Aider moi s'il vous plait j'ai un rogue

assya50 Messages postés 24 Statut Membre -  
assya50 Messages postés 24 Statut Membre -
Bonjour, j'ai un rogue j'ai télechargé roguekiller mais j'ai besoins d'aide merci d'avance

15 réponses

  1. Utilisateur anonyme
     
    Bonsoir

    Quitter tous les programmes en cours
    Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
    Sinon lancer simplement RogueKiller.exe
    Lorsque demandé, taper 2 et valider
    Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
    Si le programme a été bloqué, ne pas hésiter a essayé plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe

    @+
    2
  2. assya50 Messages postés 24 Statut Membre
     
    merci mais je ne connais personne qui pourrai m'aider je peut te donner le contenu? merci d'avance
    0
  3. Utilisateur anonyme
     
    RE

    C'est ce que je te propose ;de t'aider.
    Envoie le contenu de ce rapport ,merci.

    @+
    0
    1. assya50 Messages postés 24 Statut Membre
       
      RogueKiller V5.2.8 [23/07/2011] par Tigzy
      contact sur https://www.luanagames.com/index.fr.html
      mail: tigzyRK<at>gmail<dot>com
      Remontees: https://www.luanagames.com/index.fr.html

      Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
      Demarrage : Mode normal
      Utilisateur: Collégien [Droits d'admin]
      Mode: Recherche -- Date : 27/07/2011 10:05:51

      Processus malicieux: 0

      Entrees de registre: 14
      [SUSP PATH] HKCU\[...]\Run : fkKWBTbUqCLdXIF (C:\ProgramData\fkKWBTbUqCLdXIF.exe) -> FOUND
      [ROGUE ProgFiles] HKLM\[...]\Run : eorezo ("C:\Program Files\EoRezo\eorezo.exe") -> FOUND
      [SUSP PATH] HKUS\S-1-5-21-2166575320-1284758574-954507884-1001[...]\Run : fkKWBTbUqCLdXIF (C:\ProgramData\fkKWBTbUqCLdXIF.exe) -> FOUND
      [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
      [HJ] HKCU\[...]\ActiveDesktop : NoChangingWallPaper (1) -> FOUND
      [WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
      [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
      [HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
      [HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
      [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
      [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
      [HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
      [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
      [HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

      Fichier HOSTS:


      Termine : << RKreport[2].txt >>
      RKreport[1].txt ; RKreport[2].txt
      merci
      0
    2. Utilisateur anonyme
       
      Relance RogueKiller et passe à l'option suppression (2) et poste moi ce rapport ;merci.

      @+
      0
    3. assya50 Messages postés 24 Statut Membre
       
      RogueKiller V5.3.1 [06/08/2011] par Tigzy
      contact sur https://www.luanagames.com/index.fr.html
      mail: tigzyRK<at>gmail<dot>com
      Remontees: https://www.luanagames.com/index.fr.html

      Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
      Demarrage : Mode normal
      Utilisateur: Collégien [Droits d'admin]
      Mode: Suppression -- Date : 09/08/2011 20:56:36

      Processus malicieux: 0

      Entrees de registre: 0

      Fichier HOSTS:


      Termine : << RKreport[7].txt >>
      RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
      RKreport[6].txt ; RKreport[7].txt

      merci
      0
  4. Utilisateur anonyme
     
    Re

    Télécharge Malwaresbytes anti malware ici
    http://www.malwarebytes.org/mbam.php

    Bouton »Download free version »

    * Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    (NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/

    * Potasse le tuto pour te familiariser avec le prg :

    https://forum.pcastuces.com/sujet.asp?f=31&s=3

    (cela dis, il est très simple d'utilisation).

    relance Malwaresbytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    * Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)

    Fais un examen dit "Complet"

    --> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    --> à la fin tu cliques sur "Afficher les résultats" " .
    --> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

    @+

    0
    1. assya50 Messages postés 24 Statut Membre
       
      Malwarebytes' Anti-Malware 1.51.1.1800
      www.malwarebytes.org

      Version de la base de données: 7425

      Windows 6.1.7600
      Internet Explorer 8.0.7600.16385

      10/08/2011 14:58:53
      mbam-log-2011-08-10 (14-58-53).txt

      Type d'examen: Examen complet (C:\|D:\|E:\|F:\|)
      Elément(s) analysé(s): 502124
      Temps écoulé: 1 heure(s), 7 minute(s), 53 seconde(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 1
      Clé(s) du Registre infectée(s): 39
      Valeur(s) du Registre infectée(s): 5
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 30
      Fichier(s) infecté(s): 47

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      c:\program files\eoRezo\eorezobho.dll (Rogue.Eorezo) -> Delete on reboot.

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\EoEngineBHO.EOBHO.1 (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\EoEngineBHO.EOBHO (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF} (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F} (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoRezo_is1 (Rogue.Eorezo) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419D-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\eoRezo (Rogue.Eorezo) -> Delete on reboot.
      c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64} (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\scanquery (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Download (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software\itsTV (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software\itsTV\3.0.1.545 (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      c:\program files\eoRezo\eorezobho.dll (Rogue.Eorezo) -> Delete on reboot.
      c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Local\Temp\is271270771\sweetimpack3405.exe (Trojan.Dropper.Pak) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\Desktop\rk_quarantine\eorezo.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\Desktop\rk_quarantine\fkkwbtbuqcldxif.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesahook.dll (Adware.HotBar.Gen) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\scanquery\uninstall.exe (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\programdata\fkkwbtbuqcldxif.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      c:\programdata\p1kalmig2kb7fz.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\programdata\clickpotatolitesa\clickpotatolitesa_hpk.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
      c:\program files\eoRezo\confmedia.cyp (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\program files\eoRezo\unins000.dat (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\program files\eoRezo\unins000.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome.manifest (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\install.rdf (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome\scanquery.jar (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\engineuninstallhelper.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\help_config.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\user_config.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software\itsTV\3.0.1.545\itstv.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\collégien\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\Invité\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
      c:\Users\sarah\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
      merci
      0
    2. assya50 Messages postés 24 Statut Membre
       
      j'ai aussi une petite question tous mes image musique et vidéo ont disparue c'est possible sue je les retrouvent? merci
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Bonsoir

    Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

    Ou

    https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    Serveur N°2

    Ou

    http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    en bas de la page ZHP avec un numéro de version.

    Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.

    Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »

    Clique sur la loupe pour lancer l'analyse.

    Laisse l'outil travailler, il peut être assez long.

    Ferme ZHPDiag en fin d'analyse.

    Pour transmettre le rapport clique sur ce lien :

    http://www.cijoint.fr/index.php

    http://pjjoint.malekal.com/

    Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\ZHP \ZHPDiag).

    Sélectionne le fichier ZHPDiag.txt.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    Merci

    A+
    0
  7. assya50 Messages postés 24 Statut Membre
     
    je suis désoler si je n'ai pas copier le lien je ne suis pas trés forte en informatique merci et aussi j'ai aussi une petite question tous mes image musique et vidéo ont disparue c'est possible que je les retrouvent? merci
    0
  8. Utilisateur anonyme
     
    Bonsoir

    Il te suffit de lire et d'appliquer pour me poster ce rapport.

    @+
    0
    1. assya50 Messages postés 24 Statut Membre
       
      Rapport de ZHPDiag/MD5 v1.28.1322 par Nicolas Coolman, Update du 10/08/2011
      Run by Collégien at 8/11/2011 12:51:46 PM
      Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


      ---\\ Web Browser
      MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
      MFIE: Mozilla Firefox v3.6 (fr)

      ---\\ Windows Product Information
      Windows 7 Business Edition, 32-bit (Build 7600)
      Windows Server License Manager Script : OK
      ~ Windows(R) 7, OEM_SLP channel
      System Locked Preinstallation (OEM_SLP) : OK
      Windows ID Activation : OK
      ~ Windows Partial Key : 6P6GT
      Windows License : OK
      ~ Windows Remaining Initializations Number : 1
      Software Protection Service (Protection logicielle) : OK
      Windows Automatic Updates : OK
      Windows Activation Technologies : OK

      ---\\ System Information
      ~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
      ~ Operating System: 32 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 2042.3 MB (45% free)
      System Restore: Activé (Enable)
      System drive C: has 180 GB (83%) free of 216 GB

      ---\\ Logged in mode
      ~ Computer Name: ORDI-COLLÉGIEN
      ~ User Name: Collégien
      ~ All Users Names: sarah, HomeGroupUser$, Collégien, Administrateur,
      ~ Unselected Option: O45,O61,O62,O65,O66,O82
      Logged in as Administrator

      ---\\ Environnement Variables
      ~ System Unit : C:\
      ~ %AppData% : C:\Users\Collégien\AppData\Roaming\
      ~ %Desktop% : C:\Users\Collégien\Desktop\
      ~ %Favorites% : C:\Users\Collégien\Favorites\
      ~ %LocalAppData% : C:\Users\Collégien\AppData\Local\
      ~ %StartMenu% : C:\Users\Collégien\AppData\Roaming\Microsoft\Windows\Start Menu\
      ~ %Windir% : C:\windows\
      ~ %System% : C:\windows\system32\

      ---\\ DOS/Devices
      C:\ Hard drive, Flash drive, Thumb drive (Free 180 Go of 216 Go)
      D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 15 Go)
      E:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go)
      F:\ CD-ROM drive (Not Inserted)



      ---\\ Security Center & Tools Informations
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
      [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
      [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
      ~ Scan Security Center in 00mn AMs



      ---\\ Recherche particulière de fichiers génériques
      [MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.8/11/2011 - 6:33:07 AM.) -- C:\windows\Explorer.exe [2614784]
      [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.8/11/2011 - 2:14:31 AM.) -- C:\windows\system32\rundll32.exe [44544]
      [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.8/11/2011 - 2:14:45 AM.) -- C:\windows\system32\Wininit.exe [96256]
      [MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/11/2011 - 8:31:50 PM.) -- C:\windows\system32\wininet.dll [981504]
      [MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.8/11/2011 - 7:17:59 AM.) -- C:\windows\system32\Winlogon.exe [285696]
      [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.8/11/2011 - 2:26:15 AM.) -- C:\windows\system32\drivers\atapi.sys [21584]
      [MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.8/10/2011 - 6:44:01 AM.) -- C:\windows\system32\drivers\ntfs.sys [1210240]
      [MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.8/10/2011 - 2:16:15 AM.) -- C:\windows\system32\sppcomapi.dll [193024]
      [MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.8/10/2011 - 5:18:36 AM.) -- C:\windows\system32\fr-FR\user32.dll.mui [19968]
      ~ Scan Generic Processes in 00mn AMs



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 401/401 (Modified)
      ~ Mes musiques (My Musics) : 53/53 (Modified)
      ~ Mes Videos (My Videos) : 35/105
      ~ Mes Favoris (My Favorites) : 18/54
      ~ Mes Documents (My Documents) : 61/186
      ~ Mon Bureau (My Desktop) : 15/69
      ~ Menu demarrer (Programs) : 28/84
      ~ Scan Hidden Files in 00mn AMs



      ---\\ Processus lancés
      [MD5.B210175A0B9247540F4D8D8102C86A31] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [288312] [PID.3788]
      [MD5.F89C612B4BD55044D2780A078293563A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3796]
      [MD5.DA4ED31DD43ABB0AF99888E236FFDB91] - (.Hewlett-Packard - HP Wireless Assistant Main Program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744] [PID.3824]
      [MD5.27BECC2AF4E3ABF31B1E8214A7EFDD9E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512] [PID.3832]
      [MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.3856]
      [MD5.AE4EF9E48BF99CF1FB7336475C4244FB] - (.Pegtop Software - Menu Démarrer portable PStart.) -- C:\Ordinateur-collegiens\LANCEUR\PStart.exe [778760] [PID.3876]
      [MD5.318270684C812E88FE63DC4C3021FC2B] - (.ALWIL Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2756488] [PID.3884]
      [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.3920]
      [MD5.F43B91D94A766B5D6C401FA69BCC8A1B] - (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe [1115536] [PID.3932]
      [MD5.79A68515003E994D8632D1802C149430] - (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe [59392] [PID.3944]
      [MD5.BB6F29A0F374D0BFC5DE0B5C633AA439] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [399312] [PID.3952]
      [MD5.CCF2234A35077CA217A61C9CACC48198] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.924]
      [MD5.D2661AF7E22AE40F7A49AF1155CC34D2] - (. Hewlett-Packard Development Company, L.P. - Volume related element.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [76344] [PID.1140]
      [MD5.9CCA0C387F6E6A1D5CFEF82992DC601C] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4280]
      [MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.4696]
      [MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [632888] [PID.4716]
      [MD5.017B1CDDA13B2FBBD54232BA19C8C6A5] - (.Hewlett-Packard Development Company L.P. - hpCaslNotification.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe [311352] [PID.4832]
      [MD5.0CA771F00AED8878DB6B9423B85D76B9] - (.Bandoo Media Inc. - Bandoo Core.) -- C:\PROGRA~1\Bandoo\BndCore.exe [1221520] [PID.5564]
      [MD5.C337B8A121F62B330A01D1308AF3394F] - (.Microsoft Corporation - Windows Live Messenger Companion User Eleva.) -- C:\Program Files\Windows Live\Companion\companionuser.exe [54656] [PID.5856]
      [MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\windows\system32\wuauclt.exe [47104] [PID.3308]
      [MD5.00501883BC325205DF90E72263743361] - (.Igor Pavlov - 7-Zip File Manager.) -- C:\Program Files\7-Zip\7zFM.exe [388096] [PID.3124]
      [MD5.BFF67166267E2FAE0589C3F992EAA1A5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664576] [PID.5324]
      ~ Scan Processes Running in 02mn AMs



      ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
      C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Preferences
      G1 - GCS: Preference [User Data\Default] None
      G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
      ~ Scan Google Browser in 00mn AMs



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\v4v62qvi.default\prefs.js
      M3 - MFPP: Plugins - [Collégien] -- C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\v4v62qvi.default\searchplugins\bing.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\v4v62qvi.default\searchplugins\SearchquWebSearch.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchquWebSearch.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
      M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
      M0 - MFSP: prefs.js [Collégien - v4v62qvi.default] http://www.searchnu.com/
      M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\DefaultManager@Microsoft] [] Default Manager v3.0 (.Microsoft Corporation.)
      M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\ffox@bandoo.com] [] Bandoo for Firefox v5.1 (.Microsoft Corporation.)
      M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\ietab@ip.cn] [] IE Tab Plus v1.95.20100930 (.quaful@msn.com.)
      M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\{04253f76-f258-4b03-7b4a-0bebad2ca3e9}] [] v (.FaceMoicemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a
      M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\{99079a25-328f-4bd4-be04-00955acaa0a7}] [] Searchqu Toolbar v4.1.0.01 (.Visicom Media Inc..)
      P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
      P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
      P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
      P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.2".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
      P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
      P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
      P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32.dll
      P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\windows\system32\Adobe\Director\np32dsw.dll
      P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
      P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
      P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.448] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
      P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
      P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
      P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
      P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.3] - (...) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)
      ~ Scan Firefox Browser in 00mn AMs



      ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
      R0 - HKUS\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
      R1 - HKUS\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
      R3 - URLSearchHook: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Elf_1\prxtbElf0.dll
      R3 - URLSearchHook: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Elf_1.15\prxtbElf0.dll
      R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.12.3.17451) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
      R3 - URLSearchHook: (no name) - . (...) (No version) -- (.not file.)
      R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
      ~ Scan IE Browser in 00mn AMs



      ---\\ Redirection du fichier Hosts (O1)
      ~ Scan Hosts File in 00mn AMs



      ---\\ Browser Helper Objects de navigateur (O2)
      [MD5.B3436EE055088B0EAB32C57BB98C6E61] - (.Vertro - alot.dll.) -- C:\Program Files\alot\bin\BHO\alotBHO.dll [895848] [PID.]
      [MD5.E5EF96D01F3B696817DB909B732D9BB2] - (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [75200] [PID.]
      [MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1\prxtbElf0.dll [175912] [PID.]
      [MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngin0.dll [175912] [PID.]
      [MD5.6BF01E200063D7274F3AF06D226671F5] - (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [439168] [PID.]
      [MD5.AD14E447F7CED4CA987B91B379EAF952] - (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll [88976] [PID.]
      [MD5.47BDBCE3E2D819B17AB9FA4539B9DF71] - (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll [393600] [PID.]
      [MD5.0FA93D6DF5A8A27FF28AE778A713CB34] - (.Discordia, LTD - IEHelper.) -- C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll [722840] [PID.]
      [MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15\prxtbElf0.dll [175912] [PID.]
      [MD5.9344E83E306D4B6947D69D4A6EC99021] - (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll [1491920] [PID.]
      [MD5.E7D55E121FF1951CB86C7E0DC6A33877] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll [42272] [PID.]
      [MD5.5B5901544DE8C858A4AF8157E1CD6B21] - (.Bandoo Media Inc. - Bandoo IE Plugin.) -- C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2046864] [PID.]
      ~ Scan BHO in 00mn AMs



      ---\\ Internet Explorer Toolbars (O3)
      [MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1\prxtbElf0.dll [175912] [PID.]
      [MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngin0.dll [175912] [PID.]
      [MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15\prxtbElf0.dll [175912] [PID.]
      [MD5.B3436EE055088B0EAB32C57BB98C6E61] - (.Vertro - alot.dll.) -- C:\Program Files\alot\bin\alot.dll [895848] [PID.]
      [MD5.AD14E447F7CED4CA987B91B379EAF952] - (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll [88976] [PID.]
      [MD5.9344E83E306D4B6947D69D4A6EC99021] - (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll [1491920] [PID.]
      ~ Scan Toolbar in 00mn AMs



      ---\\ Applications démarrées par registre & par dossier (O4)
      ~ Scan Application in 00mn AMs



      ---\\ Autres liens utilisateurs (O4)
      [MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.4696]
      [MD5.4AF03A259247AD145764DC9C8732DCBE] - (.IN MEDIA KG - FotoWorks.) -- C:\Program Files\FotoWorksXL\FotoWorksXL.exe [5388920] [PID.]
      [MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.4696]
      [MD5.AE4EF9E48BF99CF1FB7336475C4244FB] - (.Pegtop Software - Menu Démarrer portable PStart.) -- C:\Ordinateur-collegiens\LANCEUR\PStart.exe [778760] [PID.3876]
      [MD5.D41D8CD98F00B204E9800998ECF8427E] - (...) -- C:\Ordinateur-collegiens [0] [PID.]
      [MD5.E496F7EE85868AA755061D243C3D1CA8] - (.Anthropics Technology Ltd. - Portrait Professional.) -- C:\Program Files\Portrait Professional 9 Trial\PortraitProfessionalTrial.exe [3904280] [PID.]
      [MD5.16F860934DE254A0CFD3DC221AC576AD] - (.Enigma Software Group USA, LLC. - SpyHunter4 application.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [4706208] [PID.]
      [MD5.53E1F6B34CCAAC575727872CCEFCAA62] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1017912] [PID.]
      [MD5.D46D155212B5810B667330260A1FA93F] - (...) -- C:\Program Files\WhiteSmoke\WSEnrichment.exe [2174976] [PID.]
      ~ Scan Global Startup in 00mn AMs



      ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
      [MD5.71C34AD100CCB6AEECE9EF1F0631EAC8] - (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [3989] [PID.]
      [MD5.1D36C559FF6C1EFD2FC22518AF789056] - (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [1430] [PID.]
      ~ Scan IE Menu Contextuel in 00mn AMs



      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      ~ Scan IE Extra Buttons in 00mn AMs



      ---\\ Winsock hijacker (Layered Service Provider) (O10)
      [MD5.045DB4EAB4FBD23210E85ECC3F464A2E] - (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll [51712] [PID.]
      [MD5.11A41F17527ED75D6B758FDD7F4FD00D] - (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\windows\system32\mswsock.dll [232448] [PID.]
      [MD5.5DF5D8CFD9B9573FA3B2C89D9061A240] - (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll [20992] [PID.]
      [MD5.0B7E85364CB878E2AD531DB7B601A9E5] - (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de m.) -- C:\windows\system32\napinsp.dll [52224] [PID.]
      [MD5.5CF640EDDB1E40A5AB1BB743BCDEC610] - (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll [65024] [PID.]
      [MD5.5CF640EDDB1E40A5AB1BB743BCDEC610] - (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll [65024] [PID.]
      [MD5.3A2BB97D54A2189C9900A735C0531B59] - (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll [35840] [PID.]
      [MD5.9D4A1690AF93F233E15380398BEC7431] - (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provid.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] [PID.]
      [MD5.9D4A1690AF93F233E15380398BEC7431] - (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provid.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] [PID.]
      ~ Scan Winsock in 00mn AMs



      ---\\ Protocole additionnel (O18)
      [MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.BE21C5C05E5E8536F1385100CC8EAFA5] - (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll [2291712] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.B5400D93D472B565FF254DCD38B43C42] - (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\System32\itss.dll [142848] [PID.]
      [MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
      [MD5.C91C67FEA06BD90AAF2AA00BFC74A035] - (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll [65912] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
      [MD5.C6595B078842E187C6587A285B43A565] - (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\windows\system32\inetcomm.dll [740864] [PID.]
      [MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
      [MD5.B5400D93D472B565FF254DCD38B43C42] - (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\System32\itss.dll [142848] [PID.]
      [MD5.C91C67FEA06BD90AAF2AA00BFC74A035] - (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll [65912] [PID.]
      [MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
      [MD5.BE21C5C05E5E8536F1385100CC8EAFA5] - (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll [2291712] [PID.]
      [MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
      [MD5.6D84295FAC747D51FA287BC17DA2C9EE] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll [741240] [PID.]
      [MD5.DF07358FDA177F70DE329D627D838F95] - (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [42864] [PID.]
      ~ Scan Protocole Additionnel in 00mn AMs



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      [MD5.8C82112D833DDCDDB6C194F29672A667] - (.Discordia, LTD - Data Manager.) -- c:\progra~1\wia6eb~1\datamngr\datamngr.dll [727952] [PID.]
      ~ Scan AppInit DLL in 00mn AMs



      ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
      ~ Scan SSODL in 00mn AMs



      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      [MD5.4DC6B0772D1698F04FC79053A21C8260] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\windows\system32\AEADISRV.exe [90112] [PID.]
      [MD5.6416F9B6B220F0A890525C38235AFAD7] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336] [PID.]
      [MD5.A236CEE2BF90381E981EBB870429FA9B] - (.AMD - AMD External Events Service Module.) -- C:\windows\system32\atiesrxx.exe [176128] [PID.]
      [MD5.61D3B90C1600165110470502835FB646] - (.ALWIL Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384] [PID.]
      [MD5.22836819B4EF868ED7A7583EB6641E4D] - (.Bandoo Media Inc. - Bandoo Coordinator.) -- C:\PROGRA~1\Bandoo\Bandoo.exe [1617296] [PID.]
      [MD5.7D2DD14E60CE4FF3308D66FDA7990546] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [582944] [PID.]
      [MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.]
      [MD5.BE78357FB49759B79CCC01894BCFDDDB] - (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520] [PID.]
      [MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.]
      [MD5.D1F817E61D52816996B8F1EBA9A38276] - (.Hewlett-Packard - HpService.) -- C:\windows\system32\Hpservice.exe [26168] [PID.]
      [MD5.F54B3DB096ABD6E9BBBD052FD3878A48] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.]
      [MD5.A1043645D16915DF12A6F2E049922A18] - (.Lexmark International, Inc. - LexBce Service.) -- C:\windows\System32\LEXBCES.exe [311296] [PID.]
      [MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
      [MD5.80329CEE682A5BDEB92C34648BD43F5D] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416] [PID.]
      [MD5.64A5F0040AEFF9814F04E16DCBAEBE60] - (.Enigma Software Group USA, LLC. - Service scanner interface.) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.exe [735648] [PID.]
      ~ Scan Services in 00mn AMs



      ---\\ Enumération Active Desktop & MHTML Editor (O24)
      ~ Scan Desktop Component in 00mn AMs



      ---\\ Tâches planifiées en automatique (O39)
      [MD5.BB5E1A3FEDAA266CFBC535BA22E72599] - (...) -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1cc50e11c1eaf8.job [1054] [PID.]
      [MD5.2744DABF8000B6FCB16EA3830DE35983] - (...) -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1cc50e12239466.job [1058] [PID.]
      ~ Scan Scheduled Task in 04mn AMs



      ---\\ Pilotes lancés au démarrage (O41)
      ~ Scan Drivers in 00mn AMs



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 7/22/2011 - 10:12:51 AM --HA- . (...) -- C:\windows\system32\DOErrors.log [52]
      O44 - LFC:[MD5.D1206907A7AAE3EB87E060EDC8C686ED] - 7/22/2011 - 3:44:06 PM --HA- . (...) -- C:\windows\system32\Ikeext.etl [196608]
      O44 - LFC:[MD5.431255922FCBACA7B8F1434D86691A2B] - 7/22/2011 - 4:05:53 PM --HA- . (...) -- C:\windows\system32\jupdate-1.6.0_26-b03.log [6887]
      O44 - LFC:[MD5.0A899DA43C0C82A96E695F3BA6A5FC0D] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\deployJava1.dll [472808]
      O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\java.exe [145184]
      O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\javaw.exe [145184]
      O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\windows\system32\javaws.exe [157472]
      O44 - LFC:[MD5.6B537FFD1943B57F62CD5FF8D175A95C] - 7/25/2011 - 10:05:45 AM --HA- . (...) -- C:\windows\wininit.ini [679]
      O44 - LFC:[MD5.CF40BF286F062A455BBF6E3E55CB185A] - 7/25/2011 - 8:37:29 AM --HA- . (...) -- C:\windows\system32\FNTCACHE.DAT [470136]
      O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 7/25/2011 - 9:46:54 AM --HA- . (...) -- C:\autoexec.bat [0]
      O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 8/10/2011 - 12:36:52 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbamswissarmy.sys [41272]
      O44 - LFC:[MD5.5CAAA01EB5316028DE3B15BCAFEB831A] - 8/10/2011 - 2:00:33 PM --HA- . (...) -- C:\windows\PFRO.log [5240]
      O44 - LFC:[MD5.9AD8FC6F912AC7F11DCD024031959ABF] - 8/11/2011 - 11:39:19 AM -S-A- . (...) -- C:\windows\bootstat.dat [67584]
      O44 - LFC:[MD5.403176229D65E34C93C89FB6422666EC] - 8/11/2011 - 11:39:22 AM --HA- . (...) -- C:\windows\setupact.log [15618]
      O44 - LFC:[MD5.57FEF7FB4812B0BC0C3C17B3D3A30273] - 8/11/2011 - 11:42:48 AM --HA- . (...) -- C:\windows\WindowsUpdate.log [1161601]
      O44 - LFC:[MD5.C0E9F8FE474F7825F8AF21D9FE9C304F] - 8/11/2011 - 11:50:20 AM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
      ~ Scan Files in 02mn AMs



      ---\\ Contrôle du Safe Boot (CSB) (O49)
      ~ Scan CSB in 00mn AMs



      ---\\ Liste des Drivers Système (O58)
      O58 - SDL:[MD5.080A40550FB95A328917512F3F5A0409] - 8/11/2011 - 2:01:14 PM --HA- . (.Ricoh co.,Ltd. - Ricoh USB Camera driver.) -- C:\windows\system32\drivers\5U876.sys [118656]
      O58 - SDL:[MD5.4DF5E6215A102A192B2B6DBB61F2FBA5] - 8/11/2011 - 9:48:22 PM --HA- . (.Hewlett-Packard - HP Accelerometer.) -- C:\windows\system32\drivers\Accelerometer.sys [33848]
      O58 - SDL:[MD5.6C61BCEB60C2C187E6F96001FD69493E] - 8/11/2011 - 10:32:58 PM --HA- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\windows\system32\drivers\ADIHdAud.sys [381440]
      O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\system32\drivers\adp94xx.sys [422976]
      O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 8/10/2011 - 2:26:17 AM --HA- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\system32\drivers\adpahci.sys [297552]
      O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\system32\drivers\adpu320.sys [146512]
      O58 - SDL:[MD5.7E10E3BB9B258AD8A9300F91214D67B9] - 8/11/2011 - 11:13:48 PM --HA- . (.LSI Corp - SoftModem Device Driver.) -- C:\windows\system32\drivers\AGRSM.sys [1035776]
      O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 8/10/2011 - 2:26:15 AM --HA- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\system32\drivers\aliide.sys [14400]
      O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 8/10/2011 - 6:43:46 AM --HA- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\system32\drivers\amdsata.sys [80256]
      O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 8/10/2011 - 2:26:15 AM --HA- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\windows\system32\drivers\amdsbs.sys [159312]
      O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 8/10/2011 - 6:43:46 AM --HA- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\system32\drivers\amdxata.sys [22400]
      O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\system32\drivers\arc.sys [76368]
      O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\system32\drivers\arcsas.sys [86608]
      O58 - SDL:[MD5.A289930E70F3FA3B07DF80D2B052794E] - 8/11/2011 - 6:38:23 PM ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\windows\system32\drivers\aswFsBlk.sys [19024]
      O58 - SDL:[MD5.1BA678226FCF8EA47793C99992E8EE31] - 8/11/2011 - 6:38:45 PM ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\windows\system32\drivers\aswMonFlt.sys [51792]
      O58 - SDL:[MD5.CC40B9C301AF5D145713B2764EEC3907] - 8/11/2011 - 6:39:01 PM ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\windows\system32\drivers\aswRdr.sys [23376]
      O58 - SDL:[MD5.67DB88B01FC1D815968230458814EB8D] - 8/11/2011 - 6:42:13 PM ---A- . (.ALWIL Software - avast! self protection module.) -- C:\windows\system32\drivers\aswSP.sys [162512]
      O58 - SDL:[MD5.EC8EF1CE2D6CA1071BE8B7888FFA48C0] - 8/11/2011 - 6:42:34 PM ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\windows\system32\drivers\aswTdi.sys [46672]
      O58 - SDL:[MD5.E2398389648B5D44DC63CA43FDD5B3F8] - 8/11/2011 - 11:48:00 AM --HA- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\windows\system32\drivers\AtiHdmi.sys [103440]
      O58 - SDL:[MD5.A4252328D2B1520571102992EF0B0E5C] - 8/11/2011 - 9:25:40 PM --HA- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\windows\system32\drivers\atikmdag.sys [4994048]
      O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 8/10/2011 - 11:02:49 PM --HA- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\windows\system32\drivers\b57nd60x.sys [229888]
      O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 8/10/2011 - 11:53:28 PM --HA- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\windows\system32\drivers\BrFiltLo.sys [13568]
      O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 8/10/2011 - 11:53:28 PM --HA- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\windows\system32\drivers\BrFiltUp.sys [5248]
      O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 8/10/2011 - 1:57:25 AM --HA- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\windows\system32\drivers\BrSerId.sys [272128]
      O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 8/10/2011 - 11:53:32 PM --HA- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\system32\drivers\BrSerWdm.sys [62336]
      O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 8/10/2011 - 11:53:33 PM --HA- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\system32\drivers\BrUsbMdm.sys [12160]
      O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 8/10/2011 - 11:53:33 PM --HA- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\system32\drivers\BrUsbSer.sys [11904]
      O58 - SDL:[MD5.D57D29132EFE13A83133D9BD449E0CF1] - 8/10/2011 - 9:46:14 PM --HA- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\windows\system32\drivers\btwaudio.sys [86056]
      O58 - SDL:[MD5.D282C14A69357D0E1BAFAECC2CA98C3A] - 8/10/2011 - 9:46:12 PM --HA- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\windows\system32\drivers\btwavdt.sys [108072]
      O58 - SDL:[MD5.AAFD7CB76BA61FBB08E302DA208C974A] - 8/10/2011 - 12:32:50 AM --HA- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\windows\system32\drivers\btwl2cap.sys [29472]
      O58 - SDL:[MD5.02EB4D2B05967DF2D32F29C84AB1FB17] - 8/10/2011 - 9:46:04 PM --HA- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\windows\system32\drivers\btwrchid.sys [18344]
      O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 8/10/2011 - 11:02:48 PM --HA- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\system32\drivers\bxvbdx.sys [430080]
      O58 - SDL:[MD5.B025339FBC76547DB7D9633D83D0706D] - 8/10/2011 - 12:00:00 PM --HA- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\windows\system32\drivers\cdr4_xp.sys [9072]
      O58 - SDL:[MD5.2EDE09C61866FAC671953576FE4CA3BC] - 8/10/2011 - 12:00:00 PM --HA- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\windows\system32\drivers\cdralw2k.sys [9200]
      O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 8/10/2011 - 2:26:21 AM --HA- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\system32\drivers\cmdide.sys [15952]
      O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 8/10/2011 - 2:20:28 AM --HA- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\system32\drivers\djsvs.sys [70720]
      O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 8/10/2011 - 2:20:28 AM --HA- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\windows\system32\drivers\elxstor.sys [453712]
      O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 8/10/2011 - 11:02:48 PM --HA- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\system32\drivers\evbdx.sys [3100160]
      O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 8/10/2011 - 11:54:14 PM --HA- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\windows\system32\drivers\hcw85cir.sys [26624]
      O58 - SDL:[MD5.E1D82F0C8456ABB03B7DF5D623CA47D1] - 8/10/2011 - 9:48:38 PM --HA- . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\windows\system32\drivers\hpdskflt.sys [25656]
      O58 - SDL:[MD5.1210960FF8928950D2A786895B0C424A] - 8/11/2011 - 4:46:54 PM --HA- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\windows\system32\drivers\HpqKbFiltr.sys [15872]
      O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 8/10/2011 - 2:20:28 AM --HA- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\windows\system32\drivers\HpSAMD.sys [67152]
      O58 - SDL:[MD5.01446278D4563B3013C92830AE6CBB26] - 8/11/2011 - 2:17:26 PM --HA- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStor.sys [330264]
      O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 8/10/2011 - 6:43:55 AM --HA- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStorV.sys [332160]
      O58 - SDL:[MD5.AD626F6964F4D364D226C39E06872DD3] - 8/10/2011 - 10:19:30 PM --HA- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\system32\drivers\igdkmd32.sys [4756480]
      O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 8/10/2011 - 2:20:36 AM --HA- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\system32\drivers\iirsp.sys [41040]
      O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\system32\drivers\lsi_fc.sys [95824]
      O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 8/10/2011 - 2:20:37 AM --HA- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas.sys [89168]
      O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas2.sys [54864]
      O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\system32\drivers\lsi_scsi.sys [96848]
      O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 8/10/2011 - 6:52:42 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbamswissarmy.sys [41272]
      O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\windows\system32\drivers\megasas.sys [30800]
      O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\system32\drivers\MegaSR.sys [235584]
      O58 - SDL:[MD5.64B96DE8C492BD435372D9130A535F1D] - 8/10/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\windows\system32\drivers\mfeavfk.sys [79816]
      O58 - SDL:[MD5.078E87A89D36CC3516F19D5FB518BDDC] - 8/10/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\windows\system32\drivers\mfebopk.sys [35272]
      O58 - SDL:[MD5.168C565101FD5B9DB694EFDEC91FAFA9] - 8/11/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\windows\system32\drivers\mfehidk.sys [214024]
      O58 - SDL:[MD5.E0842F67DC9BC4D21D1E319610EBE9E5] - 8/10/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\windows\system32\drivers\mferkdk.sys [34248]
      O58 - SDL:[MD5.43A7ACBBD70ECD62F0B63486C72089A3] - 8/11/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\windows\system32\drivers\mfetdik.sys [55336]
      O58 - SDL:[MD5.D1F531B61CB35422D691E545DE60554C] - 8/10/2011 - 12:30:00 AM --HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\system32\drivers\NETw1v32.sys [5958656]
      O58 - SDL:[MD5.5B2DFA9C5C02DDF2A113CC0F551B59DF] - 8/11/2011 - 3:36:40 PM --HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\system32\drivers\NETw5s32.sys [6755840]
      O58 - SDL:[MD5.58218EC6B61B1169CF54AAB0D00F5FE2] - 8/10/2011 - 11:02:51 PM --HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\system32\drivers\netw5v32.sys [4231168]
      O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 8/10/2011 - 2:20:44 AM --HA- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\system32\drivers\nfrd960.sys [44624]
      O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 8/10/2011 - 6:44:01 AM --HA- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\system32\drivers\nvraid.sys [117120]
      O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 8/10/2011 - 6:44:01 AM --HA- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\system32\drivers\nvstor.sys [143744]
      O58 - SDL:[MD5.40FEDD328F98245AD201CF5F9F311724] - 8/10/2011 - 12:00:00 PM --HA- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\windows\system32\drivers\pxhelp20.sys [45200]
      O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 8/10/2011 - 2:19:04 AM --HA- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\system32\drivers\ql2300.sys [1383488]
      O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 8/10/2011 - 2:19:04 AM --HA- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\system32\drivers\ql40xx.sys [106064]
      O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 8/11/2011 - 9:50:20 PM --HA- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\windows\system32\drivers\secdrv.sys [20480]
      O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 8/10/2011 - 2:19:04 AM --HA- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\system32\drivers\sisraid2.sys [40016]
      O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 8/10/2011 - 2:19:04 AM --HA- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\system32\drivers\sisraid4.sys [77888]
      O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 8/10/2011 - 2:19:04 AM --HA- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\windows\system32\drivers\stexstor.sys [21072]
      O58 - SDL:[MD5.1DE40024679CDE0E573465253519730E] - 8/11/2011 - 1:33:04 AM --HA- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\windows\system32\drivers\SynTP.sys [213680]
      O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 8/10/2011 - 2:19:10 AM --HA- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\system32\drivers\viaide.sys [16976]
      O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 8/10/2011 - 2:19:11 AM --HA- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\system32\drivers\vsmraid.sys [141904]
      O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 8/11/2011 - 9:22:00 AM --HA- . (...) -- C:\windows\system32\drivers\yk62x86.sys [315392]
      O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 8/11/2011 - 10:40:41 PM ---A- . (...) -- C:\windows\system32\ANSI.SYS [9029]
      O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 8/11/2011 - 10:40:44 PM ---A- . (...) -- C:\windows\system32\country.sys [27097]
      O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 8/11/2011 - 10:40:40 PM ---A- . (...) -- C:\windows\system32\HIMEM.SYS [4768]
      O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 8/11/2011 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEY01.SYS [42809]
      O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 8/11/2011 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEYBOARD.SYS [42537]
      O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 8/11/2011 - 10:40:23 PM ---A- . (...) -- C:\windows\system32\NTDOS.SYS [27866]
      O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 8/11/2011 - 10:40:31 PM ---A- . (...) -- C:\windows\system32\NTDOS404.SYS [29146]
      O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 8/11/2011 - 10:40:35 PM ---A- . (...) -- C:\windows\system32\NTDOS411.SYS [29370]
      O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 8/11/2011 - 10:40:39 PM ---A- . (...) -- C:\windows\system32\NTDOS412.SYS [29274]
      O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 8/11/2011 - 10:40:27 PM ---A- . (...) -- C:\windows\system32\NTDOS804.SYS [29146]
      O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 8/11/2011 - 10:40:11 PM ---A- . (...) -- C:\windows\system32\NTIO.SYS [33952]
      O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 8/11/2011 - 10:40:15 PM ---A- . (...) -- C:\windows\system32\NTIO404.SYS [34672]
      O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 8/11/2011 - 10:40:17 PM ---A- . (...) -- C:\windows\system32\NTIO411.SYS [35776]
      O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 8/11/2011 - 10:40:19 PM ---A- . (...) -- C:\windows\system32\NTIO412.SYS [35536]
      O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 8/11/2011 - 10:40:13 PM ---A- . (...) -- C:\windows\system32\NTIO804.SYS [34672]
      ~ Scan Drivers in 01mn AMs



      End of the scan (487 lhttp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txtines in 24mn AMs)(0)
      0
  9. Utilisateur anonyme
     
    Re

    Ce rapport est incomplet;
    pour me le transmettre clique sur ce lien :

    http://www.cijoint.fr/index.php

    http://pjjoint.malekal.com/

    Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    @+
    0
    1. assya50 Messages postés 24 Statut Membre
       
      merci il m'ont dit de copier ce lien à la personne qui vont aide donc voila et merci http://www.cijoint.fr/cjlink.php?file=cj201108/cij1xtBN4V.txt
      0
  10. Utilisateur anonyme
     
    Bonjour

    Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    http://www.teamxscript.org/adremoverTelechargement.html

    ! Déconnecte toi et ferme toutes applications en cours !

    * Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.

    * Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    * Au menu principal choisis l'option "Nettoyer"
    et sur [entrée] .

    * Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparaît à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=

    @+
    0
    1. assya50 Messages postés 24 Statut Membre
       
      ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

      Mis à jour par TeamXscript le 12/04/11
      Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
      Site web: http://www.teamxscript.org

      C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 12:56:54 le 13/08/2011, Mode normal

      Microsoft Windows 7 Professionnel (X86)
      Collégien@ORDI-COLLÉGIEN (Hewlett-Packard HP ProBook 4710s)

      ============== ACTION(S) ==============

      Service: "Bandoo Coordinator" Stoppé et supprimé

      Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\SearchquWebSearch.xml
      Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar
      Fichier supprimé: C:\windows\system32\ConduitEngine.tmp
      Fichier supprimé: C:\windows\system32\Tasks\Scheduled Update for Ask Toolbar
      Dossier supprimé: C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
      Fichier supprimé: C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default\searchplugins\SearchquWebSearch.xml
      Dossier supprimé: C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\daj2lekb.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
      Dossier supprimé: C:\Users\sarah\AppData\Roaming\Mozilla\FireFox\Profiles\6oo432gs.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
      Dossier supprimé: C:\Program Files\Ask.com
      Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\AskToolbar
      Dossier supprimé: C:\Users\Collégien\AppData\Roaming\Bandoo
      Dossier supprimé: C:\Users\Invité\AppData\Roaming\Bandoo
      Dossier supprimé: C:\Users\sarah\AppData\Roaming\Bandoo
      Dossier supprimé: C:\ProgramData\Bandoo
      Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
      Dossier supprimé: C:\Program Files\Bandoo
      Dossier supprimé: C:\Users\Collégien\AppData\Local\Conduit
      Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\Conduit
      Dossier supprimé: C:\Program Files\Conduit
      Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\ConduitEngine
      Dossier supprimé: C:\Program Files\ConduitEngine
      Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\alot
      Dossier supprimé: C:\Program Files\alot
      Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\PriceGong
      Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\ShoppingReport2
      Dossier supprimé: C:\Users\Collégien\AppData\Roaming\EoRezo
      Dossier supprimé: C:\Users\Collégien\AppData\Local\EoRezo
      Dossier supprimé: C:\Program Files\EoRezo

      (!) -- Fichiers temporaires supprimés.


      -- Fichier ouvert: C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default\Prefs.js --
      Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/");
      Ligne supprimée: user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&systemid=101&q=");
      Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
      -- Fichier Fermé --


      Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
      Clé supprimée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
      Clé supprimée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
      Clé supprimée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
      Clé supprimée: HKLM\Software\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
      Clé supprimée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
      Clé supprimée: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
      Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
      Clé supprimée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
      Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
      Clé supprimée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
      Clé supprimée: HKLM\Software\Classes\CLSID\{438AA98E-5A69-4F8A-96FB-86DC97613119}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{438AA98E-5A69-4F8A-96FB-86DC97613119}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438AA98E-5A69-4F8A-96FB-86DC97613119}
      Clé supprimée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
      Clé supprimée: HKLM\Software\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
      Clé supprimée: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
      Clé supprimée: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
      Clé supprimée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
      Clé supprimée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
      Clé supprimée: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
      Clé supprimée: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
      Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
      Clé supprimée: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
      Clé supprimée: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
      Clé supprimée: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
      Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
      Clé supprimée: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
      Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
      Clé supprimée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
      Clé supprimée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
      Clé supprimée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
      Clé supprimée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
      Clé supprimée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
      Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
      Clé supprimée: HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
      Clé supprimée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
      Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
      Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
      Clé supprimée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
      Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
      Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
      Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
      Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
      Clé supprimée: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier
      Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1
      Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore
      Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1
      Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr
      Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
      Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr
      Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
      Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr
      Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
      Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin
      Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1
      Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl
      Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
      Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl
      Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
      Clé supprimée: HKLM\Software\Classes\Conduit.Engine
      Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
      Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
      Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
      Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
      Clé supprimée: HKLM\Software\Classes\Toolbar.CT2856415
      Clé supprimée: HKLM\Software\Classes\Toolbar.CT2866295
      Clé supprimée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE
      Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE
      Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
      Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
      Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
      Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
      Clé supprimée: HKLM\Software\AskToolbar
      Clé supprimée: HKLM\Software\bandoo
      Clé supprimée: HKLM\Software\Conduit
      Clé supprimée: HKLM\Software\conduitEngine
      Clé supprimée: HKLM\Software\DataMngr
      Clé supprimée: HKLM\Software\EoRezo
      Clé supprimée: HKLM\Software\SearchquMediabarTb
      Clé supprimée: HKCU\Software\Ask.com
      Clé supprimée: HKCU\Software\DataMngr
      Clé supprimée: HKCU\Software\EoRezo
      Clé supprimée: HKCU\Software\AppDataLow\Toolbar
      Clé supprimée: HKCU\Software\AppDataLow\Software\alot
      Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
      Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
      Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine
      Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
      Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2
      Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
      Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3B1A9A30-91BC-46C6-A138-FB11B101298A}
      Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
      Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
      Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6795114A-1CC4-462b-99E6-2C7B0FA69CDC}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A62A0A-6A9D-4233-B598-A57D20863FAF}
      Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
      Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 101 MediaBar
      Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

      Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|AgenceChromeBHO@eorezo.com
      Valeur supprimée: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com
      Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
      Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
      Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
      Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
      Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
      Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}


      ============== SCAN ADDITIONNEL ==============

      **** Mozilla Firefox Version [3.6 (fr)] ****

      Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

      -- C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default --
      Extensions\DefaultManager@Microsoft (Default Manager)
      Extensions\ffox@bandoo.com (Bandoo for Firefox)
      Extensions\ffxtlbr@babylon.com (Babylon)
      Extensions\ietab@ip.cn (IE Tab Plus)
      Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="https://www.mozilla.org/2004/em-rdf"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>http://www.facemoi.com/</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)
      Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} (?)
      Prefs.js - browser.search.defaultenginename, Web Search
      Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
      Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2
      Prefs.js - privacy.popups.showBrowserMessage, false
      Prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename,
      Prefs.js - sweetim.toolbar.previous.browser.search.defaulturl,
      Prefs.js - sweetim.toolbar.previous.browser.search.selectedEngine,
      Prefs.js - sweetim.toolbar.previous.browser.startup.homepage, mivolo.com
      Prefs.js - sweetim.toolbar.previous.keyword.URL, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
      Prefs.js - browser.search.selectedEngine, Web Search

      -- C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\daj2lekb.default --
      Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="https://www.mozilla.org/2004/em-rdf"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>http://www.facemoi.com/</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)
      Prefs.js - browser.startup.homepage_override.mstone, ingnore
      Prefs.js - browser.startup.homepage, mivolo.com

      -- C:\Users\sarah\AppData\Roaming\Mozilla\FireFox\Profiles\6oo432gs.default --
      Extensions\DefaultManager@Microsoft (Default Manager)
      Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="https://www.mozilla.org/2004/em-rdf"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>http://www.facemoi.com/</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)
      Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2

      ========================================

      **** Internet Explorer Version [8.0.7600.16385] ****

      HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
      HKCU_Main|Start Page - hxxp://fr.msn.com/
      HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
      HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
      HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKLM_Main|Start Page - hxxp://fr.msn.com/
      HKLM_URLSearchHooks|{22e03916-85c5-44b0-8dc9-1830c11238d9} - "Elf 1 Toolbar" (C:\Program Files\Elf_1\prxtbElf0.dll)
      HKLM_URLSearchHooks|{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - "Elf 1.15 Toolbar" (C:\Program Files\Elf_1.15\prxtbElf0.dll)
      HKCU_Toolbar\WebBrowser|{22E03916-85C5-44B0-8DC9-1830C11238D9} (C:\Program Files\Elf_1\prxtbElf0.dll)
      HKCU_Toolbar\WebBrowser|{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} (C:\Program Files\Elf_1.15\prxtbElf0.dll)
      HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
      HKLM_Toolbar|{22e03916-85c5-44b0-8dc9-1830c11238d9} (C:\Program Files\Elf_1\prxtbElf0.dll)
      HKLM_Toolbar|{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} (C:\Program Files\Elf_1.15\prxtbElf0.dll)
      HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
      HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
      HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\BabylonToolbarTlbr.dll)
      HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
      HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
      HKLM_ElevationPolicy\{2AF62C82-1658-462F-9BF2-D794BCD404EE} - C:\Users\Collégien\AppData\Local\Conduit\CT2856415\Elf_1AutoUpdateHelper.exe (x)
      HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
      HKLM_ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\BabylonToolbarsrv.exe (Babylon Ltd.)
      HKLM_ElevationPolicy\{8DA6DAB7-04CE-46D3-BAC7-49B6C576A2FC} - C:\Program Files\Elf_1.15\Elf_1.15ToolbarHelper.exe (?)
      HKLM_ElevationPolicy\{965848B3-8DA5-43F0-AD53-A5E314788CB4} - C:\Users\Collégien\AppData\Local\Conduit\CT2866295\Elf_1.15AutoUpdateHelper.exe (x)
      HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
      HKLM_ElevationPolicy\{AB01F93D-A3F5-46F6-9B36-F5EC02697AE9} - C:\PROGRA~1\WIA6EB~1\ToolBar\dtUser.exe (x)
      HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (x)
      HKLM_ElevationPolicy\{F3EE58B7-089C-46FE-9661-1C343B1AE775} - C:\Program Files\Elf_1\Elf_1ToolbarHelper1.exe (?)
      HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
      BHO\{22e03916-85c5-44b0-8dc9-1830c11238d9} - "Elf 1 Toolbar" (C:\Program Files\Elf_1\prxtbElf0.dll)
      BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "Babylon toolbar helper" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\bh\BabylonToolbar.dll)
      BHO\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - "Elf 1.15 Toolbar" (C:\Program Files\Elf_1.15\prxtbElf0.dll)
      BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
      BHO\{EEE6C35C-6118-11DC-9C72-001320C79847} (?)

      ========================================

      C:\Program Files\Ad-Remover\Quarantine: 3078 Fichier(s)
      C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

      C:\Ad-Report-CLEAN[1].txt - 13/08/2011 12:57:09 (25120 Octet(s))

      Fin à: 12:58:27, 13/08/2011

      ============== E.O.F ==============
      0
    2. assya50 Messages postés 24 Statut Membre
       
      merci mais tu n'a pas répondu à ma question a prpos de mes image et mes musique elles ont était supprimé comment les récupérer merci
      0
  11. Utilisateur anonyme
     
    Bonjour

    Relance RogueKiller et passe à l'option 6
    Poste moi son rapport;merci.

    @+
    ---------Contributeur Sécurité---------
    On a tous été un jour débutant dans quelque chose.
    Mais le savoir est la récompense de l'assiduité.
    0
  12. assya50 Messages postés 24 Statut Membre
     
    RogueKiller V5.3.1 [06/08/2011] par Tigzy
    contact sur https://www.luanagames.com/index.fr.html
    mail: tigzyRK<at>gmail<dot>com
    Remontees: https://www.luanagames.com/index.fr.html

    Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
    Demarrage : Mode normal
    Utilisateur: Collégien [Droits d'admin]
    Mode: Raccourcis RAZ -- Date : 14/08/2011 10:38:17

    Processus malicieux: 1
    [SUSP PATH] mediaget.exe -- c:\users\collégien\appdata\local\mediaget2\mediaget.exe -> KILLED [TermProc]

    Attributs de fichiers restaures:
    Bureau: Success 17 / Fail 0
    Lancement rapide: Success 55 / Fail 0
    Programmes: Success 77889 / Fail 0
    Menu demarrer: Success 94 / Fail 0
    Dossier utilisateur: Success 5165 / Fail 0
    Mes documents: Success 72 / Fail 0
    Mes favoris: Success 21 / Fail 0
    Mes images: Success 400 / Fail 0
    Ma musique: Success 52 / Fail 0
    Mes videos: Success 34 / Fail 0
    Disques locaux: Success 141254 / Fail 0
    Sauvegarde: [FOUND] Success 255 / Fail 1

    Lecteurs:
    [C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
    [D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
    [E:] \Device\HarddiskVolume4 -- 0x3 --> Restored
    [F:] \Device\CdRom0 -- 0x5 --> Skipped

    Termine : << RKreport[8].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
    RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt

    merci
    0
  13. Utilisateur anonyme
     
    Re

    As tu retrouvé tes fichiers?

    @+
    0
  14. assya50 Messages postés 24 Statut Membre
     
    oui merci beaucoup de t'on aide et du temps que tu à pris merci énormément
    0
  15. Utilisateur anonyme
     
    Re

    Met à jour ton Windows via Windows Update.

    @+

    0
  16. assya50 Messages postés 24 Statut Membre
     
    ok merci encore
    0
    1. Utilisateur anonyme
       
      Tiens moi au courant;
      Ce n'est pas fini
      0
    2. assya50 Messages postés 24 Statut Membre
       
      ok merci
      0