Sujet Précédent Sujet Suivant

Deconnexion intempestive!

zalune -  
 zalune -
Bonjour,

depuis qqs jours, lorsque que je navigue sur le net, mon ordi s'éteint (page bleu avec texte) puis s'éteint et se rallume aussitot. souvent aussi lorsqu'il ouvre une page, explorer me dit que la page a été récupérée, se reconnecte sur la page et là plus rien, il ne peut pas ouvrir !! des pubs arrivent aussi toutes seules !!! bon j'ai attrapé quoi comme virus et que faire ?
merci d'avance

99 réponses

Précédent
Réponse 61 / 99
zalune Messages postés 167 Statut Membre 4
 
# DelFix v8.1 - Rapport créé le 01/07/2011 à 13:34
# Mis à jour le 20/06/11 à 19h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : moi - FAN (Administrateur)
# Exécuté depuis : C:\Documents and Settings\moi\Bureau\delfix.exe
# Option [Suppression]

~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\Qoobox
Supprimé : C:\tdsskiller
Supprimé : C:\USBFix
Supprimé : C:\Program Files\Ad-Remover
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\Ad-Report-CLEAN[1].txt
Supprimé : C:\Ad-Report-CLEAN[2].txt
Supprimé : C:\ComboFix.txt
Supprimé : C:\rkill.log
Supprimé : C:\TDSSKiller.2.5.5.0_24.06.2011_16.25.06_log.txt
Supprimé : C:\TDSSKiller.2.5.5.0_29.06.2011_11.54.51_log.txt
Supprimé : C:\TDSSKiller.2.5.7.0_28.06.2011_20.05.45_log.txt
Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_FAN.zip
Supprimé : C:\WINDOWS\grep.exe
Supprimé : C:\WINDOWS\MBR.exe
Supprimé : C:\WINDOWS\NIRCMD.exe
Supprimé : C:\WINDOWS\PEV.exe
Supprimé : C:\WINDOWS\sed.exe
Supprimé : C:\WINDOWS\SWREG.exe
Supprimé : C:\WINDOWS\SWSC.exe
Supprimé : C:\WINDOWS\SWXCACLS.exe
Supprimé : C:\WINDOWS\zip.exe
Supprimé : C:\Documents and Settings\moi\Bureau\AD-R.lnk
Supprimé : C:\Documents and Settings\moi\Bureau\ComboFix.exe
Supprimé : C:\Documents and Settings\moi\Bureau\rkill(1).exe
Supprimé : C:\Documents and Settings\moi\Bureau\rkill.exe.part
Supprimé : C:\Documents and Settings\moi\Bureau\ZHPDiag.txt
Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
Supprimé : C:\Documents and Settings\moi\Mes documents\Téléchargements\ComboFix.exe
Supprimé : C:\Documents and Settings\moi\Mes documents\Téléchargements\rkill.exe
Supprimé : C:\Documents and Settings\moi\Mes documents\Téléchargements\tdsskiller.exe

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\SOFTWARE\Ad-Remover
Clé Supprimée : HKCU\SOFTWARE\USBFix
Clé Supprimée : HKLM\Software\Classes\.cfxxe
Clé Supprimée : HKLM\Software\Classes\cfxxefile
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
ACL -> [F] & Clé Supprimée : HKLM\SOFTWARE\Swearware

~~~~~~ Autre ~~~~~~

-> Prefetch vidé

########## EOF - "C:\DelFixSuppr.txt" - [2802 octets] ##########
0
Réponse 62 / 99
Utilisateur anonyme
 
Re,

Juste pour bien nettoyer ton PC :

Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.

?Copie la liste qui se trouve en gras ci-dessous,

? colle-la dans la zone sous "Personnalisation" :

:OTL
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/

:Files
c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\

:commands
[CREATERESTOREPOINT]
[emptytemp]


Clique sur "Correction" pour lancer la suppression.

? Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
0
Réponse 63 / 99
zalune Messages postés 167 Statut Membre 4
 
OTL logfile created on: 04/07/2011 14:08:22 - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Documents and Settings\moi\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,87 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 57,97% Memory free
3,72 Gb Paging File | 2,99 Gb Available in Paging File | 80,31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 70,31 Gb Free Space | 47,17% Space Free | Partition Type: NTFS

Computer Name: FAN | User Name: moi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/07/04 14:08:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/04/29 01:24:18 | 000,019,856 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/04/29 01:24:08 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/04/19 18:22:18 | 002,831,360 | ---- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\TotalReduc\Application\TotalReduc.exe
PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/08/09 14:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2010/07/19 18:31:56 | 000,976,192 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2010/05/14 14:24:20 | 000,233,472 | ---- | M] (Vodafone Group) -- C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
PRC - [2010/03/24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/12/22 04:31:26 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/01/20 12:00:00 | 000,525,664 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2008/12/05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008/09/19 08:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008/07/30 17:22:26 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2008/07/30 17:21:50 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2008/06/03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008/05/27 09:23:42 | 000,360,448 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2008/04/14 16:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 03:11:12 | 000,450,648 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2008/04/14 03:10:52 | 000,467,028 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2008/02/15 12:24:32 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2007/07/10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2007/05/11 11:59:36 | 000,143,360 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2007/04/26 11:49:34 | 000,495,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
PRC - [2007/01/09 15:23:04 | 000,191,552 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/10/05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2006/05/19 12:13:00 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PRC - [2006/03/16 13:58:00 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/04/11 16:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005/01/17 16:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/07/04 14:08:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/14 14:24:20 | 000,233,472 | ---- | M] (Vodafone Group) [Auto | Running] -- C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe -- (VodafoneConnectorService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/12/22 04:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/12/05 16:11:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/04/14 16:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2008/04/14 03:10:52 | 000,467,028 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/08/22 18:31:31 | 000,411,000 | ---- | M] (Micro Application) [Auto | Stopped] -- C:\WINDOWS\System32\pr2ajbeb.exe -- (pr2ajbeb) L Ile Noyee Drivers Auto Removal (pr2ajbeb)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005/01/17 16:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/27 14:19:28 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009/12/22 04:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/19 07:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/09/19 07:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009/09/19 07:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/09/19 07:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/05/22 16:53:58 | 000,154,624 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/04/09 18:01:16 | 004,703,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/08 19:45:42 | 001,309,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/02/08 10:46:36 | 000,057,408 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008/01/03 22:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/12/17 12:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/08/22 18:31:01 | 000,064,632 | ---- | M] (Micro Application) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3ajbeb.sys -- (pe3ajbeb) L Ile Noyee Environment Driver (pe3ajbeb)
DRV - [2007/08/22 18:30:32 | 000,068,736 | ---- | M] (Micro Application) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps7ajbeb.sys -- (ps7ajbeb) L Ile Noyee Synchronization Driver (ps7ajbeb)
DRV - [2007/04/04 08:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2007/03/26 12:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007/02/19 12:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2006/11/28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/10/18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2003/01/29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\facetheme [2011/06/20 14:43:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/28 20:00:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/22 10:16:50 | 000,000,000 | ---D | M]

[2009/12/07 11:27:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Extensions
[2011/07/04 08:32:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions
[2011/06/28 20:09:05 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/04/27 09:20:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/29 13:51:08 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}
[2011/06/29 13:51:11 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011/03/31 09:50:46 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/06/28 20:09:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/03 08:15:21 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\firebug@software.joehewitt.com
[2011/06/29 13:51:03 | 000,000,000 | ---D | M] (Mailforgood) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\mfgff@mailforgood.net
[2011/07/04 08:32:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\staged
[2010/01/21 15:23:13 | 000,000,000 | ---D | M] (WalterShop) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\extensions\toolbar@waltershop.com
[2011/06/29 17:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/21 17:48:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/29 17:57:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/16 06:38:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/06/30 08:32:30 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SFR] C:\Program Files\SFR\SFR.exe (Glowria)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKCU..\Run: [NBCore] C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBCore.exe (Nero AG)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\moi\Menu Démarrer\Programmes\Démarrage\TotalReduc.lnk = C:\Program Files\TotalReduc\TotalReducLoader.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\moi\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\moi\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Sites de confiance)
O15 - HKCU\..Trusted Domains: sfr.fr ([vod-pc] http in Intranet local)
O15 - HKCU\..Trusted Domains: sfr.fr ([vod-pc] https in Sites de confiance)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\moi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/06 11:55:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/06/27 10:10:24 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/07/04 14:07:58 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe
[2011/07/01 13:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2011/07/01 13:49:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\moi\Recent
[2011/07/01 13:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2011/07/01 13:38:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/07/01 13:36:21 | 002,227,192 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\moi\Bureau\ccsetup_slim_3.07.1457.exe
[2011/07/01 13:25:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/30 08:34:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/06/29 17:57:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/06/29 17:57:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/06/29 17:57:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/06/29 14:07:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/29 13:59:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/27 10:10:24 | 000,000,000 | R--D | C] -- C:\Autorun.inf
[2011/06/27 10:04:33 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\moi\Mes documents\UsbFix.exe
[2011/06/24 19:04:33 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/24 19:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/06/24 19:04:29 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/24 19:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/23 08:30:52 | 000,000,000 | ---D | C] -- C:\4fb2af01478e9494ad6c20e41c94bd8f
[2011/06/22 10:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\Media Player Classic
[2011/06/22 08:41:07 | 000,000,000 | ---D | C] -- C:\ada7b2938544dcc04240c352b38c
[2011/06/21 10:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Yahoo!
[2011/06/21 10:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2011/06/21 10:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Pinnacle
[2011/06/21 10:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/06/20 15:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\Pinnacle VideoSpin
[2011/06/20 15:02:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\moi\Menu Démarrer\Programmes\Outils d'administration
[2011/06/20 14:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2011/06/20 14:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Object
[2011/06/20 14:22:54 | 000,925,696 | ---- | C] (GSpot Appliance Corp, a unit of GSp0t Heavy Industries) -- C:\Documents and Settings\All Users\Documents\GSpot.exe
[2011/06/20 14:00:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\K-Lite Codec Pack
[2011/06/20 14:00:01 | 000,839,680 | ---- | C] (http://www.mp3dev.org/ -- C:\WINDOWS\System32\lameACM.acm
[2011/06/20 14:00:01 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011/06/20 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011/06/20 08:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\GetRightToGo
[2011/06/20 08:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\Downloads
[2011/06/16 14:04:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/06/12 10:10:24 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/11 20:42:29 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2fs.dll
[2011/06/11 20:42:29 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2fs.dll
[2011/06/11 20:42:29 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2.dll
[2011/06/11 20:42:29 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2.dll
[2011/06/11 20:42:29 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2011/06/11 20:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\Sony PMB
[2011/06/11 20:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Application Data\Sony Corporation
[2011/06/11 20:32:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PMB
[2011/06/11 20:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
[2011/06/11 20:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/06/09 09:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/06/09 09:24:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2011/06/06 09:33:39 | 000,000,000 | ---D | C] -- C:\Temp
[2011/06/06 09:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\SelfMV
[2011/06/06 09:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Local Settings\Application Data\Samsung
[2011/06/06 09:24:03 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2011/06/06 09:23:42 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2011/06/06 09:23:42 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2011/06/06 09:23:42 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2011/06/06 08:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\Samsung
[2011/06/06 08:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Samsung
[2011/06/06 08:47:02 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys
[2011/06/06 08:47:02 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bserd.sys
[2011/06/06 08:47:02 | 000,098,432 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys
[2011/06/06 08:47:02 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys
[2011/06/06 08:47:02 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys
[2011/06/06 08:47:02 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys
[2011/06/06 08:47:02 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys
[2011/06/06 08:47:02 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys
[2011/06/06 08:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/06/06 08:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/06/06 08:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Samsung
[2008/08/06 12:40:43 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\moi\*.tmp files -> C:\Documents and Settings\moi\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/07/04 14:08:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe
[2011/07/04 13:54:28 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/07/04 13:48:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/04 13:48:11 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/07/04 13:48:07 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/04 13:47:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/04 13:47:33 | 2009,063,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/04 08:56:34 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011/07/04 08:45:45 | 000,607,924 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/07/04 08:45:45 | 000,507,008 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/04 08:45:45 | 000,129,198 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/07/04 08:45:45 | 000,099,522 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/04 08:31:08 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/04 08:25:27 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{52B4A0FC-400B-48D4-ABF6-27DD6B62F45F}.job
[2011/07/02 09:24:33 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/01 13:50:56 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Update Checker.lnk
[2011/07/01 13:50:30 | 000,252,991 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\FHSetup.exe
[2011/07/01 13:46:14 | 000,556,254 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\cc_20110701_134548.reg
[2011/07/01 13:38:21 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/07/01 13:36:31 | 002,227,192 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\moi\Bureau\ccsetup_slim_3.07.1457.exe
[2011/07/01 13:31:01 | 000,054,543 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\3-delfix.htm
[2011/06/30 20:41:21 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Microsoft Office Word 2007.lnk
[2011/06/30 08:32:30 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/29 14:07:07 | 000,000,328 | RHS- | M] () -- C:\boot.ini
[2011/06/28 20:00:33 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/28 20:00:33 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/06/28 10:11:51 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\moi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/27 10:04:38 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\moi\Mes documents\UsbFix.exe
[2011/06/24 21:21:57 | 000,004,323 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\malware
[2011/06/24 19:04:35 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/06/21 10:35:03 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2011/06/21 10:20:00 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2011/06/21 10:15:33 | 170,203,312 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\VideoSpin_2_0_Setup.exe
[2011/06/20 08:44:36 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Finish Downloading Brothersoft Download Manager.lnk
[2011/06/18 13:52:16 | 000,513,137 | ---- | M] () -- C:\Documents and Settings\moi\Mes documents\Guides_agir_guide_des_radiateurs_-2-3-2-2-2.pdf
[2011/06/16 10:00:00 | 000,073,216 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/16 10:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2011/06/13 18:19:44 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\moi\Menu Démarrer\Programmes\Démarrage\TotalReduc.lnk
[2011/06/13 18:19:44 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\TotalReduc.lnk
[2011/06/11 20:32:51 | 000,001,581 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Aide PMB.lnk
[2011/06/11 20:32:51 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\PMB Launcher.lnk
[2011/06/11 20:32:51 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\PMB.lnk
[2011/06/06 09:33:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/06/06 09:26:28 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Samsung Kies.lnk
[2011/06/06 09:24:11 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\moi\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/06 08:41:39 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\moi\*.tmp files -> C:\Documents and Settings\moi\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/07/01 13:50:56 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\moi\Menu Démarrer\Programmes\Update Checker.lnk
[2011/07/01 13:50:56 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Update Checker.lnk
[2011/07/01 13:50:29 | 000,252,991 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\FHSetup.exe
[2011/07/01 13:45:50 | 000,556,254 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\cc_20110701_134548.reg
[2011/07/01 13:38:21 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/07/01 13:31:01 | 000,054,543 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\3-delfix.htm
[2011/06/30 08:36:25 | 2009,063,424 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/29 14:07:07 | 000,000,212 | ---- | C] () -- C:\Boot.bak
[2011/06/29 14:07:05 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2011/06/28 20:00:33 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\moi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/28 20:00:33 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/06/28 20:00:32 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2011/06/24 21:21:57 | 000,004,323 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\malware
[2011/06/24 19:04:35 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/06/21 10:19:59 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2011/06/21 10:11:21 | 170,203,312 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\VideoSpin_2_0_Setup.exe
[2011/06/20 14:22:54 | 000,117,974 | R--- | C] () -- C:\Documents and Settings\All Users\Documents\GSpot27.dat
[2011/06/20 14:00:06 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/06/20 14:00:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/06/20 14:00:01 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2011/06/20 14:00:00 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/20 08:44:36 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Finish Downloading Brothersoft Download Manager.lnk
[2011/06/18 13:52:16 | 000,513,137 | ---- | C] () -- C:\Documents and Settings\moi\Mes documents\Guides_agir_guide_des_radiateurs_-2-3-2-2-2.pdf
[2011/06/11 20:32:51 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Aide PMB.lnk
[2011/06/11 20:32:51 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\PMB Launcher.lnk
[2011/06/11 20:32:51 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PMB.lnk
[2011/06/11 20:32:51 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\PMB.lnk
[2011/06/06 09:26:28 | 000,001,594 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Samsung Kies.lnk
[2011/06/06 09:24:11 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\moi\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/06 08:41:39 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2011/04/27 14:19:32 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/04/27 14:19:30 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/04/27 14:19:30 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/04/27 14:19:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/04/27 14:19:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010/12/21 19:42:21 | 000,823,296 | ---- | C] () -- C:\WINDOWS\j3dcore-d3d.dll
[2010/12/21 19:42:21 | 000,163,840 | ---- | C] () -- C:\WINDOWS\j3dcore-ogl.dll
[2010/12/21 19:42:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\j3dcore-ogl-chk.dll
[2010/12/21 19:42:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\j3dcore-ogl-cg.dll
[2010/08/09 19:39:02 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/07/25 19:57:47 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RUNAWAY.INI
[2010/06/08 14:57:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/06/08 14:57:39 | 000,221,184 | --S- | C] () -- C:\WINDOWS\System32\glut32.dll
[2009/12/07 11:27:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/11/23 21:04:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI
[2009/06/15 13:02:52 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/06/15 13:02:52 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/06/15 13:02:44 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\moi\Application Data\$_hpcst$.hpc
[2009/06/09 09:37:29 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2009/06/05 17:46:10 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\moi\Application Data\default.rss
[2009/06/05 17:43:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/05 17:18:28 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/04/22 10:31:17 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2009/04/08 17:54:29 | 000,000,065 | ---- | C] () -- C:\WINDOWS\IniFile1.ini
[2009/04/08 13:39:02 | 000,004,882 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\nmpmeswb.lkq
[2009/04/01 10:48:03 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\moi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 14:03:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2009/03/26 15:47:54 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2009/03/26 15:47:54 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2009/03/26 15:47:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXPMONRC.DLL
[2009/03/25 12:10:40 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2009/03/25 12:09:55 | 000,010,162 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2009/03/25 12:09:54 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2009/03/25 12:09:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2009/03/25 12:09:54 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2009/03/25 12:09:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/25 12:08:50 | 000,000,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTKHDRC1.dat
[2009/03/25 12:08:50 | 000,000,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTKHDRC0.dat
[2009/03/25 12:08:50 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/03/25 12:08:50 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/03/25 12:08:50 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2009/03/25 12:08:50 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2009/03/25 12:08:12 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\moi\Local Settings\Application Data\fusioncache.dat
[2008/08/06 15:15:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/06 13:51:08 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/06 13:50:27 | 000,282,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/08/06 12:52:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/08/06 12:52:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/08/06 12:52:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/08/06 12:52:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/08/06 12:52:19 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/08/06 12:52:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/08/06 12:48:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008/08/06 12:48:11 | 000,000,322 | ---- | C] () -- C:\WINDOWS\Tinst.ini
[2008/08/06 12:40:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2008/08/06 12:38:47 | 006,184,960 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2008/08/06 12:33:00 | 001,991,464 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2008/08/06 12:33:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2008/08/06 12:32:59 | 000,432,400 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2008/08/06 12:23:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2008/08/06 12:21:01 | 000,000,821 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2008/08/06 12:20:41 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe
[2008/08/06 12:20:41 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/08/06 11:57:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/06 11:54:07 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/06 11:45:56 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008/08/06 11:45:56 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008/08/06 11:45:56 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008/08/06 11:45:56 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008/08/06 11:45:56 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2008/08/06 11:45:55 | 000,607,924 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/08/06 11:45:55 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/08/06 11:45:55 | 000,129,198 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/08/06 11:45:55 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/08/06 11:45:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/08/06 11:45:49 | 000,507,008 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/08/06 11:45:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/08/06 11:45:49 | 000,099,522 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/08/06 11:45:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/08/06 11:45:49 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/08/06 11:45:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/08/06 11:45:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/08/06 11:45:48 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/08/06 11:45:48 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/08/06 11:45:42 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/08/06 11:45:42 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/10/25 17:26:10 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/07/25 14:24:30 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/02/05 15:47:48 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/02/05 15:47:48 | 000,016,704 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/02/05 15:47:40 | 000,016,042 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/02/05 14:24:28 | 000,018,271 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2007/02/05 14:24:26 | 000,099,999 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/02/26 15:08:28 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:561B1D2B
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >
0
Réponse 64 / 99
Utilisateur anonyme
 
Re,

Cette opération n'est pas effectuée avec succès!

On reprend :

* Relance OTL ,
* Utilisateurs Windows XP => double clique >>sur OTL.exe
* Utilisateurs Windows Vista / windows 7 => clic droit "executer en tant que en tant qu'administrateur "sur OTL.exe pour le lancer.

* Copie et colle du texte en gras çi-dessous

* Tu commençes bien à : OTL , les : inclus devant OTL jusqu'à >>[Reboot] inclus dans la partie inférieure d'OTL sous "Personalisation"
* Cliques sur >> CORRECTION:

:OTL
FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/

:Files
c:\documents and settings\moi\Application Data\Mozilla\Firefox\Profiles\19rqady2.default\

:commands
[CREATERESTOREPOINT]
[emptytemp]
[Reboot]

* Cliques sur >> CORRECTION:

* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* Trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici voir le rapport

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 99
zalune Messages postés 167 Statut Membre 4
 
j ai fait correction sur les fichiers indiqués en gras ci-dessus. otl a fat son travail puis m a demandé de redemarrer le pc. pas de rapport sauf celui que j'ai sur le bureau et qui est celui collé plus haut
0
Réponse 66 / 99
Utilisateur anonyme
 
Re,

Prépare stp un dernier rapport ZHPDiag pour vérification comme expliqué ici

@+
0
Réponse 67 / 99
zalune Messages postés 167 Statut Membre 4
 
https://pjjoint.malekal.com/files.php?id=5ff9fa97fc13813
0
Réponse 68 / 99
Utilisateur anonyme
 
Re,

Ton PC est encore infecté !

Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine]
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb]
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1]
[HKLM\Software\Classes\PCTutoBHO.PCTBHO]
[HKLM\Software\Classes\PCTutoBHO.PCTBHO.1]
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}]
[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{346de098-61f9-4b42-89da-6dfba7091bb6}]
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c7b76b90-3455-4ae6-a752-eac4d19689e5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e908b145-c847-4e85-b315-07e2e70decf8}]
[HKLM\Software\Classes\Installer\Features\81337C0DA4B761D40A4CB3380F57AE88]
[HKLM\Software\Classes\Installer\Features\81337C0DA4B761D40A4CB3380F57AE88]
[HKCU\Software\Iminent]
[HKLM\Software\Iminent]
[HKCU\Software\PCTuto]
[HKLM\Software\PCTuto]
C:\Program Files\Iminent

FirewallRAZ
EmptyTemp
EmptyFlash

Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

0
Réponse 69 / 99
zalune Messages postés 167 Statut Membre 4
 
Rapport de ZHPFix 1.12.3335 par Nicolas Coolman, Update du 04/07/2011
Fichier d'export Registre : C:\ZHPExportRegistry-06-07-2011-10-52-42.txt
Run by moi at 06/07/2011 10:52:41
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
SUPPRIME Key: HKLM\Software\Classes\PCTutoBHO.PCTBHO
SUPPRIME Key: HKLM\Software\Classes\PCTutoBHO.PCTBHO.1
SUPPRIME Key: HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{346de098-61f9-4b42-89da-6dfba7091bb6}
SUPPRIME Key: HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c7b76b90-3455-4ae6-a752-eac4d19689e5}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e908b145-c847-4e85-b315-07e2e70decf8}
SUPPRIME Key: HKLM\Software\Classes\Installer\Features\81337C0DA4B761D40A4CB3380F57AE88
ABSENT Key: HKLM\Software\Classes\Installer\Features\81337C0DA4B761D40A4CB3380F57AE88
SUPPRIME Key: HKCU\Software\Iminent
SUPPRIME Key: HKLM\Software\Iminent
SUPPRIME Key: HKCU\Software\PCTuto
SUPPRIME Key: HKLM\Software\PCTuto

========== Valeur(s) du Registre ==========
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

========== Dossier(s) ==========
SUPPRIME Folder*: c:\program files\iminent
SUPPRIME Temporaires Windows: : 3
SUPPRIME Flash Cookies: 4

========== Fichier(s) ==========
SUPPRIME Temporaires Windows: : 40
SUPPRIME Flash Cookies: 1

========== Récapitulatif ==========
26 : Clé(s) du Registre
1 : Valeur(s) du Registre
3 : Dossier(s)
2 : Fichier(s)

========== Chemin du fichier rapport ==========
C:\Program Files\ZHPDiag\ZHPFixReport.txt

End of the scan in 01mn 55s
0
Réponse 70 / 99
Utilisateur anonyme
 
Re,

Relance Malwarebytes pour une analyse complète après avoir effectué la mise à jour puis poste le rapport
0
Réponse 71 / 99
zalune Messages postés 167 Statut Membre 4
 
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 7031

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06/07/2011 12:23:40
mbam-log-2011-07-06 (12-23-40).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 235340
Temps écoulé: 48 minute(s), 52 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 72 / 99
Utilisateur anonyme
 
Re,

* Télécharge de AD-Remover sur ton Bureau.
http://www.teamxscript.org/adremoverTelechargement.html

/!\ Ferme toutes applications en cours /!\

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « chercher »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
0
Réponse 73 / 99
zalune Messages postés 167 Statut Membre 4
 
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 10:43:32 le 07/07/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
moi@FAN ( )

============== RECHERCHE ==============

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|{EB132DB0-A4CA-11DF-9732-0E29E0D72085} - C:\Program Files\Object\facetheme
HKCU_Extensions|{EB132DB0-A4CA-11DF-9732-0E29E0D72085} - C:\Program Files\Object\facetheme

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} - "Durable.com" (hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%3Azbljezwsgul&cof=...)
HKCU_SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} - "Chercher" (hxxp://search.myheritage.com?orig=ds&q={searchTerms})
HKLM_SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} - "Chercher" (hxxp://search.myheritage.com?orig=ds&q={searchTerms})
HKCU_Toolbar\WebBrowser|{472734EA-242A-422B-ADF8-83D1E48CC825} (x)
HKLM_Toolbar|{9ec204df-0e48-4c32-816e-2e928a4fd9c2} (mscoree.dll) (x)
HKLM_Toolbar|{9421DD08-935F-4701-A9CA-22DF90AC4EA6} (C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll)
HKLM_ElevationPolicy\24275caf-b02c-4f17-b7bf-179400c5ec98 - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (x)
HKLM_ElevationPolicy\dddb5b7c-7436-4250-995e-b4a656ee31ed - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (x)
HKLM_ElevationPolicy\eb31595d-3c7e-4bb4-b640-0a45bcdffe1c - C:\Program Files\IMBooster4web-en\IMBooster4web-enToolbarHelper.exe (x)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} - C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe (x)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - "Easy Photo Print" (C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 07/07/2011 10:43:37 (2621 Octet(s))

Fin à: 10:44:19, 07/07/2011

============== E.O.F ==============
0
Réponse 74 / 99
Utilisateur anonyme
 
Re,

Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org
O43 - CFD: 13/02/2010 - 23:11:02 - [1834752] ---AD- C:\Program Files\Iminent
O43 - CFD: 06/11/2009 - 17:28:28 - [48797722] ----D- C:\Program Files\Spybot - Search & Destroy
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 => Safer Networking Limited Spybot - S&D
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.3.2" . (...) -- (.not file.)
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb]
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.3.2" . (...) -- (.not file.)
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb]
[HKCU\Software\MHToolbar] => MHToolbar
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine]
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] => Toolbar.Agent
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] => Toolbar.Agent
[HKCU\Software\MHToolbar] => MHToolbar
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine]
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] => Toolbar.Agent
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] => Toolbar.Agent

Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

0
Réponse 75 / 99
zalune Messages postés 167 Statut Membre 4
 
Rapport de ZHPFix 1.12.3335 par Nicolas Coolman, Update du 04/07/2011
Fichier d'export Registre : C:\ZHPExportRegistry-07-07-2011-16-05-37.txt
Run by moi at 07/07/2011 16:04:11
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
ABSENT Uninstall Process: c:\program files\spybot - search & destroy\unins000.exe

========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1]
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
SUPPRIME Key: HKCU\Software\MHToolbar
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
ABSENT Key: HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}
ABSENT Key: HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}
ABSENT Key: HKCU\Software\MHToolbar

========== Valeur(s) du Registre ==========
SUPPRIME TDSD Value: xvidvfw.dll
ABSENT TDSD Value: xvidvfw.dll

========== Elément(s) de donnée du Registre ==========
SUPPRIME Trusted Zone: chat-land.org

========== Dossier(s) ==========
ABSENT C:\Program Files\Iminent
SUPPRIME Reboot Folder**: C:\Program Files\Spybot - Search & Destroy

========== Récapitulatif ==========
7 : Clé(s) du Registre
2 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
2 : Dossier(s)
1 : Logiciel(s)

========== Chemin du fichier rapport ==========
C:\Program Files\ZHPDiag\ZHPFixReport.txt

End of the scan in 02mn 18s
0
Réponse 76 / 99
Utilisateur anonyme
 
Redémarre ton PC puis prépare un nouveau rapport ZHPDiag stp!
0
Réponse 77 / 99
zalune Messages postés 167 Statut Membre 4
 
Rapport de ZHPDiag v1.27.24 par Nicolas Coolman, Update du 05/07/2011
Run by moi at 07/07/2011 21:49:35
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 5.0 v

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1915 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 70 GB (46%) free of 149 GB

---\\ Logged in mode
Computer Name: FAN
User Name: moi
All Users Names: SUPPORT_388945a0, moi, HelpAssistant, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ %AppData%=C:\Documents and Settings\moi\Application Data\
~ %Desktop%=C:\Documents and Settings\moi\Bureau\
~ %Favorites%=C:\Documents and Settings\moi\Favoris\
~ %LocalAppData%=C:\Documents and Settings\moi\Local Settings\Application Data\
~ %StartMenu%=C:\Documents and Settings\moi\Menu Démarrer\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 70 Go of 149 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.07/07/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.42F5E14E33D79C236680468B1E4999F4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.07/07/2011 - 17:06:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.07/07/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.07/07/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.07/07/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 34/633
~ Mes musiques (My Musics) : 244/1422
~ Mes Videos (My Videos) : 5/87
~ Mes Favoris (My Favorites) : 2/80
~ Mes Documents (My Documents) : 485/3951
~ Mon Bureau (My Desktop) : 2/58
~ Menu demarrer (Programs) : 6/29

---\\ Processus lancés
[MD5.7DE3EE7DBEE14C1F8375CB82466C9321] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184]
[MD5.2BAD567DDBA52CC96518B06682E78940] - (.Atheros - ACS.) -- C:\WINDOWS\system32\acs.exe [467028]
[MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [94208]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048]
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\WINDOWS\system32\agrsmsvc.exe [9216]
[MD5.3CB0CC8879956C187E87E18634EE5164] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960]
[MD5.D87ACAED61E417BBA546CED5E7E36D9C] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632]
[MD5.F96C429788350DB4BA6771C3034DFD88] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.Exe [217088]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.EC60491A5FF57700F10FE0403F7DCAD4] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366640]
[MD5.B90E093E7A7250906F1054418B5339C0] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [935208]
[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [360224]
[MD5.F01D70C9DCCA4C1B6ED794B0DDD1AE8F] - (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [34304]
[MD5.C5AC715B65B01788ABC22D10749DDDD8] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\WINDOWS\system32\TODDSrv.exe [129632]
[MD5.3F08838E262984EF555A50B9D6C8BC34] - (.Vodafone Group - VodafoneConnectorService.) -- C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe [233472]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]
[MD5.61C23465F195FDF5AE5FE342E1692AC7] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1024000]
[MD5.DD3FB72382045AD791356D477B8A40E1] - (.TOSHIBA - Hotkey Utility.) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [360448]
[MD5.D09D4C0925C890F17E9F510FB1ED7B79] - (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSMain.exe [266240]
[MD5.F56C80C508AB9EBF0CCF36FEAFCBEC7E] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536]
[MD5.3078D866730554F04E0D4EADAA6C3BED] - (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSBattM.exe [40960]
[MD5.9EC785EBD0966DDE6FED10FB59FCB186] - (.TOSHIBA CORPORATION - ConfigFree(TM) Tray.) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [974848]
[MD5.B8C1E6DD7AAE2AABF7FCEE565C58ABF4] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [143360]
[MD5.8A9350D8E866D162104D7A16F03D538D] - (.TOSHIBA Corporation - TOSHIBA Direct Disc Writer - Event Monitor.) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe [495616]
[MD5.E1FAAF7915BC07352CCF1DFF37058414] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [581632]
[MD5.16AD11866C88576D1C24484E4AAA9595] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [170520]
[MD5.EFD72CFE453176831CCC91DA330C41FC] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [141848]
[MD5.C5806CAAA4C96F30A3F7B9F0DB8856CA] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16860672]
[MD5.305F965A36913480907C10073193CAD5] - (.TOSHIBA Corporation - TFncKy.) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe [184320]
[MD5.E5189D75A8206DC5B204E49CFC92C1CA] - (.Atheros Communications, Inc. - Atheros Client Utility.) -- C:\Program Files\Atheros\ACU.exe [450648]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320]
[MD5.766E24A20116AFA41F380B57FFE7AF02] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328]
[MD5.F06CA6475B7A538DB9DC3F7B896B97E4] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696]
[MD5.FEBC1591E5C0DC87EF9CF3D657B65FC2] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536]
[MD5.ABBABB9718848FD74C2D156BDFEDBCD5] - (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe [191552]
[MD5.CFCB4F1C6DBE8A5DC0B8DBF058E2586A] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [976192]
[MD5.0612CE1B7B47888399E72886BB320B3A] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3373968]
[MD5.963C7D7B5B083D904A7743CF052CCC2E] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19856]
[MD5.1E60C2B180925F84CE3F25D71D262F30] - (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe [248832]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\internet explorer\iexplore.exe [638816]
[MD5.BCA4EC93ED4B96E3626C288CA09C1F97] - (.WinZip Computing, S.L. - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE [525664]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680]
[MD5.A68B51CA273C4327F836D89391EA6A1E] - (...) -- C:\Documents and Settings\moi\Local Settings\Application Data\TotalReduc\Application\TotalReduc.exe [2831360]
[MD5.3EC8DE67B1C78C31E54C0F030E6BD7D5] - (.Nokia. - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [620544]
[MD5.8D4928A48A0B2C28CC34B17CC4AF17AE] - (.Pas de propriétaire - NclUSBSrv Application.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [130560]
[MD5.3D63410CCC21B66A8C206B21DC179B71] - (.Pas de propriétaire - NclRSSrv Application.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [119808]
[MD5.AE45DDF08B6949057CDB2D2EAAD3DEC4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896]

---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
B0 - SPO: operaprefs.ini [moi] Home URL=https://www.opera.com/

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [moi] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@glowria.fr/FireVMGate] - (. Glowria - npFireVMGate.) -- C:\Program Files\Fichiers communs\Glowria\npFireVMGate.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (...) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\moi\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: WalterShop - {9ec204df-0e48-4c32-816e-2e928a4fd9c2} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [THotkey] . (.TOSHIBA - Hotkey Utility.) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] . (.TOSHIBA Corporation - Pas de description.) -- C:\Windows\System32\TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [DDWMon] . (.TOSHIBA Corporation - TOSHIBA Direct Disc Writer - Event Monitor.) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ACU] . (.Atheros Communications, Inc. - Atheros Client Utility.) -- C:\Program Files\Atheros\ACU.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] bthprops.cpl
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [SFR] . (.Glowria - Glowria Video Manager.) -- C:\Program Files\SFR\SFR.exe
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBCore] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBCore.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [NBCore] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBCore.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2717365320-2752555572-1556439561-1005\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk . (.WinZip Computing, S.L..) -- C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: C:\Documents And Settings\moi\Menu Démarrer\Programmes\Démarrage\OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: C:\Documents And Settings\moi\Menu Démarrer\Programmes\Démarrage\TotalReduc.lnk . (...) -- C:\Program Files\TotalReduc\TotalReducLoader.exe

---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PMB.lnk . (.Sony Corporation.) -- C:\Program Files\Sony\PMB\PMBBrowser.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\SUPER © Uninstall.lnk . (.eRightSoft.) -- C:\Program Files\eRightSoft\SUPER\Setup.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\SUPER ©.lnk . (.eRightSoft.) -- C:\Program Files\eRightSoft\SUPER\SUPER.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Desktop Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\moi\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\moi\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\moi\Menu Démarrer\Programmes\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Documents And Settings\moi\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Free YouTube Download . (...) -- C:\Documents and Settings\moi\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter . (...) -- C:\Documents and Settings\moi\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{72D60110-6F27-490E-AA0F-9D52E8CE401F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{72D60110-6F27-490E-AA0F-9D52E8CE401F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{72D60110-6F27-490E-AA0F-9D52E8CE401F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY - ABBYY network license server.) - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Service de configuration Atheros (ACS) . (.Atheros - ACS.) - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\system32\FsUsbExService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccess (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) . (.Micro Application - L Ile Noyee Drivers Auto Removal.) - C:\WINDOWS\system32\pr2ajbeb.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) . (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: Vodafone Connector Service (VodafoneConnectorService) . (.Vodafone Group - VodafoneConnectorService.) - C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{52B4A0FC-400B-48D4-ABF6-27DD6B62F45F}.job
[MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office system - (.Microsoft Corporation.) [HKLM] -- PROHYBRIDR
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- ABBYY FineReader 9.0 Sprint
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- {F9000000-0018-0000-0000-074957833700}
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assist TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Atheros Client Utility - (.Atheros.) [HKLM] -- {16E8BF9A-B419-4A44-A020-30F8CFB84B9D}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}
O42 - Logiciel: CoreAAC - (.Pas de propriétaire.) [HKLM] -- CoreAAC
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
O42 - Logiciel: Désinstallation du SFR Video Manager - (.Pas de propriétaire.) [HKLM] -- SFR
O42 - Logiciel: EPSON SX420W Series Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON SX420W Series Manual
O42 - Logiciel: EPSON SX420W Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX420W Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EZface ActiveX 208 - (.Pas de propriétaire.) [HKLM] -- EZface ActiveX
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {39F58DDB-B2B8-4B86-AF20-4706A80EB30D}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: EpsonNet Setup 3.2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {C9D8A041-2963-4B31-8FFC-1500F3DB9293}
O42 - Logiciel: Facetheme - (.facetheme.com.) [HKLM] -- facetheme
O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com
O42 - Logiciel: Free Audio CD Burner version 1.4.7 - (.DVDVideoSoft Limited..) [HKLM] -- Free Audio CD Burner_is1
O42 - Logiciel: Free Studio version 4.8 - (.DVDVideoSoft Limited..) [HKLM] -- Free Studio_is1
O42 - Logiciel: Free YouTube to MP3 Converter version 3.9.35.324 - (.DVDVideoSoft Limited..) [HKLM] -- Free YouTube to MP3 Converter_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Gestion d'énergie TOSHIBA - (.TOSHIBA.) [HKLM] -- {8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}
O42 - Logiciel: Guide réseau pour EPSON SX420W Series - (.Pas de propriétaire.) [HKLM] -- EPSON SX420W Series Network Guide
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: InterVideo WinDVD for TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144}
O42 - Logiciel: Java 3D 1.5.2 - (.Sun Microsystems, Inc..) [HKLM] -- {32A9C5B3-D166-4C6D-A11E-A54473150000}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Java(TM) 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160060}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: K-Lite Codec Pack 7.2.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: L'Ile Noyée - (.Micro Application.) [HKLM] -- JackNorm01_SinkingIsland_is1
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {72AD53CC-CCC0-3757-8480-9EE176866A7C}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {0BD83598-C2EF-3343-847B-7D2E84599128}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Hybrid 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Module lingui
0
Réponse 78 / 99
Utilisateur anonyme
 
Le rapport est incomplet, héberge le stp
0
Réponse 79 / 99
zalune Messages postés 167 Statut Membre 4
 
http://www.cijoint.fr/cjlink.php?file=cj201107/cijXyhDKIK.txt
0
Réponse 80 / 99
Utilisateur anonyme
 
Bonjour,
1/
<gras>Désinstallation Pricegong :

* À partir du menu Démarrer.
* Sélectionnez Paramètres
* Cliquez sur Panneau de configuration
* Sélectionnez l'option Ajout ou suppression de programmes.
* Sélectionnez PriceGong
* Cliquez sur Modifier/Supprimer.
* Suivez les instructions à l'écran pour supprimer l'application PriceGong.

Ensuite tu désinstalles également tous les logiciels qui contiennent Toolbar

2/
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

[HKLM\Software\Classes\Conduit.Engine]
[HKLM\Software\Classes\Toolbar.CT2269050]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
[HKCU\Software\Conduit]
[HKLM\Software\Conduit]
[HKCU\Software\conduitEngine]
[HKLM\Software\conduitEngine]
[HKCU\Software\PriceGong]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Toolbar]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine]
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D}
C:\Program Files\Conduit
C:\Program Files\ConduitEngine
C:\Documents and Settings\moi\Application Data\PriceGong
C:\Documents and Settings\moi\Local Settings\Application Data\Conduit
C:\Documents and Settings\moi\Local Settings\Application Data\ConduitEngine
C:\Documents and Settings\moi\Local Settings\Application Data\Conduit
C:\Documents and Settings\moi\Local Settings\Application Data\ConduitEngine
C:\Documents and Settings\moi\Local Settings\Application Data\Conduit
C:\Documents and Settings\moi\Local Settings\Application Data\ConduitEngine


Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

3/
Après avoir effectué les deux étapes citées ci-dessus, redémarre ton PC et prépare un nouveau rapport ZHPDiag pour vérification avant de supprimer les outils utilisés!

-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Membre, Contributeur

-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
0

Discussions similaires

Freebox POP coupure en 2.5gb...
onizuka1000 -
FHL44 -

49 réponses
Deconnexion éthernet
Fabiii01 -
LiamDBR -

4 réponses
Se déconnecter sur Fnac
Abdel_93270 -
Richard -

5 réponses
impossibilité de déconnexion YouTube
DeeDee11 -
Phil -

5 réponses
Déconnexions internet intempestives en ethernet
Toby91 -
Toby91 -

8 réponses