Bonjour, Configuration: Windows Vista / Firefox 3.6.17 j'ai eu windows recovery que j'ai tué grace à rogue killer mais maintenant rien n'est noté dans menu démarrer à part en anglais (pictures,music...), je n'ai plus accès à msn non plus Le virus n'est pas trouvé par malware byte mais comment récuperer ces données?Merci

Hello! > Télécharges RogueKiller (de tigzy) sur ton bureau. > Quittes tous tes programmes en cours > Lances-le. (Clique droit/Exécuter en tant qu'administrateur pour Vista/7). > Lorsque demandé, tape 6 et valide par Entrée. Remarque: Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. > Poste le rapport qui s'ouvre. ________________________________________________________________ Ensuite ________________________________________________________________ On va faire un diagnostique de ton pc. > Télécharges ZHPDiag (de Nicolas coolman) sur ton bureau. > Un fois le téléchargement terminé, double cliques sur ZHPDiag.exe et suis les instructions d'installation. (Clique droit/Exécuter en tant qu'administrateur pour Vista/7). > Coches la case Créer une îcone sur le bureau lors de l'installation. > A la fin de l'installation, ZHPDiag va se lancer tout seul. > Cliques sur l'icône représentant une loupe. > En fin de scan, enregistres le rapport sur ton Bureau. Pour cela, clique sur l'îcone représentant une disquette. > Héberge le rapport sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse sur le forum. @+

Windows vista recovery

Réponse 21 / 48

Utilisateur anonyme

re une question :

tu executes bien tous les outils avec le clic droit "executer en tant qu'administrateur" roguekiller compris ?

et toutes protections desactivées ?

Réponse 22 / 48

murphy

toutes protections c'est à dire avast aussi?

Réponse 23 / 48

Utilisateur anonyme

ah ok !!

et....la sandbox d'avast aussi est activée ?

Réponse 24 / 48

murphy

euh je vais paraitre nulle et je le suis mais comment fait-on?

Réponse 25 / 48

Utilisateur anonyme

ben on la desactive :)......comme ca :

Ouvrez Avast ---> Cliquez sur Protection suplémentaire ---> Autosandbox, Paramètre: Décochez "activer autosandbox" ---> OK et fermer.

Réponse 26 / 48

murphy

"vous ne disposez pas des autorisations requises pour accéder à ce dossier"
voilà ce que ça me met quand je veux supprimer des docs....

Réponse 27 / 48

Utilisateur anonyme

C:\Utilisateurs\ta session tu peux pas là ?

roro04 Messages postés 1200 Statut Contributeur 179

Désactive la sandbox comme gen-hackman te l'a demandé. Ensuite refais la manipulation que je t'ai décrite pour rétablir tes raccourcis.

murphy

j'ai un all users,un default users,un default un public et un moi,ça fait du monde alos que je suis seule à l'utiliser...quant aux raccourcis ça a l'air bon merci!

Utilisateur anonyme

ben c'est dans "moi" ^^

Réponse 28 / 48

roro04 Messages postés 1200 Statut Contributeur 179

Bon, reposte un ZHPDiag et on finalise.

murphy

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048
MFIE: Mozilla Firefox v3.6.17 (fr) (Defaut)
GCIE: Google Chrome

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2939 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 55 GB (47%) free of 116 GB

---\\ Logged in mode
Computer Name: PC-DE-GAELLE
User Name: gaelle
All Users Names: gaelle, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\gaelle\AppData\Roaming
%LocalAppData%=C:\Users\gaelle\AppData\Local
%StartMenu%=C:\Users\gaelle\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 55 Go of 116 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 110 Go of 115 Go)
F:\ CD-ROM drive (Not Inserted)

voilà!merci!

roro04 Messages postés 1200 Statut Contributeur 179

Non, poste le par cjoint.

murphy

http://cjoint.com/?AFjth2QRWyn

Réponse 29 / 48

roro04 Messages postés 1200 Statut Contributeur 179

Re,

> Clique sur l'icône ZHPFix présente sur ton bureau. (Clique droit/Exécuter en tant qu'administrateur pour Vista/7)
> Clique sur le H bleu.
> Copie/Colle le texte en gras ci-dessous.

[HKCU\Software\ShopperReports3]
[HKCU\Software\SpiderMessenger]
[HKLM\Software\ScanQuery]
[HKLM\Software\ShopperReports3]
[HKCR\MenuButtonIE.ButtonIE]
[HKCR\MenuButtonIE.ButtonIE.1]
[HKCR\shopperreports.cntntdic]
[HKCR\shopperreports.cntntdic.1]
[HKCR\shopperreports.cntntdisp]
[HKCR\shopperreports.cntntdisp.1]
[HKCR\shopperreports.stock]
[HKCR\shopperreports.stock.1]
[HKLM\Software\Classes\AppID\BRNstIE.DLL]
[HKLM\Software\Classes\AppID\MenuButtonIE.DLL]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1]
[HKLM\Software\Classes\MenuButtonIE.ButtonIE]
[HKLM\Software\Classes\MenuButtonIE.ButtonIE.1]
[HKLM\Software\Classes\ShopperReports.CntntDic]
[HKLM\Software\Classes\ShopperReports.CntntDic.1]
[HKLM\Software\Classes\ShopperReports.CntntDisp]
[HKLM\Software\Classes\ShopperReports.CntntDisp.1]
[HKLM\Software\Classes\ShopperReports.Stock]
[HKLM\Software\Classes\ShopperReports.Stock.1]
[HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5}]
[HKCU\Software\ShopperReports3]
[HKLM\Software\ShopperReports3]
[HKCU\Software\SpiderMessenger]
[HKCU\Software\SpiderMessenger]
[HKLM\Software\Mozilla\Firefox\Extensions]:shopperreports@shopperreports.com
[HKLM\Software\Mozilla\Firefox\Extensions]:SpiderMessengerHelper@spidermessenger.com
[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]:ShopperReports 3.0.517.0
[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]:ShopperReports 3.0.517.0
C:\Users\gaelle\AppData\Roaming\Adobe\plugs
C:\Users\gaelle\AppData\Roaming\Adobe\shed
C:\Program Files\Mozilla Firefox\Extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
O43 - CFD: 27/08/2010 - 10:29:18 - [2100] ----D- C:\ProgramData\Global Software Publishing and Emme
O43 - CFD: 22/05/2011 - 06:47:22 - [0] ----D- C:\Users\gaelle\Appdata\Local\{053411FE-6308-4BEE-8C78-E16B2C26D96B}
O43 - CFD: 18/05/2011 - 19:43:20 - [0] ----D- C:\Users\gaelle\Appdata\Local\{0B32742B-C505-4F3C-AEAC-86C28AC6E68E}
O43 - CFD: 29/04/2011 - 08:32:20 - [0] ----D- C:\Users\gaelle\Appdata\Local\{1187303C-3009-4162-8B32-DD932A4181C1}
O43 - CFD: 29/04/2011 - 20:46:00 - [0] ----D- C:\Users\gaelle\Appdata\Local\{11A82A7D-0C03-44A1-B7C1-036D00C0FB3F}
O43 - CFD: 06/05/2011 - 18:51:54 - [0] ----D- C:\Users\gaelle\Appdata\Local\{144A4EE1-AF98-48F2-ABF4-20DBAF056E77}
O43 - CFD: 28/04/2011 - 19:09:46 - [0] ----D- C:\Users\gaelle\Appdata\Local\{151B10FC-9553-48C0-94A5-3D9E00B80BA8}
O43 - CFD: 05/06/2011 - 07:41:16 - [0] ----D- C:\Users\gaelle\Appdata\Local\{1F0314CB-6345-44AC-AD89-0DE065225602}
O43 - CFD: 07/05/2011 - 08:22:50 - [0] ----D- C:\Users\gaelle\Appdata\Local\{1F998DB4-D2AC-4760-AFCA-C3EA730C36F2}
O43 - CFD: 07/04/2011 - 08:58:58 - [0] ----D- C:\Users\gaelle\Appdata\Local\{2419E019-4A0A-4E0B-96C2-1EBF0D4C7B7B}
O43 - CFD: 01/05/2011 - 10:10:46 - [0] ----D- C:\Users\gaelle\Appdata\Local\{259D63BA-4846-4666-93E1-CFE5AF1A6562}
O43 - CFD: 14/05/2011 - 12:07:32 - [0] ----D- C:\Users\gaelle\Appdata\Local\{25B27404-1B0E-41A1-A409-0B84B89CDBED}
O43 - CFD: 25/05/2011 - 06:47:22 - [0] ----D- C:\Users\gaelle\Appdata\Local\{278D1E12-44D0-47FA-853D-85762660CEFE}
O43 - CFD: 09/05/2011 - 06:13:50 - [0] ----D- C:\Users\gaelle\Appdata\Local\{2A430B9A-DA60-47D1-97E9-015CCD5B440A}
O43 - CFD: 06/06/2011 - 07:14:32 - [0] ----D- C:\Users\gaelle\Appdata\Local\{2C033A6E-EF58-403D-BA09-D9F225084540}
O43 - CFD: 06/04/2011 - 08:41:38 - [0] ----D- C:\Users\gaelle\Appdata\Local\{30505C58-446F-4F24-8B56-8E6677D8DDDB}
O43 - CFD: 05/05/2011 - 13:23:08 - [0] ----D- C:\Users\gaelle\Appdata\Local\{3103DCA4-6146-40DC-B486-0517293B7520}
O43 - CFD: 17/04/2011 - 08:59:02 - [0] ----D- C:\Users\gaelle\Appdata\Local\{346E02CB-8476-4F95-BCDA-503AA716788F}
O43 - CFD: 04/04/2011 - 09:23:14 - [0] ----D- C:\Users\gaelle\Appdata\Local\{3A8C431C-CC90-4EAC-8C1A-BDC2AB2865D7}
O43 - CFD: 13/04/2011 - 09:04:16 - [0] ----D- C:\Users\gaelle\Appdata\Local\{3BE970BA-E4FA-4381-B19D-A567DED60FB2}
O43 - CFD: 21/05/2011 - 06:35:24 - [0] ----D- C:\Users\gaelle\Appdata\Local\{3D0A7839-ACDB-42B2-AAA4-7AECC85508A3}
O43 - CFD: 13/05/2011 - 17:05:18 - [0] ----D- C:\Users\gaelle\Appdata\Local\{3FEB4914-EFDD-402E-B94A-1AEC4A7136A6}
O43 - CFD: 04/06/2011 - 06:14:06 - [0] ----D- C:\Users\gaelle\Appdata\Local\{4282A289-26CD-46F8-A43A-C4F4EDEB3E18}
O43 - CFD: 29/05/2011 - 08:42:26 - [0] ----D- C:\Users\gaelle\Appdata\Local\{4513D13C-B83C-4E7B-8C82-9DE9DBEA667C}
O43 - CFD: 12/04/2011 - 09:07:34 - [0] ----D- C:\Users\gaelle\Appdata\Local\{4A501714-90D8-4E23-BDE4-72C425308B9E}
O43 - CFD: 03/05/2011 - 20:45:02 - [0] ----D- C:\Users\gaelle\Appdata\Local\{4C8E6E80-2AE7-4A57-9D9E-B7843FE4E18D}
O43 - CFD: 11/05/2011 - 14:15:22 - [0] ----D- C:\Users\gaelle\Appdata\Local\{4F040A62-3AB1-4D0A-80F4-A0B8DE902445}
O43 - CFD: 15/05/2011 - 14:58:48 - [0] ----D- C:\Users\gaelle\Appdata\Local\{55D8DBFB-CB76-4153-8833-5D9662E39802}
O43 - CFD: 16/04/2011 - 19:13:04 - [0] ----D- C:\Users\gaelle\Appdata\Local\{595078A1-D64F-4096-9F31-F44B92FD0128}
O43 - CFD: 02/04/2011 - 06:59:16 - [0] ----D- C:\Users\gaelle\Appdata\Local\{5DD926D5-738C-4F86-9D83-1F641322EE04}
O43 - CFD: 07/06/2011 - 07:18:14 - [0] ----D- C:\Users\gaelle\Appdata\Local\{623EFCB6-1EBC-4BD9-9609-FEADA848AA95}
O43 - CFD: 05/06/2011 - 14:53:30 - [0] ----D- C:\Users\gaelle\Appdata\Local\{62DEC6C7-CB9D-4313-A6F7-F89BE4FB98DC}
O43 - CFD: 03/04/2011 - 09:19:34 - [0] ----D- C:\Users\gaelle\Appdata\Local\{6320C337-004C-4E7B-9BD2-917E52AF009F}
O43 - CFD: 24/04/2011 - 19:49:00 - [0] ----D- C:\Users\gaelle\Appdata\Local\{67711220-073B-43D4-9FF4-EF454CA41B50}
O43 - CFD: 17/05/2011 - 18:29:42 - [0] ----D- C:\Users\gaelle\Appdata\Local\{699D3322-6C60-40E6-8150-FB2C0CE13644}
O43 - CFD: 20/05/2011 - 17:08:20 - [0] ----D- C:\Users\gaelle\Appdata\Local\{6B184AA1-5D54-4B25-8F92-B9FB74E5B9F8}
O43 - CFD: 28/04/2011 - 07:09:22 - [0] ----D- C:\Users\gaelle\Appdata\Local\{7285827E-70E2-4D26-92CF-4FBA65C63897}
O43 - CFD: 31/05/2011 - 17:06:06 - [0] ----D- C:\Users\gaelle\Appdata\Local\{7E5D96BF-095F-4D3C-B849-2A6BF51CFFBE}
O43 - CFD: 27/05/2011 - 17:05:58 - [0] ----D- C:\Users\gaelle\Appdata\Local\{7E661944-E93E-48C9-A532-9B6CC013D2C4}
O43 - CFD: 02/05/2011 - 08:43:18 - [0] ----D- C:\Users\gaelle\Appdata\Local\{7EFB985D-C0AB-48B2-916C-495ADBA909E9}
O43 - CFD: 20/04/2011 - 19:14:04 - [0] ----D- C:\Users\gaelle\Appdata\Local\{82A230F6-7B5D-4617-9D48-DE02360AC1C9}
O43 - CFD: 14/04/2011 - 09:28:44 - [0] ----D- C:\Users\gaelle\Appdata\Local\{84C24CA0-5710-4AB0-A073-80D64BEC9A28}
O43 - CFD: 02/05/2011 - 20:43:44 - [0] ----D- C:\Users\gaelle\Appdata\Local\{87732FEF-9CAE-4AE8-8F0D-9D8DB5F6C667}
O43 - CFD: 05/06/2011 - 14:24:34 - [0] ----D- C:\Users\gaelle\Appdata\Local\{8D65BAC5-CF98-4BE9-A7F1-BB5E0C8ADEB0}
O43 - CFD: 24/04/2011 - 06:46:24 - [0] ----D- C:\Users\gaelle\Appdata\Local\{93B8F0E6-C77E-45EC-A287-A7F263C6B980}
O43 - CFD: 16/04/2011 - 06:43:30 - [0] ----D- C:\Users\gaelle\Appdata\Local\{97ACBC44-0C6D-42E9-B08E-2F199C545894}
O43 - CFD: 23/04/2011 - 05:06:54 - [0] ----D- C:\Users\gaelle\Appdata\Local\{9B5FA3DB-1250-4037-81C6-9EE7D3F9C4CB}
O43 - CFD: 20/04/2011 - 07:13:40 - [0] ----D- C:\Users\gaelle\Appdata\Local\{9B788023-71F1-4F4E-A26E-22F2E2B77B0C}
O43 - CFD: 30/04/2011 - 08:47:52 - [0] ----D- C:\Users\gaelle\Appdata\Local\{9DACCC1F-F809-4BE9-BBB8-B8DE323C296B}
O43 - CFD: 24/05/2011 - 17:08:10 - [0] ----D- C:\Users\gaelle\Appdata\Local\{A2157E42-0A9A-4C90-8A27-3C6B2CF7D771}
O43 - CFD: 05/06/2011 - 14:28:58 - [0] ----D- C:\Users\gaelle\Appdata\Local\{A25A67E7-6BB7-4F32-81CB-FA5CF1BBA395}
O43 - CFD: 04/06/2011 - 18:14:48 - [0] ----D- C:\Users\gaelle\Appdata\Local\{A507F37E-5201-42A0-917A-E579BF3A382D}
O43 - CFD: 27/04/2011 - 06:39:32 - [0] ----D- C:\Users\gaelle\Appdata\Local\{A6489BFF-1872-4197-ABA3-6042556CFC5A}
O43 - CFD: 19/05/2011 - 19:59:10 - [0] ----D- C:\Users\gaelle\Appdata\Local\{A6C8A5C9-0103-40FC-9A73-890955B3CBA7}
O43 - CFD: 22/05/2011 - 18:50:12 - [0] ----D- C:\Users\gaelle\Appdata\Local\{AB5E149C-36BD-4B55-BF27-53B87B6A442B}
O43 - CFD: 09/05/2011 - 19:46:18 - [0] ----D- C:\Users\gaelle\Appdata\Local\{ACEC85F8-90F0-4F99-A458-1161362D55B9}
O43 - CFD: 07/05/2011 - 20:26:06 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B0A7B462-B612-47E8-BCB3-384C9EC56D8C}
O43 - CFD: 04/05/2011 - 08:53:50 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B1231715-C210-42CB-9E5C-DB848BF22E5F}
O43 - CFD: 01/04/2011 - 09:02:14 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B3AC14DE-8A8B-4087-8959-B0AEEBD70BC2}
O43 - CFD: 25/04/2011 - 19:50:38 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B60EECCC-EB96-4C59-A52D-8CCDF2D94DB8}
O43 - CFD: 10/04/2011 - 07:05:28 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B640017A-AB6D-44F1-AE20-B23044503114}
O43 - CFD: 26/04/2011 - 07:51:14 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B70BE142-A606-44EC-A981-15603ACE9A27}
O43 - CFD: 06/05/2011 - 06:51:12 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B74DADC1-7009-4C27-B61B-411BCA459AD9}
O43 - CFD: 25/04/2011 - 07:49:42 - [0] ----D- C:\Users\gaelle\Appdata\Local\{B98D9960-EA70-4712-8E0B-9F1764795213}
O43 - CFD: 28/05/2011 - 13:35:50 - [0] ----D- C:\Users\gaelle\Appdata\Local\{BB469AF1-9E5C-4149-84A1-5F38C26BC331}
O43 - CFD: 12/05/2011 - 11:36:40 - [0] ----D- C:\Users\gaelle\Appdata\Local\{BDD7729C-5167-42F0-8528-A7E64064E1F7}
O43 - CFD: 30/05/2011 - 08:57:58 - [0] ----D- C:\Users\gaelle\Appdata\Local\{C13B3C5C-26D0-4669-AF5D-1F43325DC9BE}
O43 - CFD: 10/04/2011 - 19:06:04 - [0] ----D- C:\Users\gaelle\Appdata\Local\{C2BC5742-284F-4E47-B36E-41EA67DC32BB}
O43 - CFD: 08/04/2011 - 15:49:14 - [0] ----D- C:\Users\gaelle\Appdata\Local\{C315E87A-8401-4D53-898A-0A0E622D8F5A}
O43 - CFD: 03/06/2011 - 07:35:32 - [0] ----D- C:\Users\gaelle\Appdata\Local\{C7BB6D9E-6B44-46C9-8982-6D7494EDBC28}
O43 - CFD: 15/04/2011 - 13:06:46 - [0] ----D- C:\Users\gaelle\Appdata\Local\{CA1FCDDF-2879-4F50-860D-007152B8C54A}
O43 - CFD: 23/04/2011 - 18:33:22 - [0] ----D- C:\Users\gaelle\Appdata\Local\{CE5FD9F7-7098-4DDD-9578-17D194153C9F}
O43 - CFD: 22/04/2011 - 08:28:22 - [0] ----D- C:\Users\gaelle\Appdata\Local\{D3220770-6593-41C0-AF83-7DD3EFAF682A}
O43 - CFD: 25/05/2011 - 14:13:44 - [0] ----D- C:\Users\gaelle\Appdata\Local\{D68DC2F1-5B91-43D7-8EB1-383725E39B9F}
O43 - CFD: 01/06/2011 - 12:27:24 - [0] ----D- C:\Users\gaelle\Appdata\Local\{D87269DF-F888-48EF-9E8A-4EFF90512B1D}
O43 - CFD: 18/04/2011 - 18:00:06 - [0] ----D- C:\Users\gaelle\Appdata\Local\{DE4A7355-070B-4634-89F0-88202C7ED210}
O43 - CFD: 08/05/2011 - 09:31:50 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E0262293-8877-42F2-8532-6615E037053D}
O43 - CFD: 19/05/2011 - 07:43:58 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E1D1C2BA-D058-471B-921A-16A16D9BA2ED}
O43 - CFD: 09/04/2011 - 12:40:48 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E4D935C6-292A-4B07-A10E-B9D3BEAFA5BB}
O43 - CFD: 26/05/2011 - 13:16:08 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E5EF2762-0867-437E-9F5A-E529D83AB57E}
O43 - CFD: 19/04/2011 - 17:02:16 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E63C125F-C4E3-43FE-A8C6-0C158A4292CF}
O43 - CFD: 02/06/2011 - 08:41:32 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E721BA16-76C4-4067-A030-1716D949F933}
O43 - CFD: 31/03/2011 - 21:01:38 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E8DF0907-F81E-410E-81DF-5A44F47F4D87}
O43 - CFD: 23/05/2011 - 19:09:40 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E9066875-C848-48FE-B906-F687F46DFB4C}
O43 - CFD: 21/05/2011 - 18:35:48 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E92BC8B1-5345-4825-A0B5-7C2818EC70E1}
O43 - CFD: 03/05/2011 - 08:44:18 - [0] ----D- C:\Users\gaelle\Appdata\Local\{E9686FD4-F510-408E-9AA2-ADB8348A8463}
O43 - CFD: 11/04/2011 - 11:11:16 - [0] ----D- C:\Users\gaelle\Appdata\Local\{EB0120AB-C6F9-4D2C-A48B-47E3FCECBDC1}
O43 - CFD: 27/04/2011 - 18:40:12 - [0] ----D- C:\Users\gaelle\Appdata\Local\{EB2B9C96-29F7-4BA5-B1F8-B008EF17701F}
O43 - CFD: 05/06/2011 - 16:19:56 - [0] ----D- C:\Users\gaelle\Appdata\Local\{EE44EA29-B680-42E9-9DF5-EF03906781D7}
O43 - CFD: 05/04/2011 - 14:11:42 - [0] ----D- C:\Users\gaelle\Appdata\Local\{F0446A4F-0F8D-4D3C-8444-1B263A3FF9CA}
O43 - CFD: 21/04/2011 - 10:20:48 - [0] ----D- C:\Users\gaelle\Appdata\Local\{F480BF1F-0D64-455B-8661-D6B879184D86}
O43 - CFD: 16/05/2011 - 19:03:36 - [0] ----D- C:\Users\gaelle\Appdata\Local\{FC87808D-1F5F-412B-8ADA-C33E5ABF4180}
O43 - CFD: 05/05/2011 - 01:22:32 - [0] ----D- C:\Users\gaelle\Appdata\Local\{FD07E0AE-C27E-43E3-AD95-6BE5267BF633}
O43 - CFD: 10/05/2011 - 17:02:42 - [0] ----D- C:\Users\gaelle\Appdata\Local\{FDD8D810-31D1-4FC7-BF45-7B0CAD9BE6E8}
[MD5.2156F55D94898237E8AD0C4B1A6F21C7] [SPRF] (.MooSoft Development LLC - The Cleaner Setup.) -- C:\Users\gaelle\AppData\Local\Temp\cleaner8_setup.exe [45036714]
[MD5.B854B9FBE1C4A8C51A703975948D4F5F] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\i4jdel0.exe [4608]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup1001036668.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup1185527140.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup1685447036.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup1742819684.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup2201533180.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup2249412772.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup2430514276.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup2524791268.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup2530378192.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup2984069372.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup3058897148.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup3600637884.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup38673852.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup3917182972.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup4028300068.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup4111695676.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup4135684324.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup503467068.exe.manifest [428]
[MD5.BD15FDB80CBED78D73E0479522ABC99D] [SPRF] (...) -- C:\Users\gaelle\AppData\Local\Temp\setup781875900.exe.manifest [428]

> Clique sur Go.
> Poste le rapport qui s'affiche.
______________________________________________________________

Ensuite
______________________________________________________________

On va faire un scan généraliste de ton PC
> Télécharges Malwarebytes sur ton bureau.

> Lance le. Laisse les options par défaut lors de l'installation. A la fin, il va se mettre à jour, laisse-le faire.
> Branche toutes tes sources de données externes à ton PC. (Clés USB...)
> Rends-toi dans l'onglet Recherche, clique sur Exécuter un examen complet puis clique sur Rechercher.
> Sélectionnes tes disques durs et disques amovibles puis clique sur Rechercher
> A la fin du scan, un rapport s'ouvre. Clique sur fichier puis enregistrer sous. Clique sur Bureau et met le nom Malwarebytes
> Si MalwareBytes détecte des infections, clique sur Afficher les résultats, puis sur Supprimer la sélection.
> Si Malwarebytes te demande de redémarrer ton pc, clique sur oui
> Poste le rapport
!!! Ne pas vider la quarantaine de MBAM sans avis !!!

Tuto pour t'aider Ici

@+

murphy

voici

murphy

impossible d'envoyer j'ai titre du message non renseigné

Utilisateur anonyme

inscris-toi sur commentcamarche il passera

murphy

merci quand même de l'aide!

murphy

quand j'essaie d'acceder à un dossier,il y a une "flèche" et on me dit que j'ai besoin d'autorisation pour y accéder:en allant dans propriétés j'autorise l'accès mais on me dit que l'accès est refusé,qu'il y a une erreur!

Réponse 30 / 48

*marc64* Messages postés 218 Statut Membre 62

salut,
juste une petite intervention pour faire remarquer que la version et la base de données de MBAM est obsolète

murphy

d'accord je vais faire le nécessaire merci.

Réponse 31 / 48

murphy

bon ben il n'y a plus personne....

roro04 Messages postés 1200 Statut Contributeur 179

Si, si je suis là.

> Vide la quarantaine de malwarebytes.
> Refais un un scan en le mettant à jour.
> Refais ZHPDiag.

@+

murphy

ouf ça me rassure ;)

roro04 Messages postés 1200 Statut Contributeur 179

Bon, donc j'attends les rapports.

murphy

http://cjoint.com/?AFtuTvx2R5T
voilà!

roro04 Messages postés 1200 Statut Contributeur 179

Bon alors refais ZHPDiag.

Réponse 32 / 48

roro04 Messages postés 1200 Statut Contributeur 179

Re,

> Clique sur l'icône ZHPFix présente sur ton bureau. (Clique droit/Exécuter en tant qu'administrateur pour Vista/7)
> Clique sur le H bleu.
> Copie/Colle le texte en gras ci-dessous.

[HKCU\Software\SpiderMessenger]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] => Infection BT (Adware.ClickPotato)
[HKCU\Software\SpiderMessenger]
[HKCU\Software\SpiderMessenger]
[HKLM\Software\Mozilla\Firefox\Extensions]:SpiderMessengerHelper@spidermessenger.com
C:\Users\gaelle\AppData\Roaming\Adobe\plugs
C:\Users\gaelle\AppData\Roaming\Adobe\shed

> Clique sur Go.
> Poste le rapport qui s'affiche.

@+

murphy

http://cjoint.com/?AFvsOV5PCxy
voilà!!

roro04 Messages postés 1200 Statut Contributeur 179

Bon, super! Refais un ZHPDiag par contre, poste le fichier .txt, ne copie pas le rapport dans un fichier docx.

murphy

Rapport de ZHPDiag v1.27.228 par Nicolas Coolman, Update du 09/06/2011
Run by gaelle at 22/06/2011 14:34:23
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19088
MFIE: Mozilla Firefox 5.0 v5.0 (Defaut)
GCIE: Google Chrome

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2939 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 50 GB (42%) free of 116 GB

---\\ Logged in mode
Computer Name: PC-DE-GAELLE
User Name: gaelle
All Users Names: gaelle, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\gaelle\AppData\Roaming
%LocalAppData%=C:\Users\gaelle\AppData\Local
%StartMenu%=C:\Users\gaelle\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 116 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 110 Go of 115 Go)
F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Internet Extensions for Win32.) (.28/05/2011 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]

---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.6E240D6C2F0DB74BED13AD723D3AB0A1] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904]
[MD5.6E3FEFB74326A230237613F2B035C71F] - (.TOSHIBA CORPORATION - ConfigFree(TM) Task tray menu.) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [1056768]
[MD5.04A49FE5EFA859B5A92428A02E0FFE29] - (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [103824]
[MD5.EB7F7F7DBA47FDC1E2FA386B00DA0F90] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520]
[MD5.8EF0123B03F1DDD8A618EB1D0BA71F54] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [145944]
[MD5.7CE0BEB1DA5628C128EB8782A6FE1747] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]
[MD5.6C887E9BA3AE7F62635F098BFC9853CD] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6037504]
[MD5.B0674AE101707D21F9E30484D6465704] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [431456]
[MD5.D140C5FDFD1924E3CC173CF8376B5E22] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509816]
[MD5.F0CF4D72581B1E0B528086E9FB5DA23B] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.76A3A30B58405C2C6D833895253A51A9] - (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe [98304]
[MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3459712]
[MD5.5D29764082133F302126C85AB96ACB80] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]
[MD5.16DCC8ACC504A6662BB04A0ED9454A4D] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\Neuf\Kit\9props.exe [959808]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.CF8CA02425EFA12BA122291A9780EC65] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [174616]
[MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.9A815510679C7ECD04ED194A9C9C25E5] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager.) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe [405504]
[MD5.4C1F26CFCA34E978CC1311F9F080F675] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
[MD5.99249B290813CB3E79DEA7C87469B795] - (.CASIO COMPUTER CO.,LTD. - Watcher for Photo Loader.) -- C:\Program Files\CASIO\Photo Loader\Plauto.exe [217088]
[MD5.F67EC3958F269301717E23D8EF08E409] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [657920]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gaelle\AppData\Roaming\Mozilla\Firefox\Profiles\i4b10a6g.default\prefs.js
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [gaelle] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
M0 - MFSP: prefs.js [gaelle - i4b10a6g.default] http://messagerie-11.sfr.fr/webmail/mailbox.html
M2 - MFEP: prefs.js [gaelle - i4b10a6g.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [gaelle - i4b10a6g.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.3 (.Michel Gutierrez.)

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} Clé orpheline
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\Neuf\Kit\9props.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\Neuf\Kit\9props.exe
O4 - HKUS\S-1-5-21-3122232999-2712056351-1875623029-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\gaelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\gaelle\Desktop\Corbeille - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\gaelle\Desktop\Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\gaelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\gaelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} . (...) -- c:\toshiba\Webshops\ebay.ico
O9 - Extra button: eBay - Achetez, Vendez - {8A918C1D-E123-4E36-B562-5C1519E434CE} . (...) -- c:\toshiba\Webshops\amazon.ico
O9 - Extra button: eBay - Achetez, Vendez - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADE85FF1-2BC4-4B92-864F-58633EEB5B69}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ADE85FF1-2BC4-4B92-864F-58633EEB5B69}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ADE85FF1-2BC4-4B92-864F-58633EEB5B69}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{ADE85FF1-2BC4-4B92-864F-58633EEB5B69}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\Windows\System32\webcheck.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (ConfigFree Service) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: (jswpsapi) . (.Atheros Communications, Inc. - Jumpstart for Wireless API.) - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: (TempoMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{16EB63DD-33DF-4626-8DD0-6BFEED74FF4F}.job
[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeLogonTaskS-1-5-21-3122232999-2712056351-1875623029-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeScheduledTaskS-1-5-21-3122232999-2712056351-1875623029-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.00000000000000000000000000000000] [APT] [{9FAD493B-F885-49D9-B446-0A735CD98654}] (.Pas de propriétaire.) -- C:\Windows\unvise32.exe (.not file.)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (jswpslwf) . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) - C:\Windows\System32\DRIVERS\jswpslwf.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: "Tibili et l'île de la panthère" - (.Pas de propriétaire.) [HKLM] -- "Tibili et l'île de la panthère"
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ALCATEL PC Suite V6.3.25 - (.Singularity Software Co., Ltd..) [HKLM] -- ALCATEL PC Suite_is1
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Atheros Wi-Fi Protected Setup Library - (.Atheros.) [HKLM] -- {B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}
O42 - Logiciel: Bel Atout 4.51 - (.Vincent Brévart.) [HKLM] -- BelAtoutFr_is1
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {415B2719-AD3A-4944-B404-C472DB6085B3}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {83770D14-21B9-44B3-8689-F7B523F94560}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}
O42 - Logiciel: GoGear Spark Device Manager - (.Philips.) [HKLM] -- {CCF22908-ECD2-4068-84F1-BA02DA1EC72D}
O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}
O42 - Logiciel: K-Lite Codec Pack 5.7.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: LearnStates - (.Pas de propriétaire.) [HKLM] -- LearnStates
O42 - Logiciel: Les Pirates des Maths - (.Pas de propriétaire.) [HKLM] -- {62849D4E-E538-411F-8938-1326DECDDC03}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PROR
O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)
O42 - Logiciel: NetWaiting - (.BVRP Software, Inc.) [HKLM] -- {3F92ABBB-6BBF-11D5-B229-002078017FBF}
O42 - Logiciel: One Touch Upgrade 4.0.2.4 - (.TCL Communication Technology Holdings Limited.) [HKLM] -- {C9A7E6A6-110D-4DBC-A8E2-F634613B5A8C}_is1
O42 - Logiciel: Photo Loader 2.3F - (.Pas de propriétaire.) [HKLM] -- {70B45586-B51E-4947-A258-A895596C5CED}
O42 - Logiciel: Photohands 1.0F - (.Pas de propriétaire.) [HKLM] -- {544FB392-069D-4BA5-9DC7-FFD47230AEE5}
O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}
O42 - Logiciel: SAMSUNG Intelli-studio - (.Pas de propriétaire.) [HKLM] -- Intelli-studio
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Windows Media Encoder (KB2447961) - (.Microsoft Corporation.) [HKLM] -- KB2447961
O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] -- KB954156
O42 - Logiciel: Security Update for Windows Media Encoder (KB979332) - (.Microsoft Corporation.) [HKLM] -- KB979332
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}
O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}
O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}
O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: Tibili - (.Pas de propriétaire.) [HKLM] -- Tibili
O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}
O42 - Logiciel: Tux of Math Command (remove only) - (.Pas de propriétaire.) [HKLM] -- TuxMath
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2536413) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{95DF5260-331D-4FFD-A2D5-C64164751945}
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\CASIO]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\CeWe Color]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Crystal Office]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\GlarySoft]
[HKCU\Software\Global Software Publishing and Emme]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Index Education]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\Mindscape]
[HKCU\Software\MobTime]
[HKCU\Software\MooSoft Development]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Royal Philips]
[HKCU\Software\SFR]
[HKCU\Software\Samsung]
[HKCU\Software\SpiderMessenger]
[HKCU\Software\Synaptics]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ej-technologies]
[HKCU\Software\madFlac]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant Systems]
[HKLM\Software\Conexant]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DownloadHelper]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\HPS]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Kutoka]
[HKLM\Software\Licenses]
[HKLM\Software\Lucent]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Microfolie's]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\PCTools]
[HKLM\Software\Philips]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek USB 2.0 Card Reader]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\RtWLan]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Sys Modules]
[HKLM\Software\TOSHIBA]
[HKLM\Software\The Learning Company]
[HKLM\Software\Toshiba Tempo]
[HKLM\Software\Ulead Systems]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\afplanet]
[HKLM\Software\ej-technologies]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/06/2011 - 14:34:40 - [4028400] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 18/11/2009 - 15:58:10 - [3094515] ----D- C:\Program Files\7-Zip
O43 - CFD: 07/10/2010 - 13:30:06 - [162721061] ----D- C:\Program Files\Adobe
O43 - CFD: 20/03/2011 - 15:32:26 - [64306941] ----D- C:\Program Files\ALCATEL PC Suite
O43 - CFD: 16/07/2010 - 16:52:38 - [164428241] ----D- C:\Program Files\Alwil Software
O43 - CFD: 05/04/2009 - 15:53:02 - [9747329] ----D- C:\Program Files\Atheros
O43 - CFD: 03/06/2011 - 13:27:56 - [491372] ----D- C:\Program Files\Bing Bar Installer
O43 - CFD: 05/09/2009 - 15:02:02 - [5927] ----D- C:\Program Files\Borland
O43 - CFD: 05/04/2009 - 16:03:58 - [65029308] ----D- C:\Program Files\Camera Assistant Software for Toshiba
O43 - CFD: 16/05/2009 - 21:54:14 - [6556711] ----D- C:\Program Files\CASIO
O43 - CFD: 05/04/2009 - 15:52:52 - [3920423] ----D- C:\Program Files\Cisco
O43 - CFD: 26/04/2010 - 15:00:52 - [563614384] ----D- C:\Program Files\Common Files
O43 - CFD: 06/06/2011 - 09:10:14 - [1060864] ----D- C:\Program Files\CONEXANT
O43 - CFD: 05/04/2009 - 15:57:34 - [0] R---D- C:\Program Files\Fichiers communs
O43 - CFD: 25/05/2011 - 08:11:04 - [326086] ----D- C:\Program Files\Google
O43 - CFD: 17/06/2011 - 13:30:08 - [150460216] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 05/04/2009 - 15:45:32 - [39033698] ----D- C:\Program Files\Intel
O43 - CFD: 17/06/2011 - 06:42:34 - [6029835] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 18/11/2008 - 13:27:34 - [23151528] ----D- C:\Program Files\InterVideo
O43 - CFD: 05/02/2010 - 19:14:54 - [87503799] ----D- C:\Program Files\Java
O43 - CFD: 22/01/2010 - 18:40:04 - [7289960] ----D- C:\Program Files\Jeux de cartes
O43 - CFD: 05/04/2009 - 16:05:44 - [4184638] ----D- C:\Program Files\Jumpstart
O43 - CFD: 11/03/2010 - 15:33:56 - [46333758] ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 14/11/2009 - 17:34:34 - [209650788] ----D- C:\Program Files\Kutoka
O43 - CFD: 09/06/2009 - 17:26:46 - [888216] ----D- C:\Program Files\LearnStates
O43 - CFD: 17/06/2011 - 06:20:00 - [7582087] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 26/05/2010 - 10:26:02 - [3190816] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 10/04/2009 - 15:37:18 - [558474154] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 17/06/2011 - 06:44:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 05/06/2011 - 09:47:08 - [135821] ----D- C:\Program Files\Microsoft SQL Server Compact Edition(13)
O43 - CFD: 10/04/2009 - 15:37:16 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 15/07/2009 - 11:14:08 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 25/06/2010 - 15:22:38 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 20/03/2011 - 14:54:54 - [17808621] ----D- C:\Program Files\Mindscape
O43 - CFD: 18/08/2010 - 15:15:44 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 22/06/2011 - 05:56:38 - [35140086] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03/06/2011 - 13:27:24 - [3550661] ----D- C:\Program Files\MSN Toolbar
O43 - CFD: 20/03/2011 - 15:26:20 - [5043620] ----D- C:\Program Files\NetWaiting
O43 - CFD: 07/04/2009 - 14:10:44 - [14873034] ----D- C:\Program Files\Neuf
O43 - CFD: 03/10/2010 - 09:51:46 - [17503706] ----D- C:\Program Files\Philips
O43 - CFD: 20/03/2011 - 15:32:26 - [3118264] ----D- C:\Program Files\QuickTime
O43 - CFD: 26/04/2010 - 15:01:02 - [82969077] ----D- C:\Program Files\Real
O43 - CFD: 05/04/2009 - 15:46:12 - [13645708] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 25/06/2010 - 15:34:10 - [34261888] ----D- C:\Program Files\Samsung
O43 - CFD: 30/03/2011 - 16:47:46 - [1706] ----D- C:\Program Files\SFR
O43 - CFD: 18/11/2008 - 13:06:52 - [15544054] ----D- C:\Program Files\Synaptics
O43 - CFD: 08/05/2011 - 15:25:04 - [5136] ----D- C:\Program Files\Tibili
O43 - CFD: 12/01/2011 - 14:59:30 - [210864396] ----D- C:\Program Files\TOSHIBA
O43 - CFD: 18/11/2008 - 13:45:40 - [8026889] ----D- C:\Program Files\Toshiba TEMPRO
O43 - CFD: 17/06/2011 - 17:52:56 - [12476492] ----D- C:\Program Files\TuxMath
O43 - CFD: 18/11/2008 - 13:23:18 - [408191692] ----D- C:\Program Files\Ulead Systems
O43 - CFD: 02/11/2006 - 15:01:56 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 14/11/2009 - 15:07:10 - [41230194] ----D- C:\Program Files\VideoLAN
O43 - CFD: 02/12/2009 - 21:07:42 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 02/12/2009 - 21:07:40 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 02/12/2009 - 21:07:38 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 02/12/2009 - 21:07:40 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 07/06/2011 - 18:42:12 - [12558966] ----D- C:\Program Files\Windows Live
O43 - CFD: 17/06/2011 - 06:28:52 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 18/11/2008 - 13:27:04 - [14164107] ----D- C:\Program Files\Windows Media Components
O43 - CFD: 05/06/2011 - 14:12:52 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/04/2009 - 15:57:34 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/12/2009 - 21:07:40 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/12/2009 - 18:00:04 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 02/12/2009 - 21:07:40 - [7150311] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 15/11/2009 - 15:23:56 - [3525705] ----D- C:\Program Files\WinRAR
O43 - CFD: 22/04/2011 - 19:07:56 - [737476] ----D- C:\Program Files\Woonoz
O43 - CFD: 07/10/2010 - 13:30:16 - [6281214] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 10/04/2009 - 15:37:14 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 18/11/2008 - 13:27:34 - [6762815] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 05/02/2010 - 19:15:46 - [1228747] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 07/06/2011 - 18:41:32 - [401942227] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 26/04/2010 - 15:01:58 - [21487901] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 16/05/2009 - 21:53:54 - [0] ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD: 13/03/2011 - 20:08:12 - [46328572] ----D- C:\Program Files\Common Files\System
O43 - CFD: 05/04/2009 - 15:52:12 - [1374029] ----D- C:\Program Files\Common Files\Toshiba Shared
O43 - CFD: 18/11/2008 - 13:27:18 - [21678602] ----D- C:\Program Files\Common Files\Ulead Systems
O43 - CFD: 24/08/2009 - 11:44:08 - [0] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 24/09/2010 - 10:23:28 - [14980608] ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 26/04/2010 - 15:00:52 - [352256] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 20/03/2011 - 15:32:26 - [19830523] ----D- C:\ProgramData\Adobe
O43 - CFD: 16/07/2010 - 19:03:32 - [41928976] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 12/01/2011 - 14:48:44 - [14639] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] R---D- C:\ProgramData\Application Data
O43 - CFD: 05/04/2009 - 16:05:46 - [20322] ----D- C:\ProgramData\Atheros
O43 - CFD: 05/04/2009 - 15:57:34 - [0] R---D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] R---D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] R---D- C:\ProgramData\Documents
O43 - CFD: 05/04/2009 - 15:57:34 - [0] R---D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] R---D- C:\ProgramData\Favorites
O43 - CFD: 27/08/2010 - 10:29:18 - [2100] ----D- C:\ProgramData\Global Software Publishing and Emme
O43 - CFD: 25/05/2011 - 08:11:04 - [37697] ----D- C:\ProgramData\Google
O43 - CFD: 07/04/2009 - 14:21:44 - [13363] ----D- C:\ProgramData\IsolatedStorage
O43 - CFD: 27/05/2010 - 15:43:40 - [6817788] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 27/05/2010 - 13:39:40 - [161240] ----D- C:\ProgramData\McAfee
O43 - CFD: 05/04/2009 - 15:57:34 - [0] R---D- C:\ProgramData\Menu Démarrer
O43 - CFD: 12/06/2011 - 13:45:22 - [289469261] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 17/06/2011 - 06:39:54 - [62836] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 05/04/2009 - 15:57:34 - [0] R---D- C:\ProgramData\Modèles
O43 - CFD: 06/07/2010 - 10:34:18 - [704] ----D- C:\ProgramData\NOS
O43 - CFD: 17/10/2009 - 17:45:08 - [14639] ----D- C:\ProgramData\QuickTime
O43 - CFD: 27/03/2010 - 15:25:10 - [972053] ----D- C:\ProgramData\Real
O43 - CFD: 02/11/2006 - 15:02:04 - [0] R---D- C:\ProgramData\Start Menu
O43 - CFD: 05/02/2010 - 19:15:48 - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 15:02:06 - [0] R---D- C:\ProgramData\Templates
O43 - CFD: 21/03/2011 - 19:13:04 - [1024] ----D- C:\ProgramData\Toshiba
O43 - CFD: 05/04/2009 - 16:01:20 - [954] ----D- C:\ProgramData\ToshibaEurope
O43 - CFD: 05/06/2011 - 14:12:26 - [220835] ----D- C:\ProgramData\Ulead

roro04 Messages postés 1200 Statut Contributeur 179

Parfait, mais poste le sur cjoint :D

murphy

http://cjoint.com/?AFwthoRix4y
oups désolée je n'avais pas vu que c'était si long!!

Réponse 33 / 48

roro04 Messages postés 1200 Statut Contributeur 179

OK!

Bon, alors on poursuit.

> Clique sur l'icône ZHPFix présente sur ton bureau. (Clique droit/Exécuter en tant qu'administrateur pour Vista/7)
> Clique sur le H bleu.
> Copie/Colle le texte en gras ci-dessous.

[HKCU\Software\SpiderMessenger]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] => Infection BT (Adware.ClickPotato)
[HKCU\Software\SpiderMessenger]
[HKCU\Software\SpiderMessenger]
[HKLM\Software\Mozilla\Firefox\Extensions]:SpiderMessengerHelper@spidermessenger.com
C:\Users\gaelle\AppData\Roaming\Adobe\plugs
C:\Users\gaelle\AppData\Roaming\Adobe\shed

> Clique sur Go.
> Poste le rapport qui s'affiche.

@+

murphy

voilà le rapport!
http://cjoint.com/?AGeiUEJ8xB9

roro04 Messages postés 1200 Statut Contributeur 179

Cool, il a presque tout supprimer, refais un ZHPDiag. Est-ce que les symptômes du départ ont disparus?

murphy

http://cjoint.com/?AGelr2ft4Qz
voilà le rapport,c'est cool qu'il ait presque tout supprimé je te crois sur parole....;)

roro04 Messages postés 1200 Statut Contributeur 179

Tu as bien exécuter ZHPFix en Administrateur? Car tout les fichiers/clés marqués supprimés sont revenus. Alors refais avec un clique droit/Exécuter en tant qu'administrateur.

Réponse 34 / 48

murphy

là je ne sais plus qui croire,que faire!

Réponse 35 / 48

Utilisateur anonyme

suis-moi c'est un conseil

Réponse 36 / 48

murphy

http://www.cijoint.fr/cjlink.php?file=cj201107/cijYYoP4Dp.txt
voilà le lien

Réponse 37 / 48

Utilisateur anonyme

Bonjour murphy.

Ayant estimé que ta désinfection n'avançait pas et que
cela avait suffisamment duré, j'ai demandé à g3n-h@ckm@n
d'intervenir afin que tu puisses avoir affaire à quelqu'un de
compétent.

M@thew Modérateur CCM.

Réponse 38 / 48

murphy

d'accord!et bien c'est très pro ça,merci!

Utilisateur anonyme

Pas de problème, bonne continuation.

:o)

Réponse 39 / 48

Utilisateur anonyme

desinstalle adobe reader 9

===============================

desinstalle Avast5 avec ceci (on mettra le 6 apres le script qui suit)

https://www.avast.com/fr-fr/uninstall-utility

=============================

fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre

ouvre Pre_script et colle ce qui suit en gras, à l'interieur du texte qui s'ouvre ,
sans les lignes , en une seule fois en le mettant en surbrillance :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
[-HKEY_CURRENT_USER\Software\SpiderMessenger]

file::
C:\ProgramData\~35643128
C:\ProgramData\~35643128r

attrib::
___________________________________________________

copie-le (ctrl+c ou clique droit sur la selection puis => copier)

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

murphy

fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre
je n'ai pas compris cette partie...

Réponse 40 / 48

Utilisateur anonyme

dépose un fichier sur l'icone de pre_scan

Windows vista recovery

48 réponses

Votre réponse

Newsletters