.) -- C:\WINDOWS\System32\tx_bmp32.flt [32768]
O44 - LFC:[MD5.E93B58942959B3A4306E6D73BF6E034D] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - Image Import Filter for Windows Metafiles.) -- C:\WINDOWS\System32\tx_wmf32.flt [32768]
O44 - LFC:[MD5.E1EF498BD09CFAB20F2EE60C3A693993] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - TX Text Control Filter for HTML Format.) -- C:\WINDOWS\System32\tx_htm32.dll [135168]
O44 - LFC:[MD5.065AA3E556D2B1EE9B41044F658F9695] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - TX Text Control Filter for Rich Text Format.) -- C:\WINDOWS\System32\tx_rtf32.dll [131072]
O44 - LFC:[MD5.AE62E9756965FBDC65029085001F25CC] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - TX Text Control Filter for Word Format.) -- C:\WINDOWS\System32\tx_word.dll [323584]
O44 - LFC:[MD5.2B75FB6B9615C82C9D70F8C2FFB39FD9] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - TX Text Control OLE container library.) -- C:\WINDOWS\System32\txobj32.dll [327680]
O44 - LFC:[MD5.E26494D9DA9846BDC9A06D99FACB69FF] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - TX TextControl Custom OLE Control.) -- C:\WINDOWS\System32\Tx4ole.ocx [290816]
O44 - LFC:[MD5.DC44784DF44FEA5F29CEB14EA2D31B83] - 17/08/2010 - 20:27:42 ---A- . (.The Imaging Source Europe GmbH - Tool Bars for TX Text Control.) -- C:\WINDOWS\System32\txtls32.dll [81920]
O44 - LFC:[MD5.8FB93FF655F92EEC55E97571033BBC60] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2229593.log [6985]
O44 - LFC:[MD5.CA30E1314E0494151E80A11DB5A7CAD0] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [40797]
O44 - LFC:[MD5.A1AC2735B1EB4F573A1F9A8BCFB7AEA2] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [19656]
O44 - LFC:[MD5.5A2E053EC90A7CC14EF78610574C9F7A] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.E36A095424B0263BA6F0320DAD133C99] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [24706]
O44 - LFC:[MD5.78C6347D6ECC23834B843647BAD63665] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [6840]
O44 - LFC:[MD5.BB9CE839DBDD4F45F4F78B5C4A3479AD] - 12/08/2010 - 19:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [47180]
O44 - LFC:[MD5.78314A537A8E3469DAB40BD024E598C7] - 12/08/2010 - 19:58:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [123179]
O44 - LFC:[MD5.3A9485A0893A4117890B7A41E9A7E514] - 12/08/2010 - 19:58:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [6180]
O44 - LFC:[MD5.915B58BD19E8BC0A71732D4A24DB06F2] - 12/08/2010 - 19:58:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [59120]
O44 - LFC:[MD5.1800986FC4E116A6B5C322DA719F534F] - 12/08/2010 - 19:29:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [182632]
O44 - LFC:[MD5.C791440BD6C09F36642EE06E3F316EDB] - 12/08/2010 - 18:05:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2183461.log [34324]
O44 - LFC:[MD5.607C12AC27D9822752B562386A68D8BA] - 12/08/2010 - 18:05:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.FE79BD3724A15D6C8C3CC6DF13A97867] - 12/08/2010 - 18:05:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\updspapi.log [5330]
O44 - LFC:[MD5.8F150DA3E713A9309D3FCD8F8A49B75F] - 12/08/2010 - 18:04:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982214.log [17156]
O44 - LFC:[MD5.F46B62D5098E6E35C6DA0E416D2A1ABF] - 12/08/2010 - 18:04:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2115168.log [26280]
O44 - LFC:[MD5.3C8F639924F945ED65A5F615B48AED79] - 12/08/2010 - 18:04:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981852.log [20500]
O44 - LFC:[MD5.69E5E2848B2056F6F46643277D86D68C] - 12/08/2010 - 18:04:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2079403.log [27405]
O44 - LFC:[MD5.BA6B6EB9A82D35565EACFDA83932513F] - 12/08/2010 - 18:00:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2160329.log [27109]
O44 - LFC:[MD5.D2A0A18CBC351D197F396797DF15B6CC] - 12/08/2010 - 18:00:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980436.log [25753]
O44 - LFC:[MD5.EC1AA2E0DE0BF7968F9178FD5174B0C5] - 12/08/2010 - 18:00:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2286198.log [13130]
O44 - LFC:[MD5.58649ED72563A10FA65F429EFBF46BAD] - 12/08/2010 - 18:00:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981997.log [14491]
O44 - LFC:[MD5.8B1708C84AD8E61557584C1C87D8A04E] - 12/08/2010 - 17:59:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982665.log [23663]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/08/2010 - 07:40:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/08/2010 - 07:40:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setuperr.log [0]


---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll


---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [Enabled] .(.Acer Inc. - Media Synchronizer.) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\eConsole.exe" [Enabled] .(.Acer Inc. - eConsole.) -- C:\Program Files\Acer\Acer eConsole\eConsole.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe" [Enabled] .(.Acer Inc. - Acer UPnP Media Server Service.) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.https://www.emule-project.net/home/perl/general.cgi?l=1 - eMule.) -- C:\Program Files\eMule\emule.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\avgnsx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o. - AVG Network scanner Service.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\avgemc.exe" [Enabled] .(.AVG Technologies CZ, s.r.o. - AVG E-Mail Scanner.) -- C:\Program Files\AVG\AVG9\avgemc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG9\avgupd.exe" [Enabled] .(.AVG Technologies CZ, s.r.o. - AVG Update module.) -- C:\Program Files\AVG\AVG9\avgupd.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll


---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d


---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{08282f84-3645-11de-92fe-000fea2dafa0}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- L:\LaunchU3.exe -a (.not file.)


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="
0
Réponse 6 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 17:33
lis bien les instructions qui sont et seront données

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

0
Réponse 7 / 24
cath2309
31 août 2010 à 17:56
voici le lien :http://www.cijoint.fr/cjlink.php?file=cj201008/cijvDqPymR.txt
0
Réponse 8 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 18:03
justement y a pas d antivirus,je sais pas bien

=> je vois que AVG est installé

.............

Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
0
Réponse 9 / 24
cath2309
31 août 2010 à 18:11
ok je vais essayé, et oui j ai instalé l anti virus apres du coup
0
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 18:26
ok

@+
0
Réponse 10 / 24
cath2309
31 août 2010 à 19:51
voici le rapport d analyse:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4514

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

31/08/2010 19:24:04
mbam-log-2010-08-31 (19-24-04).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 191803
Temps écoulé: 1 heure(s), 7 minute(s), 32 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 28
Fichier(s) infecté(s): 140

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\cathy pardon\Application Data\PCtuto\SoftwareUpdate\Software.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP374\A0099441.exe (Adware.Ziniky) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP376\A0099592.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP378\A0102546.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP380\A0104585.exe (Adware.Ziniky) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Data\Module_WebDropdown_07.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_07.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_07.png (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\DoubleD\GamingHarbor Toolbar\4.2.3.22530\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090828-224952.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090828-225025.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090828-225139.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090828-225212.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090828-225232.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090828-225239.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-224941.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-224951.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-225025.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-225139.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-225212.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-225232.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\cathy pardon\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090828-225239.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
0
Réponse 11 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 19:55
ok

tu peux vider la quarantaine de mbam


DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est detecté a tort comme infection)

Télécharge ici :List_Kill'em et enregistre le sur ton bureau

http://sd-4.archive-host.com/membres/up/829108531491024/Mes_Tools/List_Killem_Install.exe

ou

http://www.archive-host.com

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur le raccourci sur ton bureau pour lancer l'installation

Laisse coché :

Executer List_Kill'em

une fois terminée , clic sur "terminer" et le programme se lancera seul

choisis l'option Search

laisse travailler l'outil

il se peut qu'une boite de dialogue s'ouvre , dans ce cas clique sur "ok" ou "Agree"

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal ,c'est une recherche supplementaire de fichiers cachés , le programme n'est pas bloqué.

Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=265368/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Fais de même avec more.txt qui se trouve sur ton bureau
0
Réponse 12 / 24
cath2309
31 août 2010 à 20:43
http://www.cijoint.fr/cjlink.php?file=cj201008/cij6qBeG4d.txt
par contre je n ai ^pas more.txt
0
Réponse 13 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 21:23
ok

1)

Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :

choisis l'option CLEAN
ton PC va redemarrer,

laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

colle le contenu dans ta reponse

.........................

2)

fais un nouveau rapport ZHPdiag et poste le lien de ci joint stp
0
Réponse 14 / 24
cath2309
31 août 2010 à 21:50
voici les liens:
http://www.cijoint.fr/cjlink.php?file=cj201008/cijaQUnWLW.txt pour kill,em.txt

http://www.cijoint.fr/cjlink.php?file=cj201008/cijnA66HfW.txt pour zhpdiag
0
Réponse 15 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 22:05
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

O4 - HKLM\..\Run: [UpdateTuto4PCHP] C:\Documents and Settings\cathy pardon\Application Data\PCtuto\SoftwareUpdate\UpdateTuto4PCHP.exe (.not file.)
[MD5.C7404423DED500729407CE45B705BBF5] - (.Tuto4PC - Tuto4PC.) -- C:\Program Files\Tuto4pc\tuto4pc.exe [966656]
O2 - BHO: T4PCBHO - {AB720781-0670-4e46-B82E-376AEF228F25} . (.Tuto4PC - ....) -- C:\Program Files\Tuto4pc\Tuto4pcBHO.dll
O4 - HKLM\..\Run: [Tuto4pc] . (.Tuto4PC - Tuto4PC.) -- C:\Program Files\Tuto4pc\tuto4pc.exe
O42 - Logiciel: Tuto4pc 1.0 - (.Tuto4pc.) [HKLM] -- Tuto4pc
O43 - CFD:Common File Directory ----D- C:\Program Files\Tuto4pc

Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ".

Copie/Colle le rapport à l'écran dans ton prochain message

le rapport se trouve dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport
0
Réponse 16 / 24
cath2309
31 août 2010 à 22:41
voici le rapport
Rapport de ZHPFix v1.12.3141 par Nicolas Coolman, Update du 27/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-31-08-2010-22-33-46.txt
Run by cathy pardon at 31/08/2010 22:33:47
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
O2 - BHO: T4PCBHO - {AB720781-0670-4e46-B82E-376AEF228F25} . (.Tuto4PC - ....) -- C:\Program Files\Tuto4pc\Tuto4pcBHO.dll => Clé absente

========== Valeur(s) du Registre ==========
O4 - HKLM\..\Run: [UpdateTuto4PCHP] C:\Documents and Settings\cathy pardon\Application Data\PCtuto\SoftwareUpdate\UpdateTuto4PCHP.exe (.not file.) => Valeur absente
O4 - HKLM\..\Run: [Tuto4pc] . (.Tuto4PC - Tuto4PC.) -- C:\Program Files\Tuto4pc\tuto4pc.exe => Valeur absente

========== Dossier(s) ==========
C:\Program Files\Tuto4pc => Fichier supprimé au reboot

========== Fichier(s) ==========
c:\documents and settings\cathy pardon\application data\pctuto\softwareupdate\updatetuto4pchp.exe => Supprimé et mis en quarantaine

========== Logiciel(s) ==========
O42 - Logiciel: Tuto4pc 1.0 - (.Tuto4pc.) [HKLM] -- Tuto4pc => Logiciel déjà supprimé


========== Récapitulatif ==========
1 : Clé(s) du Registre
2 : Valeur(s) du Registre
1 : Dossier(s)
1 : Fichier(s)
1 : Logiciel(s)


End of the scan
0
Réponse 17 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 22:43
ok

comment va ce pc et ton acces internet ?
0
Réponse 18 / 24
cath2309
31 août 2010 à 22:47
impeccable! merci du temps passé a m aider ,c tres tres sympa
0
Réponse 19 / 24
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
31 août 2010 à 22:56
Ok

Alors on termine


1)
Mettre à jour internet explorer (même si tu ne l'utlises pas)
https://support.microsoft.com/fr-fr/allproducts

..........................

2)

Mettre à jour la Console Java ? :
https://www.java.com/fr/download/uninstalltool.jsp

et installer la nouvelle version si besoin est (dans ce cas désinstalle avant l'ancienne version).

voici pour desinstaller :

JavaRa
http://raproducts.org/click/click.php?id=1

Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.

Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.


.............

3)

Mets à jour Adobe Reader (désinstalle avant la version antérieure)
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html

puis

* Lancez Adobe Reader
* Cliquez sur Edition --> Préférences --> JavaScript
* Décochez "Activer Acrobat JavaScript"
* Validez

....................

4)
IMPORTANT

Purger la restauration systeme XP

http://www.bibou0007.com/windows-xp-f101/purger-la-restauration-du-systeme-sous-windows-xp-t151.htm


.................

5)
Clique droit sur l'icône ZHPFix.exe sur ton Bureau,
puis sélectionne 'Exécuter en tant qu'administrateur'.

Clique sur le A rouge (Nettoyeur de Tools).

Clique sur Nettoyer.

Fais redémarrer l'ordi pour terminer le nettoyage.

......................................

Recommandations pour l'avenir

Tu es la meilleure protection pour ton pc que tout autre antivirus, si tu admets un minimum de rigueur dans son utilisation...Les virus sont vigilants et pénètrent ta machine par toutes les portes que tu laisseras ouvertes...
- logiciels non à jour (windows, internet explorer, java, adobe reader etc)
- installation de toolbar
- fréquentation de sites piégés
- P2P
- Application de cracks
- Supports usb

Pour t'aider dans cette tâche, voici quelques pistes

Pour naviguer sur internet plus en sécurité et à l'abri des publicités, je te conseille vivement d'installer et d'utiliser le navigateur firefox
http://www.mozilla-europe.org/fr/firefox/

Une fois que c'est fait, lances le et installe l'extension de sécurité adblock plus
pour bloquer les publicités
http://www.clubic.com/telecharger-fiche45912-adblock-plus.html

............................

WOT - Extension pour ton navigateur internet :
Voici une extension à télécharger qui te permettra, en faisant tes recherches sur google, de savoir si le site proposé lors de tes recherches est un site de confiance ou un site à éviter car il pourrait infecter ton PC :
Pour Firefox : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/
Pour internet explorer : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp

........................

Pour éviter une infection toolbar, il faut tout lire attentivement lorsque tu installes un programme gratuit, et décocher tous les programmes additionnels qui sont proposés, en particulier les barres d'outils !

..........................

Vaccines tes disques amovibles à l'aide de USBFix (de Chiquitine29 et C_XX)
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
Au menu principal, choisis l'option 3 (Vaccination).
............................

garder Malwarebytes et faire un examen de temps en temps ton PC, avec mise à jour avant chaque scan
.......................

Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

* Lance-le.(clic droit "en tant qu'administrateur" pour Vista) Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse

..........................
utilitaire pour défragmenter , utilises pour ce faire Defraggler https://www.clubic.com/telecharger-fiche44314-defraggler.html

........................
A lire pour mieux comprendre l'environnement qui t'entoure
http://assiste.com.free.fr/p/abc/a/zombies_et_botnets.html
https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf

http://www.libellules.ch/...






0
Réponse 20 / 24
cath2309
31 août 2010 à 23:07
ba je vois que j ai un rude bazar ds mo pc!!bon je mis mets !!
0

Discussions similaires

35 GO à l'étranger
Laurence -
Laurence -

2 réponses