Sujet Précédent Sujet Suivant

Aider moi s'il vous plait j'ai un rogue

assya50 Messages postés 24 Statut Membre -
assya50 Messages postés 24 Statut Membre - 14 août 2011 à 11:21

Bonjour, j'ai un rogue j'ai télechargé roguekiller mais j'ai besoins d'aide merci d'avance

Afficher la suite

A voir également:

Aider moi s'il vous plait j'ai un rogue
Rogue killer - Télécharger - Antivirus & Antimalwares
Cette sedcard est actuellement pas actif. s'il vous plaît vérifier plus tard. - Forum Samsung
S'il te plait ne pars pas oh mon amour ✓ - Forum Musique / Radio / Clip
Adresse s'il vous plaît ✓ - Forum Mail
Une ou plusieurs erreurs sont présentes dans le formulaire. merci de rectifier votre saisie en vous aidant des aides disponibles. - Forum Facebook

15 réponses

Réponse 1 / 15

Utilisateur anonyme

Bonsoir

Quitter tous les programmes en cours
Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
Sinon lancer simplement RogueKiller.exe
Lorsque demandé, taper 2 et valider
Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
Si le programme a été bloqué, ne pas hésiter a essayé plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe

@+

Réponse 2 / 15

assya50 Messages postés 24 Statut Membre

merci mais je ne connais personne qui pourrai m'aider je peut te donner le contenu? merci d'avance

Réponse 3 / 15

Utilisateur anonyme

RE

C'est ce que je te propose ;de t'aider.
Envoie le contenu de ce rapport ,merci.

@+

assya50 Messages postés 24 Statut Membre

RogueKiller V5.2.8 [23/07/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Collégien [Droits d'admin]
Mode: Recherche -- Date : 27/07/2011 10:05:51

Processus malicieux: 0

Entrees de registre: 14
[SUSP PATH] HKCU\[...]\Run : fkKWBTbUqCLdXIF (C:\ProgramData\fkKWBTbUqCLdXIF.exe) -> FOUND
[ROGUE ProgFiles] HKLM\[...]\Run : eorezo ("C:\Program Files\EoRezo\eorezo.exe") -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2166575320-1284758574-954507884-1001[...]\Run : fkKWBTbUqCLdXIF (C:\ProgramData\fkKWBTbUqCLdXIF.exe) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKCU\[...]\ActiveDesktop : NoChangingWallPaper (1) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

Fichier HOSTS:

Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
merci

Utilisateur anonyme

Relance RogueKiller et passe à l'option suppression (2) et poste moi ce rapport ;merci.

@+

assya50 Messages postés 24 Statut Membre

RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Collégien [Droits d'admin]
Mode: Suppression -- Date : 09/08/2011 20:56:36

Processus malicieux: 0

Entrees de registre: 0

Fichier HOSTS:

Termine : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt

merci

Réponse 4 / 15

Utilisateur anonyme

Re

Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php

Bouton »Download free version »

* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/

* Potasse le tuto pour te familiariser avec le prg :

https://forum.pcastuces.com/sujet.asp?f=31&s=3

(cela dis, il est très simple d'utilisation).

relance Malwaresbytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)

Fais un examen dit "Complet"

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

@+

assya50 Messages postés 24 Statut Membre

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7425

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/08/2011 14:58:53
mbam-log-2011-08-10 (14-58-53).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|)
Elément(s) analysé(s): 502124
Temps écoulé: 1 heure(s), 7 minute(s), 53 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 39
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 30
Fichier(s) infecté(s): 47

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
c:\program files\eoRezo\eorezobho.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\EoEngineBHO.EOBHO.1 (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\EoEngineBHO.EOBHO (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoRezo_is1 (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419D-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\eoRezo (Rogue.Eorezo) -> Delete on reboot.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64} (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\scanquery (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Download (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software\itsTV (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software\itsTV\3.0.1.545 (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\eoRezo\eorezobho.dll (Rogue.Eorezo) -> Delete on reboot.
c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Local\Temp\is271270771\sweetimpack3405.exe (Trojan.Dropper.Pak) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\Users\collégien\Desktop\rk_quarantine\eorezo.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\Users\collégien\Desktop\rk_quarantine\fkkwbtbuqcldxif.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesahook.dll (Adware.HotBar.Gen) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\eoRezo\eorezo.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\scanquery\uninstall.exe (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\programdata\fkkwbtbuqcldxif.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\programdata\p1kalmig2kb7fz.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_hpk.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\eoRezo\confmedia.cyp (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\eoRezo\unins000.dat (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\eoRezo\unins000.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome.manifest (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\install.rdf (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome\scanquery.jar (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\engineuninstallhelper.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\help_config.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\user_config.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\AppData\Roaming\EoRezo\EoRezo\Software\itsTV\3.0.1.545\itstv.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\collégien\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Invité\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\sarah\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
merci

assya50 Messages postés 24 Statut Membre

j'ai aussi une petite question tous mes image musique et vidéo ont disparue c'est possible sue je les retrouvent? merci

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 15

Utilisateur anonyme

Bonsoir

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

Serveur N°2

Ou

http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.

Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.

Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »

Clique sur la loupe pour lancer l'analyse.

Laisse l'outil travailler, il peut être assez long.

Ferme ZHPDiag en fin d'analyse.

Pour transmettre le rapport clique sur ce lien :

http://www.cijoint.fr/index.php

http://pjjoint.malekal.com/

Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\ZHP \ZHPDiag).

Sélectionne le fichier ZHPDiag.txt.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Merci

A+

Réponse 6 / 15

assya50 Messages postés 24 Statut Membre

je suis désoler si je n'ai pas copier le lien je ne suis pas trés forte en informatique merci et aussi j'ai aussi une petite question tous mes image musique et vidéo ont disparue c'est possible que je les retrouvent? merci

Réponse 7 / 15

Utilisateur anonyme

Bonsoir

Il te suffit de lire et d'appliquer pour me poster ce rapport.

@+

assya50 Messages postés 24 Statut Membre

Rapport de ZHPDiag/MD5 v1.28.1322 par Nicolas Coolman, Update du 10/08/2011
Run by Collégien at 8/11/2011 12:51:46 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
MFIE: Mozilla Firefox v3.6 (fr)

---\\ Windows Product Information
Windows 7 Business Edition, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6P6GT
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2042.3 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 180 GB (83%) free of 216 GB

---\\ Logged in mode
~ Computer Name: ORDI-COLLÉGIEN
~ User Name: Collégien
~ All Users Names: sarah, HomeGroupUser$, Collégien, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Collégien\AppData\Roaming\
~ %Desktop% : C:\Users\Collégien\Desktop\
~ %Favorites% : C:\Users\Collégien\Favorites\
~ %LocalAppData% : C:\Users\Collégien\AppData\Local\
~ %StartMenu% : C:\Users\Collégien\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\windows\
~ %System% : C:\windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 180 Go of 216 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 15 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go)
F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn AMs

---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.8/11/2011 - 6:33:07 AM.) -- C:\windows\Explorer.exe [2614784]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.8/11/2011 - 2:14:31 AM.) -- C:\windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.8/11/2011 - 2:14:45 AM.) -- C:\windows\system32\Wininit.exe [96256]
[MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/11/2011 - 8:31:50 PM.) -- C:\windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.8/11/2011 - 7:17:59 AM.) -- C:\windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.8/11/2011 - 2:26:15 AM.) -- C:\windows\system32\drivers\atapi.sys [21584]
[MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.8/10/2011 - 6:44:01 AM.) -- C:\windows\system32\drivers\ntfs.sys [1210240]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.8/10/2011 - 2:16:15 AM.) -- C:\windows\system32\sppcomapi.dll [193024]
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.8/10/2011 - 5:18:36 AM.) -- C:\windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 00mn AMs

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 401/401 (Modified)
~ Mes musiques (My Musics) : 53/53 (Modified)
~ Mes Videos (My Videos) : 35/105
~ Mes Favoris (My Favorites) : 18/54
~ Mes Documents (My Documents) : 61/186
~ Mon Bureau (My Desktop) : 15/69
~ Menu demarrer (Programs) : 28/84
~ Scan Hidden Files in 00mn AMs

---\\ Processus lancés
[MD5.B210175A0B9247540F4D8D8102C86A31] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [288312] [PID.3788]
[MD5.F89C612B4BD55044D2780A078293563A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3796]
[MD5.DA4ED31DD43ABB0AF99888E236FFDB91] - (.Hewlett-Packard - HP Wireless Assistant Main Program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744] [PID.3824]
[MD5.27BECC2AF4E3ABF31B1E8214A7EFDD9E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512] [PID.3832]
[MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.3856]
[MD5.AE4EF9E48BF99CF1FB7336475C4244FB] - (.Pegtop Software - Menu Démarrer portable PStart.) -- C:\Ordinateur-collegiens\LANCEUR\PStart.exe [778760] [PID.3876]
[MD5.318270684C812E88FE63DC4C3021FC2B] - (.ALWIL Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2756488] [PID.3884]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.3920]
[MD5.F43B91D94A766B5D6C401FA69BCC8A1B] - (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe [1115536] [PID.3932]
[MD5.79A68515003E994D8632D1802C149430] - (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe [59392] [PID.3944]
[MD5.BB6F29A0F374D0BFC5DE0B5C633AA439] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [399312] [PID.3952]
[MD5.CCF2234A35077CA217A61C9CACC48198] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.924]
[MD5.D2661AF7E22AE40F7A49AF1155CC34D2] - (. Hewlett-Packard Development Company, L.P. - Volume related element.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [76344] [PID.1140]
[MD5.9CCA0C387F6E6A1D5CFEF82992DC601C] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4280]
[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.4696]
[MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [632888] [PID.4716]
[MD5.017B1CDDA13B2FBBD54232BA19C8C6A5] - (.Hewlett-Packard Development Company L.P. - hpCaslNotification.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe [311352] [PID.4832]
[MD5.0CA771F00AED8878DB6B9423B85D76B9] - (.Bandoo Media Inc. - Bandoo Core.) -- C:\PROGRA~1\Bandoo\BndCore.exe [1221520] [PID.5564]
[MD5.C337B8A121F62B330A01D1308AF3394F] - (.Microsoft Corporation - Windows Live Messenger Companion User Eleva.) -- C:\Program Files\Windows Live\Companion\companionuser.exe [54656] [PID.5856]
[MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\windows\system32\wuauclt.exe [47104] [PID.3308]
[MD5.00501883BC325205DF90E72263743361] - (.Igor Pavlov - 7-Zip File Manager.) -- C:\Program Files\7-Zip\7zFM.exe [388096] [PID.3124]
[MD5.BFF67166267E2FAE0589C3F992EAA1A5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664576] [PID.5324]
~ Scan Processes Running in 02mn AMs

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn AMs

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\v4v62qvi.default\prefs.js
M3 - MFPP: Plugins - [Collégien] -- C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\v4v62qvi.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\v4v62qvi.default\searchplugins\SearchquWebSearch.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchquWebSearch.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Collégien - v4v62qvi.default] http://www.searchnu.com/
M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\DefaultManager@Microsoft] [] Default Manager v3.0 (.Microsoft Corporation.)
M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\ffox@bandoo.com] [] Bandoo for Firefox v5.1 (.Microsoft Corporation.)
M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\ietab@ip.cn] [] IE Tab Plus v1.95.20100930 (.quaful@msn.com.)
M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\{04253f76-f258-4b03-7b4a-0bebad2ca3e9}] [] v (.FaceMoicemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a
M2 - MFEP: prefs.js [Collégien - v4v62qvi.default\{99079a25-328f-4bd4-be04-00955acaa0a7}] [] Searchqu Toolbar v4.1.0.01 (.Visicom Media Inc..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.2".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.448] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.3] - (...) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)
~ Scan Firefox Browser in 00mn AMs

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2166575320-1284758574-954507884-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Elf_1\prxtbElf0.dll
R3 - URLSearchHook: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Elf_1.15\prxtbElf0.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.12.3.17451) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ Scan IE Browser in 00mn AMs

---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn AMs

---\\ Browser Helper Objects de navigateur (O2)
[MD5.B3436EE055088B0EAB32C57BB98C6E61] - (.Vertro - alot.dll.) -- C:\Program Files\alot\bin\BHO\alotBHO.dll [895848] [PID.]
[MD5.E5EF96D01F3B696817DB909B732D9BB2] - (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [75200] [PID.]
[MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1\prxtbElf0.dll [175912] [PID.]
[MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngin0.dll [175912] [PID.]
[MD5.6BF01E200063D7274F3AF06D226671F5] - (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [439168] [PID.]
[MD5.AD14E447F7CED4CA987B91B379EAF952] - (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll [88976] [PID.]
[MD5.47BDBCE3E2D819B17AB9FA4539B9DF71] - (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll [393600] [PID.]
[MD5.0FA93D6DF5A8A27FF28AE778A713CB34] - (.Discordia, LTD - IEHelper.) -- C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll [722840] [PID.]
[MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15\prxtbElf0.dll [175912] [PID.]
[MD5.9344E83E306D4B6947D69D4A6EC99021] - (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll [1491920] [PID.]
[MD5.E7D55E121FF1951CB86C7E0DC6A33877] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll [42272] [PID.]
[MD5.5B5901544DE8C858A4AF8157E1CD6B21] - (.Bandoo Media Inc. - Bandoo IE Plugin.) -- C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2046864] [PID.]
~ Scan BHO in 00mn AMs

---\\ Internet Explorer Toolbars (O3)
[MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1\prxtbElf0.dll [175912] [PID.]
[MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\prxConduitEngin0.dll [175912] [PID.]
[MD5.B92293778555CE3DABE7F0A7E98B34C0] - (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15\prxtbElf0.dll [175912] [PID.]
[MD5.B3436EE055088B0EAB32C57BB98C6E61] - (.Vertro - alot.dll.) -- C:\Program Files\alot\bin\alot.dll [895848] [PID.]
[MD5.AD14E447F7CED4CA987B91B379EAF952] - (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll [88976] [PID.]
[MD5.9344E83E306D4B6947D69D4A6EC99021] - (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll [1491920] [PID.]
~ Scan Toolbar in 00mn AMs

---\\ Applications démarrées par registre & par dossier (O4)
~ Scan Application in 00mn AMs

---\\ Autres liens utilisateurs (O4)
[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.4696]
[MD5.4AF03A259247AD145764DC9C8732DCBE] - (.IN MEDIA KG - FotoWorks.) -- C:\Program Files\FotoWorksXL\FotoWorksXL.exe [5388920] [PID.]
[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [PID.4696]
[MD5.AE4EF9E48BF99CF1FB7336475C4244FB] - (.Pegtop Software - Menu Démarrer portable PStart.) -- C:\Ordinateur-collegiens\LANCEUR\PStart.exe [778760] [PID.3876]
[MD5.D41D8CD98F00B204E9800998ECF8427E] - (...) -- C:\Ordinateur-collegiens [0] [PID.]
[MD5.E496F7EE85868AA755061D243C3D1CA8] - (.Anthropics Technology Ltd. - Portrait Professional.) -- C:\Program Files\Portrait Professional 9 Trial\PortraitProfessionalTrial.exe [3904280] [PID.]
[MD5.16F860934DE254A0CFD3DC221AC576AD] - (.Enigma Software Group USA, LLC. - SpyHunter4 application.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [4706208] [PID.]
[MD5.53E1F6B34CCAAC575727872CCEFCAA62] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1017912] [PID.]
[MD5.D46D155212B5810B667330260A1FA93F] - (...) -- C:\Program Files\WhiteSmoke\WSEnrichment.exe [2174976] [PID.]
~ Scan Global Startup in 00mn AMs

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
[MD5.71C34AD100CCB6AEECE9EF1F0631EAC8] - (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [3989] [PID.]
[MD5.1D36C559FF6C1EFD2FC22518AF789056] - (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [1430] [PID.]
~ Scan IE Menu Contextuel in 00mn AMs

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
~ Scan IE Extra Buttons in 00mn AMs

---\\ Winsock hijacker (Layered Service Provider) (O10)
[MD5.045DB4EAB4FBD23210E85ECC3F464A2E] - (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll [51712] [PID.]
[MD5.11A41F17527ED75D6B758FDD7F4FD00D] - (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\windows\system32\mswsock.dll [232448] [PID.]
[MD5.5DF5D8CFD9B9573FA3B2C89D9061A240] - (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll [20992] [PID.]
[MD5.0B7E85364CB878E2AD531DB7B601A9E5] - (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de m.) -- C:\windows\system32\napinsp.dll [52224] [PID.]
[MD5.5CF640EDDB1E40A5AB1BB743BCDEC610] - (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll [65024] [PID.]
[MD5.5CF640EDDB1E40A5AB1BB743BCDEC610] - (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll [65024] [PID.]
[MD5.3A2BB97D54A2189C9900A735C0531B59] - (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll [35840] [PID.]
[MD5.9D4A1690AF93F233E15380398BEC7431] - (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provid.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] [PID.]
[MD5.9D4A1690AF93F233E15380398BEC7431] - (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provid.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] [PID.]
~ Scan Winsock in 00mn AMs

---\\ Protocole additionnel (O18)
[MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.BE21C5C05E5E8536F1385100CC8EAFA5] - (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll [2291712] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.B5400D93D472B565FF254DCD38B43C42] - (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\System32\itss.dll [142848] [PID.]
[MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
[MD5.C91C67FEA06BD90AAF2AA00BFC74A035] - (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll [65912] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
[MD5.C6595B078842E187C6587A285B43A565] - (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\windows\system32\inetcomm.dll [740864] [PID.]
[MD5.CA4D146EAC05EC4BA5FC4936F3369627] - (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll [1229824] [PID.]
[MD5.B5400D93D472B565FF254DCD38B43C42] - (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\System32\itss.dll [142848] [PID.]
[MD5.C91C67FEA06BD90AAF2AA00BFC74A035] - (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll [65912] [PID.]
[MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
[MD5.BE21C5C05E5E8536F1385100CC8EAFA5] - (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll [2291712] [PID.]
[MD5.1816D4CF1A7CBB72298AB120059226D4] - (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [5984256] [PID.]
[MD5.6D84295FAC747D51FA287BC17DA2C9EE] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll [741240] [PID.]
[MD5.DF07358FDA177F70DE329D627D838F95] - (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [42864] [PID.]
~ Scan Protocole Additionnel in 00mn AMs

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
[MD5.8C82112D833DDCDDB6C194F29672A667] - (.Discordia, LTD - Data Manager.) -- c:\progra~1\wia6eb~1\datamngr\datamngr.dll [727952] [PID.]
~ Scan AppInit DLL in 00mn AMs

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ Scan SSODL in 00mn AMs

---\\ Liste des services NT non Microsoft et non désactivés (O23)
[MD5.4DC6B0772D1698F04FC79053A21C8260] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\windows\system32\AEADISRV.exe [90112] [PID.]
[MD5.6416F9B6B220F0A890525C38235AFAD7] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336] [PID.]
[MD5.A236CEE2BF90381E981EBB870429FA9B] - (.AMD - AMD External Events Service Module.) -- C:\windows\system32\atiesrxx.exe [176128] [PID.]
[MD5.61D3B90C1600165110470502835FB646] - (.ALWIL Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384] [PID.]
[MD5.22836819B4EF868ED7A7583EB6641E4D] - (.Bandoo Media Inc. - Bandoo Coordinator.) -- C:\PROGRA~1\Bandoo\Bandoo.exe [1617296] [PID.]
[MD5.7D2DD14E60CE4FF3308D66FDA7990546] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [582944] [PID.]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.]
[MD5.BE78357FB49759B79CCC01894BCFDDDB] - (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520] [PID.]
[MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.]
[MD5.D1F817E61D52816996B8F1EBA9A38276] - (.Hewlett-Packard - HpService.) -- C:\windows\system32\Hpservice.exe [26168] [PID.]
[MD5.F54B3DB096ABD6E9BBBD052FD3878A48] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.]
[MD5.A1043645D16915DF12A6F2E049922A18] - (.Lexmark International, Inc. - LexBce Service.) -- C:\windows\System32\LEXBCES.exe [311296] [PID.]
[MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.80329CEE682A5BDEB92C34648BD43F5D] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416] [PID.]
[MD5.64A5F0040AEFF9814F04E16DCBAEBE60] - (.Enigma Software Group USA, LLC. - Service scanner interface.) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.exe [735648] [PID.]
~ Scan Services in 00mn AMs

---\\ Enumération Active Desktop & MHTML Editor (O24)
~ Scan Desktop Component in 00mn AMs

---\\ Tâches planifiées en automatique (O39)
[MD5.BB5E1A3FEDAA266CFBC535BA22E72599] - (...) -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1cc50e11c1eaf8.job [1054] [PID.]
[MD5.2744DABF8000B6FCB16EA3830DE35983] - (...) -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1cc50e12239466.job [1058] [PID.]
~ Scan Scheduled Task in 04mn AMs

---\\ Pilotes lancés au démarrage (O41)
~ Scan Drivers in 00mn AMs

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 7/22/2011 - 10:12:51 AM --HA- . (...) -- C:\windows\system32\DOErrors.log [52]
O44 - LFC:[MD5.D1206907A7AAE3EB87E060EDC8C686ED] - 7/22/2011 - 3:44:06 PM --HA- . (...) -- C:\windows\system32\Ikeext.etl [196608]
O44 - LFC:[MD5.431255922FCBACA7B8F1434D86691A2B] - 7/22/2011 - 4:05:53 PM --HA- . (...) -- C:\windows\system32\jupdate-1.6.0_26-b03.log [6887]
O44 - LFC:[MD5.0A899DA43C0C82A96E695F3BA6A5FC0D] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\deployJava1.dll [472808]
O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\java.exe [145184]
O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\javaw.exe [145184]
O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 7/22/2011 - 4:06:03 PM --HA- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\windows\system32\javaws.exe [157472]
O44 - LFC:[MD5.6B537FFD1943B57F62CD5FF8D175A95C] - 7/25/2011 - 10:05:45 AM --HA- . (...) -- C:\windows\wininit.ini [679]
O44 - LFC:[MD5.CF40BF286F062A455BBF6E3E55CB185A] - 7/25/2011 - 8:37:29 AM --HA- . (...) -- C:\windows\system32\FNTCACHE.DAT [470136]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 7/25/2011 - 9:46:54 AM --HA- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 8/10/2011 - 12:36:52 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbamswissarmy.sys [41272]
O44 - LFC:[MD5.5CAAA01EB5316028DE3B15BCAFEB831A] - 8/10/2011 - 2:00:33 PM --HA- . (...) -- C:\windows\PFRO.log [5240]
O44 - LFC:[MD5.9AD8FC6F912AC7F11DCD024031959ABF] - 8/11/2011 - 11:39:19 AM -S-A- . (...) -- C:\windows\bootstat.dat [67584]
O44 - LFC:[MD5.403176229D65E34C93C89FB6422666EC] - 8/11/2011 - 11:39:22 AM --HA- . (...) -- C:\windows\setupact.log [15618]
O44 - LFC:[MD5.57FEF7FB4812B0BC0C3C17B3D3A30273] - 8/11/2011 - 11:42:48 AM --HA- . (...) -- C:\windows\WindowsUpdate.log [1161601]
O44 - LFC:[MD5.C0E9F8FE474F7825F8AF21D9FE9C304F] - 8/11/2011 - 11:50:20 AM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
~ Scan Files in 02mn AMs

---\\ Contrôle du Safe Boot (CSB) (O49)
~ Scan CSB in 00mn AMs

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.080A40550FB95A328917512F3F5A0409] - 8/11/2011 - 2:01:14 PM --HA- . (.Ricoh co.,Ltd. - Ricoh USB Camera driver.) -- C:\windows\system32\drivers\5U876.sys [118656]
O58 - SDL:[MD5.4DF5E6215A102A192B2B6DBB61F2FBA5] - 8/11/2011 - 9:48:22 PM --HA- . (.Hewlett-Packard - HP Accelerometer.) -- C:\windows\system32\drivers\Accelerometer.sys [33848]
O58 - SDL:[MD5.6C61BCEB60C2C187E6F96001FD69493E] - 8/11/2011 - 10:32:58 PM --HA- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\windows\system32\drivers\ADIHdAud.sys [381440]
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\system32\drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 8/10/2011 - 2:26:17 AM --HA- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\system32\drivers\adpahci.sys [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\system32\drivers\adpu320.sys [146512]
O58 - SDL:[MD5.7E10E3BB9B258AD8A9300F91214D67B9] - 8/11/2011 - 11:13:48 PM --HA- . (.LSI Corp - SoftModem Device Driver.) -- C:\windows\system32\drivers\AGRSM.sys [1035776]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 8/10/2011 - 2:26:15 AM --HA- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\system32\drivers\aliide.sys [14400]
O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 8/10/2011 - 6:43:46 AM --HA- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\system32\drivers\amdsata.sys [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 8/10/2011 - 2:26:15 AM --HA- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\windows\system32\drivers\amdsbs.sys [159312]
O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 8/10/2011 - 6:43:46 AM --HA- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\system32\drivers\amdxata.sys [22400]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\system32\drivers\arc.sys [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 8/10/2011 - 2:26:15 AM --HA- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\system32\drivers\arcsas.sys [86608]
O58 - SDL:[MD5.A289930E70F3FA3B07DF80D2B052794E] - 8/11/2011 - 6:38:23 PM ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\windows\system32\drivers\aswFsBlk.sys [19024]
O58 - SDL:[MD5.1BA678226FCF8EA47793C99992E8EE31] - 8/11/2011 - 6:38:45 PM ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\windows\system32\drivers\aswMonFlt.sys [51792]
O58 - SDL:[MD5.CC40B9C301AF5D145713B2764EEC3907] - 8/11/2011 - 6:39:01 PM ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\windows\system32\drivers\aswRdr.sys [23376]
O58 - SDL:[MD5.67DB88B01FC1D815968230458814EB8D] - 8/11/2011 - 6:42:13 PM ---A- . (.ALWIL Software - avast! self protection module.) -- C:\windows\system32\drivers\aswSP.sys [162512]
O58 - SDL:[MD5.EC8EF1CE2D6CA1071BE8B7888FFA48C0] - 8/11/2011 - 6:42:34 PM ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\windows\system32\drivers\aswTdi.sys [46672]
O58 - SDL:[MD5.E2398389648B5D44DC63CA43FDD5B3F8] - 8/11/2011 - 11:48:00 AM --HA- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\windows\system32\drivers\AtiHdmi.sys [103440]
O58 - SDL:[MD5.A4252328D2B1520571102992EF0B0E5C] - 8/11/2011 - 9:25:40 PM --HA- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\windows\system32\drivers\atikmdag.sys [4994048]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 8/10/2011 - 11:02:49 PM --HA- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\windows\system32\drivers\b57nd60x.sys [229888]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 8/10/2011 - 11:53:28 PM --HA- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 8/10/2011 - 11:53:28 PM --HA- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 8/10/2011 - 1:57:25 AM --HA- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\windows\system32\drivers\BrSerId.sys [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 8/10/2011 - 11:53:32 PM --HA- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 8/10/2011 - 11:53:33 PM --HA- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 8/10/2011 - 11:53:33 PM --HA- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.D57D29132EFE13A83133D9BD449E0CF1] - 8/10/2011 - 9:46:14 PM --HA- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\windows\system32\drivers\btwaudio.sys [86056]
O58 - SDL:[MD5.D282C14A69357D0E1BAFAECC2CA98C3A] - 8/10/2011 - 9:46:12 PM --HA- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\windows\system32\drivers\btwavdt.sys [108072]
O58 - SDL:[MD5.AAFD7CB76BA61FBB08E302DA208C974A] - 8/10/2011 - 12:32:50 AM --HA- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\windows\system32\drivers\btwl2cap.sys [29472]
O58 - SDL:[MD5.02EB4D2B05967DF2D32F29C84AB1FB17] - 8/10/2011 - 9:46:04 PM --HA- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\windows\system32\drivers\btwrchid.sys [18344]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 8/10/2011 - 11:02:48 PM --HA- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\system32\drivers\bxvbdx.sys [430080]
O58 - SDL:[MD5.B025339FBC76547DB7D9633D83D0706D] - 8/10/2011 - 12:00:00 PM --HA- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\windows\system32\drivers\cdr4_xp.sys [9072]
O58 - SDL:[MD5.2EDE09C61866FAC671953576FE4CA3BC] - 8/10/2011 - 12:00:00 PM --HA- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\windows\system32\drivers\cdralw2k.sys [9200]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 8/10/2011 - 2:26:21 AM --HA- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\system32\drivers\cmdide.sys [15952]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 8/10/2011 - 2:20:28 AM --HA- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\system32\drivers\djsvs.sys [70720]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 8/10/2011 - 2:20:28 AM --HA- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\windows\system32\drivers\elxstor.sys [453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 8/10/2011 - 11:02:48 PM --HA- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\system32\drivers\evbdx.sys [3100160]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 8/10/2011 - 11:54:14 PM --HA- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\windows\system32\drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.E1D82F0C8456ABB03B7DF5D623CA47D1] - 8/10/2011 - 9:48:38 PM --HA- . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\windows\system32\drivers\hpdskflt.sys [25656]
O58 - SDL:[MD5.1210960FF8928950D2A786895B0C424A] - 8/11/2011 - 4:46:54 PM --HA- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\windows\system32\drivers\HpqKbFiltr.sys [15872]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 8/10/2011 - 2:20:28 AM --HA- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\windows\system32\drivers\HpSAMD.sys [67152]
O58 - SDL:[MD5.01446278D4563B3013C92830AE6CBB26] - 8/11/2011 - 2:17:26 PM --HA- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStor.sys [330264]
O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 8/10/2011 - 6:43:55 AM --HA- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStorV.sys [332160]
O58 - SDL:[MD5.AD626F6964F4D364D226C39E06872DD3] - 8/10/2011 - 10:19:30 PM --HA- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\system32\drivers\igdkmd32.sys [4756480]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 8/10/2011 - 2:20:36 AM --HA- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\system32\drivers\iirsp.sys [41040]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\system32\drivers\lsi_fc.sys [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 8/10/2011 - 2:20:37 AM --HA- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas.sys [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas2.sys [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\system32\drivers\lsi_scsi.sys [96848]
O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 8/10/2011 - 6:52:42 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbamswissarmy.sys [41272]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\windows\system32\drivers\megasas.sys [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 8/10/2011 - 2:20:36 AM --HA- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\system32\drivers\MegaSR.sys [235584]
O58 - SDL:[MD5.64B96DE8C492BD435372D9130A535F1D] - 8/10/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\windows\system32\drivers\mfeavfk.sys [79816]
O58 - SDL:[MD5.078E87A89D36CC3516F19D5FB518BDDC] - 8/10/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\windows\system32\drivers\mfebopk.sys [35272]
O58 - SDL:[MD5.168C565101FD5B9DB694EFDEC91FAFA9] - 8/11/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\windows\system32\drivers\mfehidk.sys [214024]
O58 - SDL:[MD5.E0842F67DC9BC4D21D1E319610EBE9E5] - 8/10/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\windows\system32\drivers\mferkdk.sys [34248]
O58 - SDL:[MD5.43A7ACBBD70ECD62F0B63486C72089A3] - 8/11/2011 - 2:15:14 AM --HA- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\windows\system32\drivers\mfetdik.sys [55336]
O58 - SDL:[MD5.D1F531B61CB35422D691E545DE60554C] - 8/10/2011 - 12:30:00 AM --HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\system32\drivers\NETw1v32.sys [5958656]
O58 - SDL:[MD5.5B2DFA9C5C02DDF2A113CC0F551B59DF] - 8/11/2011 - 3:36:40 PM --HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\system32\drivers\NETw5s32.sys [6755840]
O58 - SDL:[MD5.58218EC6B61B1169CF54AAB0D00F5FE2] - 8/10/2011 - 11:02:51 PM --HA- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\system32\drivers\netw5v32.sys [4231168]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 8/10/2011 - 2:20:44 AM --HA- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\system32\drivers\nfrd960.sys [44624]
O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 8/10/2011 - 6:44:01 AM --HA- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\system32\drivers\nvraid.sys [117120]
O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 8/10/2011 - 6:44:01 AM --HA- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\system32\drivers\nvstor.sys [143744]
O58 - SDL:[MD5.40FEDD328F98245AD201CF5F9F311724] - 8/10/2011 - 12:00:00 PM --HA- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\windows\system32\drivers\pxhelp20.sys [45200]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 8/10/2011 - 2:19:04 AM --HA- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\system32\drivers\ql2300.sys [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 8/10/2011 - 2:19:04 AM --HA- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\system32\drivers\ql40xx.sys [106064]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 8/11/2011 - 9:50:20 PM --HA- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 8/10/2011 - 2:19:04 AM --HA- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\system32\drivers\sisraid2.sys [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 8/10/2011 - 2:19:04 AM --HA- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\system32\drivers\sisraid4.sys [77888]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 8/10/2011 - 2:19:04 AM --HA- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\windows\system32\drivers\stexstor.sys [21072]
O58 - SDL:[MD5.1DE40024679CDE0E573465253519730E] - 8/11/2011 - 1:33:04 AM --HA- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\windows\system32\drivers\SynTP.sys [213680]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 8/10/2011 - 2:19:10 AM --HA- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\system32\drivers\viaide.sys [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 8/10/2011 - 2:19:11 AM --HA- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\system32\drivers\vsmraid.sys [141904]
O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 8/11/2011 - 9:22:00 AM --HA- . (...) -- C:\windows\system32\drivers\yk62x86.sys [315392]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 8/11/2011 - 10:40:41 PM ---A- . (...) -- C:\windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 8/11/2011 - 10:40:44 PM ---A- . (...) -- C:\windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 8/11/2011 - 10:40:40 PM ---A- . (...) -- C:\windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 8/11/2011 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 8/11/2011 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 8/11/2011 - 10:40:23 PM ---A- . (...) -- C:\windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 8/11/2011 - 10:40:31 PM ---A- . (...) -- C:\windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 8/11/2011 - 10:40:35 PM ---A- . (...) -- C:\windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 8/11/2011 - 10:40:39 PM ---A- . (...) -- C:\windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 8/11/2011 - 10:40:27 PM ---A- . (...) -- C:\windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 8/11/2011 - 10:40:11 PM ---A- . (...) -- C:\windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 8/11/2011 - 10:40:15 PM ---A- . (...) -- C:\windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 8/11/2011 - 10:40:17 PM ---A- . (...) -- C:\windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 8/11/2011 - 10:40:19 PM ---A- . (...) -- C:\windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 8/11/2011 - 10:40:13 PM ---A- . (...) -- C:\windows\system32\NTIO804.SYS [34672]
~ Scan Drivers in 01mn AMs

End of the scan (487 lhttp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txtines in 24mn AMs)(0)

Réponse 8 / 15

Utilisateur anonyme

Re

Ce rapport est incomplet;
pour me le transmettre clique sur ce lien :

http://www.cijoint.fr/index.php

http://pjjoint.malekal.com/

Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

@+

assya50 Messages postés 24 Statut Membre

merci il m'ont dit de copier ce lien à la personne qui vont aide donc voila et merci http://www.cijoint.fr/cjlink.php?file=cj201108/cij1xtBN4V.txt

Réponse 9 / 15

Utilisateur anonyme

Bonjour

Télécharge Ad-remover ( de C_XX ) sur ton bureau :

http://www.teamxscript.org/adremoverTelechargement.html

! Déconnecte toi et ferme toutes applications en cours !

* Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.

* Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

* Au menu principal choisis l'option "Nettoyer"
et sur [entrée] .

* Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparaît à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=

@+

assya50 Messages postés 24 Statut Membre

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 12:56:54 le 13/08/2011, Mode normal

Microsoft Windows 7 Professionnel (X86)
Collégien@ORDI-COLLÉGIEN (Hewlett-Packard HP ProBook 4710s)

============== ACTION(S) ==============

Service: "Bandoo Coordinator" Stoppé et supprimé

Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\SearchquWebSearch.xml
Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar
Fichier supprimé: C:\windows\system32\ConduitEngine.tmp
Fichier supprimé: C:\windows\system32\Tasks\Scheduled Update for Ask Toolbar
Dossier supprimé: C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Fichier supprimé: C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default\searchplugins\SearchquWebSearch.xml
Dossier supprimé: C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\daj2lekb.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Dossier supprimé: C:\Users\sarah\AppData\Roaming\Mozilla\FireFox\Profiles\6oo432gs.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Dossier supprimé: C:\Program Files\Ask.com
Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\AskToolbar
Dossier supprimé: C:\Users\Collégien\AppData\Roaming\Bandoo
Dossier supprimé: C:\Users\Invité\AppData\Roaming\Bandoo
Dossier supprimé: C:\Users\sarah\AppData\Roaming\Bandoo
Dossier supprimé: C:\ProgramData\Bandoo
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
Dossier supprimé: C:\Program Files\Bandoo
Dossier supprimé: C:\Users\Collégien\AppData\Local\Conduit
Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\ConduitEngine
Dossier supprimé: C:\Program Files\ConduitEngine
Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\alot
Dossier supprimé: C:\Program Files\alot
Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\PriceGong
Dossier supprimé: C:\Users\Collégien\AppData\LocalLow\ShoppingReport2
Dossier supprimé: C:\Users\Collégien\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Collégien\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files\EoRezo

(!) -- Fichiers temporaires supprimés.

-- Fichier ouvert: C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default\Prefs.js --
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/");
Ligne supprimée: user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&systemid=101&q=");
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
-- Fichier Fermé --

Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Clé supprimée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Clé supprimée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Clé supprimée: HKLM\Software\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Clé supprimée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Clé supprimée: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé supprimée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Clé supprimée: HKLM\Software\Classes\CLSID\{438AA98E-5A69-4F8A-96FB-86DC97613119}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{438AA98E-5A69-4F8A-96FB-86DC97613119}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438AA98E-5A69-4F8A-96FB-86DC97613119}
Clé supprimée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Clé supprimée: HKLM\Software\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
Clé supprimée: HKLM\Software\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
Clé supprimée: HKLM\Software\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
Clé supprimée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Clé supprimée: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Clé supprimée: HKLM\Software\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
Clé supprimée: HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Clé supprimée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Clé supprimée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Clé supprimée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Clé supprimée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Clé supprimée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé supprimée: HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé supprimée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé supprimée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé supprimée: HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Clé supprimée: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé supprimée: HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier
Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1
Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore
Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1
Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr
Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr
Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr
Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin
Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1
Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl
Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl
Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2856415
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2866295
Clé supprimée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE
Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé supprimée: HKLM\Software\AskToolbar
Clé supprimée: HKLM\Software\bandoo
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\DataMngr
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\SearchquMediabarTb
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\DataMngr
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\AppDataLow\Toolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\alot
Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2
Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3B1A9A30-91BC-46C6-A138-FB11B101298A}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6795114A-1CC4-462b-99E6-2C7B0FA69CDC}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A62A0A-6A9D-4233-B598-A57D20863FAF}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 101 MediaBar
Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|AgenceChromeBHO@eorezo.com
Valeur supprimée: HKCU\Software\Mozilla\Firefox\Extensions|ffox@bandoo.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6 (fr)] ****

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

-- C:\Users\Collégien\AppData\Roaming\Mozilla\FireFox\Profiles\v4v62qvi.default --
Extensions\DefaultManager@Microsoft (Default Manager)
Extensions\ffox@bandoo.com (Bandoo for Firefox)
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\ietab@ip.cn (IE Tab Plus)
Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="https://www.mozilla.org/2004/em-rdf"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>http://www.facemoi.com/</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)
Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} (?)
Prefs.js - browser.search.defaultenginename, Web Search
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2
Prefs.js - privacy.popups.showBrowserMessage, false
Prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename,
Prefs.js - sweetim.toolbar.previous.browser.search.defaulturl,
Prefs.js - sweetim.toolbar.previous.browser.search.selectedEngine,
Prefs.js - sweetim.toolbar.previous.browser.startup.homepage, mivolo.com
Prefs.js - sweetim.toolbar.previous.keyword.URL, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
Prefs.js - browser.search.selectedEngine, Web Search

-- C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\daj2lekb.default --
Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="https://www.mozilla.org/2004/em-rdf"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>http://www.facemoi.com/</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)
Prefs.js - browser.startup.homepage_override.mstone, ingnore
Prefs.js - browser.startup.homepage, mivolo.com

-- C:\Users\sarah\AppData\Roaming\Mozilla\FireFox\Profiles\6oo432gs.default --
Extensions\DefaultManager@Microsoft (Default Manager)
Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="https://www.mozilla.org/2004/em-rdf"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>http://www.facemoi.com/</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>http://www.facemoi.com</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_URLSearchHooks|{22e03916-85c5-44b0-8dc9-1830c11238d9} - "Elf 1 Toolbar" (C:\Program Files\Elf_1\prxtbElf0.dll)
HKLM_URLSearchHooks|{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - "Elf 1.15 Toolbar" (C:\Program Files\Elf_1.15\prxtbElf0.dll)
HKCU_Toolbar\WebBrowser|{22E03916-85C5-44B0-8DC9-1830C11238D9} (C:\Program Files\Elf_1\prxtbElf0.dll)
HKCU_Toolbar\WebBrowser|{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} (C:\Program Files\Elf_1.15\prxtbElf0.dll)
HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
HKLM_Toolbar|{22e03916-85c5-44b0-8dc9-1830c11238d9} (C:\Program Files\Elf_1\prxtbElf0.dll)
HKLM_Toolbar|{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} (C:\Program Files\Elf_1.15\prxtbElf0.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\BabylonToolbarTlbr.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{2AF62C82-1658-462F-9BF2-D794BCD404EE} - C:\Users\Collégien\AppData\Local\Conduit\CT2856415\Elf_1AutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\{8DA6DAB7-04CE-46D3-BAC7-49B6C576A2FC} - C:\Program Files\Elf_1.15\Elf_1.15ToolbarHelper.exe (?)
HKLM_ElevationPolicy\{965848B3-8DA5-43F0-AD53-A5E314788CB4} - C:\Users\Collégien\AppData\Local\Conduit\CT2866295\Elf_1.15AutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{AB01F93D-A3F5-46F6-9B36-F5EC02697AE9} - C:\PROGRA~1\WIA6EB~1\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (x)
HKLM_ElevationPolicy\{F3EE58B7-089C-46FE-9661-1C343B1AE775} - C:\Program Files\Elf_1\Elf_1ToolbarHelper1.exe (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{22e03916-85c5-44b0-8dc9-1830c11238d9} - "Elf 1 Toolbar" (C:\Program Files\Elf_1\prxtbElf0.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "Babylon toolbar helper" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\bh\BabylonToolbar.dll)
BHO\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - "Elf 1.15 Toolbar" (C:\Program Files\Elf_1.15\prxtbElf0.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
BHO\{EEE6C35C-6118-11DC-9C72-001320C79847} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 3078 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 13/08/2011 12:57:09 (25120 Octet(s))

Fin à: 12:58:27, 13/08/2011

============== E.O.F ==============

assya50 Messages postés 24 Statut Membre

merci mais tu n'a pas répondu à ma question a prpos de mes image et mes musique elles ont était supprimé comment les récupérer merci

Réponse 10 / 15

Utilisateur anonyme

Bonjour

Relance RogueKiller et passe à l'option 6
Poste moi son rapport;merci.

@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

Réponse 11 / 15

assya50 Messages postés 24 Statut Membre

RogueKiller V5.3.1 [06/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Collégien [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/08/2011 10:38:17

Processus malicieux: 1
[SUSP PATH] mediaget.exe -- c:\users\collégien\appdata\local\mediaget2\mediaget.exe -> KILLED [TermProc]

Attributs de fichiers restaures:
Bureau: Success 17 / Fail 0
Lancement rapide: Success 55 / Fail 0
Programmes: Success 77889 / Fail 0
Menu demarrer: Success 94 / Fail 0
Dossier utilisateur: Success 5165 / Fail 0
Mes documents: Success 72 / Fail 0
Mes favoris: Success 21 / Fail 0
Mes images: Success 400 / Fail 0
Ma musique: Success 52 / Fail 0
Mes videos: Success 34 / Fail 0
Disques locaux: Success 141254 / Fail 0
Sauvegarde: [FOUND] Success 255 / Fail 1

Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[F:] \Device\CdRom0 -- 0x5 --> Skipped

Termine : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt

merci

Réponse 12 / 15

Utilisateur anonyme

Re

As tu retrouvé tes fichiers?

@+

Réponse 13 / 15

assya50 Messages postés 24 Statut Membre

oui merci beaucoup de t'on aide et du temps que tu à pris merci énormément

Réponse 14 / 15

Utilisateur anonyme

Re

Met à jour ton Windows via Windows Update.

@+

Réponse 15 / 15

assya50 Messages postés 24 Statut Membre

ok merci encore

Utilisateur anonyme

Tiens moi au courant;
Ce n'est pas fini

assya50 Messages postés 24 Statut Membre

ok merci

Discussions similaires

Bonjour, S'il vous plaît je travaille actuellement sur la norme EBIOS, quelqu'u

Y a t-il une âme charitable pour m'aider ??

j'ai oublier mon adresse email !! Comment faire ??

comment pouvez vous m'aide s'il vous plait. Urgent

Forum Virus

Trouvez des solutions pour détecter et éliminer les menaces, des astuces pour prévenir les infections, et discutez des dernières menaces en ligne

Newsletters

Newsletters

Actu du jour

Voir un exemple