Sujet Précédent Sujet Suivant

Probleme virus rapport otl

Résolu/Fermé
luccmat Messages postés 1 Date d'inscription mardi 25 juin 2013 Statut Membre Dernière intervention 25 juin 2013 - 25 juin 2013 à 21:29
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 6 juil. 2013 à 21:45
bonsoir

j'ai besoin d'aide si vous pouvez m'aider
merci
voici rapport otl

OTL logfile created on: 24/06/2013 20:44:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\taliss\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 61,38% Memory free
7,71 Gb Paging File | 5,78 Gb Available in Paging File | 74,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,50 Gb Total Space | 220,59 Gb Free Space | 76,73% Space Free | Partition Type: NTFS

Computer Name: TALISS2 | User Name: taliss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/06/24 20:37:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\taliss\Desktop\OTL.exe
PRC - [2013/06/07 22:55:30 | 000,047,896 | ---- | M] (WebCake LLC) -- C:\Users\taliss\AppData\Roaming\WebCake\WebCakeDesktop.exe
PRC - [2013/06/07 22:55:30 | 000,023,552 | ---- | M] (WebCake LLC) -- C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/08 18:53:20 | 000,812,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/12 07:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/12/14 22:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/14 22:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/01 23:03:52 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2009/12/01 23:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009/11/21 01:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/09/14 20:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/09/14 19:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/08/26 20:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2009/08/25 23:28:27 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe
PRC - [2009/08/25 22:56:24 | 000,725,744 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Launcher.exe
PRC - [2009/08/25 22:55:52 | 001,368,064 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\Deskboard.exe
PRC - [2009/08/25 22:43:50 | 000,540,672 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Orange\IEWInternet\Connectivity\Corecom\CoreCom.exe
PRC - [2009/08/25 22:40:14 | 001,110,016 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Orange\IEWInternet\Phonetools\TextMessaging.exe
PRC - [2009/08/25 22:36:50 | 001,007,616 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Orange\IEWInternet\Connectivity\ConnectivityManager.exe
PRC - [2009/08/25 22:34:02 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2009/08/25 22:11:52 | 000,245,760 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Orange\IEWInternet\Systray\SystrayApp.exe
PRC - [2009/08/25 22:06:20 | 000,077,824 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009/08/25 21:59:28 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008/09/18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/03/18 20:01:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/03/18 20:01:33 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/18 20:01:09 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/18 20:01:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/03/18 20:01:04 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/18 20:00:56 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/10/05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010/11/13 01:52:13 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 04:00:03 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll
MOD - [2009/08/27 15:17:36 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Systray\IHMSystray.dll
MOD - [2009/08/27 15:17:24 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Plugins\IHMPluginLnhPOPLocator.dll
MOD - [2009/08/27 15:17:18 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Phonetools\IHMTextMessaging.dll
MOD - [2009/08/27 15:16:58 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Plugins\IHMPluginLnhHotspotLocator.dll
MOD - [2009/08/27 15:16:36 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\IHMPluginSrvOraSettings.dll
MOD - [2009/08/27 15:16:30 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\IHMPluginSrvSettings.dll
MOD - [2009/08/27 15:16:18 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\IHMPluginSrvOraHeader.dll
MOD - [2009/08/27 15:16:12 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\IHMDeskboard.dll
MOD - [2009/08/27 15:16:06 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Plugins\IHMPluginLnhConnectivitySettings.dll
MOD - [2009/08/25 22:37:58 | 000,548,864 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Plugins\PluginLnhHotspotLocator.dll
MOD - [2009/08/25 22:17:58 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Plugins\PluginLnhPromptManager2.dll
MOD - [2009/08/25 22:13:58 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\WatchClient.dll
MOD - [2009/03/06 12:29:48 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Sqlite3.dll
MOD - [2009/03/06 12:29:48 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\Orange\IEWInternet\Connectivity\Sqlite3.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2012/01/13 11:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:[b]64bit:[/b] - [2010/01/27 22:10:56 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009/11/30 20:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:[b]64bit:[/b] - [2009/11/25 20:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:[b]64bit:[/b] - [2009/09/17 00:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:[b]64bit:[/b] - [2009/09/16 14:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:[b]64bit:[/b] - [2009/09/08 19:09:20 | 000,110,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:[b]64bit:[/b] - [2009/09/04 23:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009/09/01 22:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/14 22:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/14 22:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/12/01 23:03:52 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/11/21 01:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/10/15 17:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/10/15 17:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/10/15 17:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/10/15 17:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/10/15 17:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/09/28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/14 20:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/09/14 20:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/09/14 19:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/08/31 02:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/31 02:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/08/25 22:06:20 | 000,077,824 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/01/27 22:10:59 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/12/16 22:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2009/12/16 22:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/12/16 04:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009/12/14 22:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/11/21 01:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009/11/18 06:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009/11/18 06:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009/11/13 22:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/11/12 22:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/11/12 22:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/11/06 22:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:[b]64bit:[/b] - [2009/11/04 11:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2009/09/15 22:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:[b]64bit:[/b] - [2009/08/19 22:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/15 13:45:35 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2009/06/15 13:45:35 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/26 15:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:[b]64bit:[/b] - [2009/05/20 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\..\SearchScopes\{7DA22E55-2DD6-4EE1-B288-F8A9E8C5D375}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN52164759443922465
IE - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/15 18:21:09 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Hola Search (Enabled)
CHR - default_search_provider: search_url = http://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A4DE7EDD08CEB723&affID=121962&tsp=4921
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: https://www.google.fr/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - Extension: WebCake = C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: Deezer = C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.2_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll (WebCake LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:[/b] - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files (x86)\Orange\IEWInternet\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2342576900-4213637030-3780314527-1000..\Run: [WebCake Desktop] C:\Users\taliss\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DB63988-98C6-4312-8B36-AA4B2FAA958F}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BC6280F-2EDF-4322-8850-9B49D6D2B169}: NameServer = 192.168.10.110
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/06/24 19:05:25 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f51734f4-72d4-11e2-8934-544249098331}\Shell - "" = AutoRun
O33 - MountPoints2\{f51734f4-72d4-11e2-8934-544249098331}\Shell\AutoRun\command - "" = G:\AutoRunCardDetector.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/06/24 20:37:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\taliss\Desktop\OTL.exe
[2013/06/24 20:14:07 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\Systweak
[2013/06/24 19:31:22 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\WebCake
[2013/06/24 19:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebCake
[2013/06/24 19:31:16 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Local\Software
[2013/06/24 19:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/06/24 19:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/06/24 16:11:35 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\Codec Package Packages
[2013/06/24 16:09:24 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\DSite
[2013/06/24 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\taliss\Desktop\yodelice_data
[2013/06/24 13:22:47 | 000,000,000 | ---D | C] -- C:\Users\taliss\Desktop\ANNIF cyndi
[2013/06/23 18:44:36 | 000,000,000 | ---D | C] -- C:\Users\taliss\Desktop\trier01
[2013/06/22 14:20:36 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\PerformerSoft
[2013/06/22 14:20:35 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013/06/22 14:20:31 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\File Scout
[2013/06/22 14:20:01 | 000,000,000 | ---D | C] -- C:\Users\taliss\AppData\Roaming\Audacity
[2013/06/22 14:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/06/09 09:52:56 | 000,000,000 | ---D | C] -- C:\Users\taliss\Desktop\100NIKON
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/06/24 20:40:30 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/24 20:40:30 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/24 20:37:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\taliss\Desktop\OTL.exe
[2013/06/24 20:32:48 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/24 20:32:45 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/06/24 20:32:40 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Cool Lyrics Update.job
[2013/06/24 20:32:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/24 20:32:23 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/24 20:22:36 | 000,001,664 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2013/06/24 20:07:08 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/24 19:31:14 | 000,581,957 | ---- | M] () -- C:\Users\taliss\Desktop\AdwCleaner_1.606_En.exe
[2013/06/24 19:09:22 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/06/24 19:09:21 | 000,000,005 | ---- | M] () -- C:\Users\taliss\AppData\Roaming\WBPU-TTL.DAT
[2013/06/24 19:05:25 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/06/24 18:45:12 | 000,000,954 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/06/24 16:33:07 | 219,418,668 | ---- | M] () -- C:\Users\taliss\Desktop\yodelice suite.wav
[2013/06/24 16:08:49 | 000,001,099 | ---- | M] () -- C:\Users\taliss\Desktop\Continue Codec Package Installation.lnk
[2013/06/24 13:01:15 | 001,661,710 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/24 13:01:15 | 000,745,306 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/06/24 13:01:15 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/24 13:01:15 | 000,148,792 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/06/24 13:01:15 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/22 14:19:53 | 000,001,011 | ---- | M] () -- C:\Users\taliss\Desktop\Audacity.lnk
[2013/06/21 21:11:18 | 000,001,162 | ---- | M] () -- C:\Users\taliss\Documents\Document.rtf
[2013/06/17 11:02:27 | 000,003,479 | ---- | M] () -- C:\Users\taliss\Desktop\EPSON Scan - Raccourci.lnk
[2013/06/15 19:53:28 | 000,704,211 | ---- | M] () -- C:\test.xml
[2013/06/08 18:15:41 | 000,009,072 | ---- | M] () -- C:\Users\taliss\Desktop\Merc@net_8187BFF08584FCAC83.htm
[2013/05/31 11:36:58 | 000,003,764 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2013/05/27 16:01:34 | 000,020,312 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/06/24 20:18:37 | 000,001,664 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2013/06/24 19:31:14 | 000,581,957 | ---- | C] () -- C:\Users\taliss\Desktop\AdwCleaner_1.606_En.exe
[2013/06/24 19:31:12 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\Cool Lyrics Update.job
[2013/06/24 19:09:21 | 000,000,005 | ---- | C] () -- C:\Users\taliss\AppData\Roaming\WBPU-TTL.DAT
[2013/06/24 19:05:25 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/06/24 16:32:55 | 219,418,668 | ---- | C] () -- C:\Users\taliss\Desktop\yodelice suite.wav
[2013/06/24 16:12:39 | 000,000,954 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/06/24 16:09:25 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013/06/24 16:08:49 | 000,001,099 | ---- | C] () -- C:\Users\taliss\Desktop\Continue Codec Package Installation.lnk
[2013/06/22 14:19:53 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/06/22 14:19:53 | 000,001,011 | ---- | C] () -- C:\Users\taliss\Desktop\Audacity.lnk
[2013/06/21 21:11:18 | 000,001,162 | ---- | C] () -- C:\Users\taliss\Documents\Document.rtf
[2013/06/17 11:02:27 | 000,003,479 | ---- | C] () -- C:\Users\taliss\Desktop\EPSON Scan - Raccourci.lnk
[2013/06/08 18:15:41 | 000,009,072 | ---- | C] () -- C:\Users\taliss\Desktop\Merc@net_8187BFF08584FCAC83.htm
[2013/02/11 18:26:33 | 000,000,254 | ---- | C] () -- C:\Users\taliss\AppData\Roaming\wklnhst.dat
[2013/02/11 11:48:44 | 000,018,432 | ---- | C] () -- C:\Users\taliss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/10 12:41:16 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\863115C7AA.sys
[2013/02/10 12:41:15 | 000,003,764 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2013/02/09 22:48:49 | 000,001,644 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/02/09 22:48:49 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/02/09 19:26:30 | 001,639,528 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/09 18:52:41 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2013/02/09 17:53:11 | 000,002,119 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/02/10 12:29:50 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Ableton
[2013/06/24 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Audacity
[2013/06/15 20:16:53 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Auslogics
[2013/06/24 16:11:35 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Codec Package Packages
[2013/02/11 18:53:05 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Daichi
[2013/06/24 16:09:24 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\DSite
[2013/02/11 12:35:52 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Epson
[2013/06/22 14:20:32 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\File Scout
[2013/06/23 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\GlarySoft
[2013/06/23 19:07:27 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\PerformerSoft
[2013/02/26 19:53:53 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\PhotoFiltre 7
[2013/03/23 19:10:09 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\player
[2013/06/24 20:25:41 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Systweak
[2013/02/11 18:26:41 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\Template
[2013/06/24 19:31:26 | 000,000,000 | ---D | M] -- C:\Users\taliss\AppData\Roaming\WebCake

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

22 réponses

  • 1
  • 2
Réponse 1 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
25 juin 2013 à 22:22
Bonjour,

--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Suppression" et poste le rapport.
0
Réponse 2 / 22
luccmat
30 juin 2013 à 20:07
bonjour

j'ai fait ce que vous m'avait dit mais je vois rien de bizzare
merci de votre aide j'en ai marre de toute c pub.

AdwCleaner v1.606 - Rapport créé le 30/06/2013 à 20:01:03
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : taliss - TALISS2
# Exécuté depuis : C:\Users\taliss\Desktop\AdwCleaner_1.606_En.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****


***** [Registre - GUID] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v [Impossible d'obtenir la version]

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [4646 octets] - [15/05/2013 18:52:39]
AdwCleaner[R1].txt - [11548 octets] - [24/06/2013 19:31:26]
AdwCleaner[S2].txt - [377 octets] - [24/06/2013 19:31:38]
AdwCleaner[S3].txt - [10861 octets] - [24/06/2013 19:36:18]
AdwCleaner[S4].txt - [1269 octets] - [24/06/2013 20:31:38]
AdwCleaner[S5].txt - [1160 octets] - [30/06/2013 20:01:03]

########## EOF - C:\AdwCleaner[S5].txt - [1288 octets] ##########
0
Réponse 3 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 20:08
"AdwCleaner v1.606"

--> Recommence avec la nouvelle version :
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
0
Réponse 4 / 22
luccmat
30 juin 2013 à 20:19
up up voila la suite
merci de votre aide

AdwCleaner v2.303 - Rapport créé le 30/06/2013 à 20:15:10
# Mis à jour le 08/06/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : taliss - TALISS2
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\taliss\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TR10KPHN\adwcleaner.exe
# Option [Suppression]


***** [Services] *****

Arrêté & Supprimé : WebCake Desktop Updater

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Dossier Supprimé : C:\Users\taliss\AppData\Roaming\DSite
Dossier Supprimé : C:\Users\taliss\AppData\Roaming\file scout
Dossier Supprimé : C:\Users\taliss\AppData\Roaming\PerformerSoft
Dossier Supprimé : C:\Users\taliss\AppData\Roaming\WebCake
Fichier Supprimé : C:\Windows\Tasks\DSite.job

***** [Registre] *****

Clé Supprimée : HKCU\Software\Alexa Internet
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Clé Supprimée : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Clé Supprimée : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Clé Supprimée : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Clé Supprimée : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Clé Supprimée : HKLM\Software\DeviceVM
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\a28a8ce539ec47
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée [l.30] : icon_url = "hxxp://www.holasearch.com/favicon.ico",
Supprimée [l.33] : keyword = "holasearch.com",
Supprimée [l.37] : search_url = "hxxp://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A4DE7EDD08CEB723[...]
Supprimée [l.2554] : urls_to_restore_on_startup = [ "hxxp://www.holasearch.com/?babsrc=HP_ss&mntrId=A4DE7EDD08CEB7[...]

*************************

AdwCleaner[R1].txt - [11548 octets] - [24/06/2013 19:31:26]
AdwCleaner[R2].txt - [1347 octets] - [30/06/2013 20:11:20]
AdwCleaner[S1].txt - [4646 octets] - [15/05/2013 18:52:39]
AdwCleaner[S2].txt - [377 octets] - [24/06/2013 19:31:38]
AdwCleaner[S3].txt - [10861 octets] - [24/06/2013 19:36:18]
AdwCleaner[S4].txt - [1269 octets] - [24/06/2013 20:31:38]
AdwCleaner[S5].txt - [1289 octets] - [30/06/2013 20:01:03]
AdwCleaner[S6].txt - [4704 octets] - [30/06/2013 20:15:10]

########## EOF - C:\AdwCleaner[S6].txt - [4764 octets] ##########
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 20:23
--> Relance AdwCleaner et choisis "Désinstaller".

--> Je voudrais un nouveau rapport OTL (donne le rapport Extras également).
0
Réponse 6 / 22
luccmat
30 juin 2013 à 20:42
encore la suite

j'ai"Désinstaller adw
puis re telecharcher
lancer supression et voici ce que ca dit

# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\taliss\Desktop\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

***** [Registre] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\taliss\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [1036 octets] - [30/06/2013 20:34:58]
AdwCleaner[S1].txt - [972 octets] - [30/06/2013 20:35:50]

########## EOF - C:\AdwCleaner[S1].txt - [1031 octets] ##########
0
Réponse 7 / 22
luccmat
30 juin 2013 à 20:43
il a pas de fichier extra

j'ai fait plein de manip un peu au hazar.
j'ai plus google crome
merci
0
Réponse 8 / 22
luccmat
30 juin 2013 à 20:50
je voudrai suprimer
big.com quand je suis sur le net ca devient mon moteur de recherche.
merci
0
Réponse 9 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 20:57
--> Télécharge ZHPDiag (de Nicolas Coolman).

--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (laisse "Créer une icône sur le Bureau" coché).

--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.

--> Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.

--> Une fois le scan terminé, un rapport est créé sur le Bureau.

--> Utilise le site http://pjjoint.malekal.com/ pour me transmettre le rapport ZHPDiag car il est plutôt long. Copie-colle le lien donné par le site dans ton prochain message.
0
Réponse 10 / 22
luccmat
30 juin 2013 à 21:19
merci encore mais j arrive pas a telecharger ZHPDiag
je comprend pas pourquoi.
je clique sur telechargement ça marche pas.
sa veux m'installer une barre d outil
0
Réponse 11 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 21:23
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
0
Réponse 12 / 22
luccmat
30 juin 2013 à 21:30
ok c bon le dianostique est en cour
merci
0
Réponse 13 / 22
luccmat
30 juin 2013 à 21:35
et voila le résultat

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130630_x9l613z14u10

merci
0
Réponse 14 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 21:49
--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").


SysRestore
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] WebCake v.1.0.3 (Désactivé)
O4 - GS\Desktop: Continue Codec Package Installation.lnk . (...) -- C:\Users\taliss\AppData\Local\Temp\ICReinstall_CodecPackage (1).exe
O23 - Service: Service Software Update (Software_update (Software_update) . (...) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Cool Lyrics Update.job [402]
[MD5.00000000000000000000000000000000] [APT] [4837] (...) -- C:\Users\taliss\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Cool Lyrics Update] (...) -- C:\Program Files (x86)\CoolLyrics\CoolLyricsUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\taliss\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Express FilesUpdate] (...) -- C:\Program Files (x86)\ExpressFiles\EFUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{823E9B2B-FAE7-4F0A-BB55-4AB8563D393E}] (...) -- C:\Program Files (x86)\Tuguu SL\FlashPlayer\Uninstall.exe (.not file.) [0]
[HKCU\Software\AppDataLow\Software\CoolLyrics]
[HKCU\Software\AppDataLow\Software\Smartbar]
O44 - LFC:[MD5.783559CCEA5B069E92F4842359CD4688] - 22/06/2013 - 13:20:35 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\SysNative\roboot64.exe [20312]
O44 - LFC:[MD5.783559CCEA5B069E92F4842359CD4688] - 22/06/2013 - 13:20:35 RSHAD . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot64.exe [20312]
SS - | Auto 0 | (Software_update) . (...) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
SS - | Demand 0 | (Software_update_m) . (...) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
C:\Users\taliss\AppData\Local\Software
C:\Program Files (x86)\Software
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}]
EmptyFlash
EmptyTemp


--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.

--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.

--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.

--> Une fois terminé, copie-colle le rapport dans ton prochain message.
0
Réponse 15 / 22
luccmat
30 juin 2013 à 21:55
voila le resultat

Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-30-06-2013-21-54-21.txt
Run by taliss at 30/06/2013 21:54:19
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Clé(s) du Registre ==========
ABSENT Key: Service: Software_update (Software_update
SUPPRIME Key: HKCU\Software\AppDataLow\Software\CoolLyrics
SUPPRIME Key: HKCU\Software\AppDataLow\Software\Smartbar
SUPPRIME Key: Service: Software_update
SUPPRIME Key: Service: Software_update_m
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}

========== Préférences navigateur ==========
ABSENT Folder Chrome: fjoijdanhaiflhibkljeklcghcmmfffh

========== Dossier(s) ==========
SUPPRIME Folder: c:\users\taliss\appdata\local\software
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Fichier(s) ==========
SUPPRIME File: c:\users\taliss\desktop\continue codec package installation.lnk
SUPPRIME File: c:\users\taliss\appdata\local\temp\icreinstall_codecpackage (1).exe
ABSENT File: c:\program files (x86)\software\update\softwareupdate.exe
SUPPRIME File: c:\windows\tasks\cool lyrics update.job
SUPPRIME File: c:\windows\sysnative\roboot64.exe
ABSENT File: c:\windows\system32\roboot64.exe
ABSENT Folder/File: c:\program files (x86)\software
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Tache planifiée ==========
SUPPRIME Task: 4837
SUPPRIME Task: Cool Lyrics Update
SUPPRIME Task: DealPly
SUPPRIME Task: Express FilesUpdate
SUPPRIME Task: {823E9B2B-FAE7-4F0A-BB55-4AB8563D393E}

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
12 : Clé(s) du Registre
3 : Dossier(s)
9 : Fichier(s)
1 : Préférences navigateur
5 : Tache planifiée
1 : Restauration Système


End of clean in 00mn 36s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 30/06/2013 21:54:21 [2853]
0
Réponse 16 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 22:00
Je voudrais un nouveau rapport ZHPDiag.

Il reste quel(s) souci(s) ?
0
Réponse 17 / 22
luccmat
30 juin 2013 à 22:13
merci de votre aide
voici le nouveau rapport

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130630_z13y6y5m11c12

pour les soucis je verai demain.
je vous tien au jue encore merci.
vous me dite si je soit repasser zhp zip.
bonne soirée
0
Réponse 18 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
30 juin 2013 à 23:13
A demain, bonne soirée.
0
Réponse 19 / 22
luccmat
2 juil. 2013 à 21:06
merci le pc a l 'air de bien marcher
0
Réponse 20 / 22
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
2 juil. 2013 à 23:09
Pour Google Chrome :
http://www.google.fr/intl/fr/chrome/browser/

Puis fais ceci :


1/

---> Télécharge et installe CCleaner.
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers temporaires de Windows datant de plus de 24 heures.
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


2/

---> Télécharge DelFix sur ton Bureau puis lance-le.
* Coche Purger la restauration système et laisse Supprimer les outils de désinfection coché.
* Clique sur Exécuter.
* Le rapport est copié dans le presse-papier, clique droit dans ton prochain message et choisis Coller.


==Prévention==

Un dossier sur la prévention et sécurité sur Internet est disponible ici.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses