|
Informations |
Messages |
|
phil295
97 messages
DVD-RW
|
 Le 21 Août 2011 à 23h51
]Bonsoir,
Je n'arrive pas a me débarrasser de Babylon search. Je ne retrouve pas mon moteur de recherche : Firefox .
Merci
|
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 22 Août 2011 à 08h45
Salut à toi et bienvenue, 
Afin de nous éclairer sur la nature précise de tes soucis "infectieux", ( ou pas ? )
dans un premier temps fais cette procédure et poste le rapport généré par Random's system information tool (RSIT) par
random/random
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
- Poste le contenu de log.txt (<<qui sera affiché)
ainsi que info.txt (<<qui sera réduit dans la Barre des Tâches).
// ! Important !
=======================
Citation Durant la phase de désinfection, il est absolument indispensable et primordial de ne pas rajouter de programmes à votre PC, afin de ne pas perturber la décontamination de votre machine. Faites-en un usage minimum durant cette phase.
D'autre part, ne pas utiliser d'outil(s) de décontamination de sa propre initiative, cela peut définitivement nuire à notre travail et au bon rétablissement de la machine.
C'est à la mode en ce moment, d'utiliser des outils comme Combofix sans autorisation !
C'est ABSOLUMENT proscrit ici sur ce Forum.
Il est évident qu'un PC infecté peut tout à fait devenir inutilisable malgré la tentative de désinfection, et de ce fait prendre la précaution de sauvegarder tous ses documents personnels, c'est une très bonne idée en soi....merci de prendre ça en considération 
Il est évident que je considère que l'option formatage et/ou une restauration du Système ne fait pas actuellement partie de ton intention, ce qui m'évite de perdre du temps.... merci d'avance
Ps:
======
Conseil d'ordre général
---->> Aller sur le Net avec Windows Internet Explorer, n'est pas souhaitable.
Pour vous en convaincre, un petit test de votre navigateur 
Comparez-donc Windows Internet Explorer avec Mozilla-Firefox (ce dernier devrait atteindre les 92 )
Quand à Windows Internet Explorer, j'en laisse la surprise...
Toutefois, ce qui ne veut pas dire que Windows Internet Explorer, ne doit pas être à jour ! (vérifier que vous avez la dernière version ! )
Télécharger Mozilla-Firefox 5.0. X. (le X représente évidemment la dernière version ) et le mettre à l'install comme Navigateur par défaut.
lien ici
-->source ici de conseils
Eviter à tous prix de poster dans plusieurs Forum à la fois...pas de multi-postage donc !
Poster les 2 rapports demandés (log.txt et info.txt)
En cas de fichier trop gros, suffit de le diviser sur deux réponses, ou plus.....
PS:
si tu ne peux pas télécharger en direct avec la machine infectée, il est évident qu'il faut faire usage, d'une carte SD ou clé usb via un autre PC. |
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 22 Août 2011 à 09h50
Bonjour et Merci pour ton aide.
Logfile of random's system information tool 1.09 (written by random/random)
Run by brigitte at 2011-08-22 09:39:27
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 905 MB (3%) free of 31 GB
Total RAM: 1022 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:39:47, on 22/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Téléchargements\RSIT(2).exe
C:\Program Files\trend micro\brigitte.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.search.yahoo.com/search?p=firefox&fr=chr-devicevm&type=IEBD
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O5 "LPT1:" /M "Stylus DX3800"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Cartes - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O8 - Extra context menu item: Déconnexion - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Icône de la BT - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O8 - Extra context menu item: Identités - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O8 - Extra context menu item: Initialiser - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O8 - Extra context menu item: Notes Sécurisées - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Réinitialiser - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
O8 - Extra context menu item: Vider les champs - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O9 - Extra 'Tools' menuitem: Options RoboForm - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O9 - Extra button: Personnaliser - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra 'Tools' menuitem: Personnaliser le menu - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: Icône de la BT - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra 'Tools' menuitem: Icône de la BT - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra button: Initialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra 'Tools' menuitem: Initialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra button: Réinitialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F53} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
O9 - Extra 'Tools' menuitem: Réinitialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F53} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
O9 - Extra button: Vider - {320AF880-6646-11D3-ABEE-C5DBF3571F54} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
O9 - Extra 'Tools' menuitem: Vider les champs - {320AF880-6646-11D3-ABEE-C5DBF3571F54} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
O9 - Extra button: Déconnexion - {320AF880-6646-11D3-ABEE-C5DBF3571F55} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html
O9 - Extra 'Tools' menuitem: Déconnexion - {320AF880-6646-11D3-ABEE-C5DBF3571F55} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html
O9 - Extra button: Identités - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra 'Tools' menuitem: Identités - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra button: Cartes - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra 'Tools' menuitem: Cartes - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra button: Notes Sécurisées - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra 'Tools' menuitem: Notes Sécurisées - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143306003005
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1cac596cc7ac1a6) (gupdate1cac596cc7ac1a6) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 16381 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Nouvelle Tâche.job
C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-721009202-3587564979-2248012791-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-721009202-3587564979-2248012791-1006.job
C:\WINDOWS\tasks\RegistryBooster.job
C:\WINDOWS\tasks\WinMaximizer-brigitte-Startup.job
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\Firefox\Profiles\rvuvxpar.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "extensions.enabledItems" - "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W, {B7D3E479-CC68-42B5-A338-938ECE35F419}:2.0.0.54356, {C9B68337-E93A-44EA-94DC-CB300EC06444}:3.26.0, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}:1.2.1.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0, {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss&mntrId=941b21030000000000006cf049ecf637&tlver=1.4.19.19&instlRef=sst&affID=17162&q="
"{22119944-ED35-4ab1-910B-E619EA06A115}"=C:\Program Files\Siber Systems\AI RoboForm\Firefox
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ma-config.com/HardwareDetection]
"Description"=Détection de sa configuration
"Path"=C:\Program Files\ma-config.com\nphardwaredetection.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rayv.com/rayvplugin]
"Description"=RayV Plugin
"Path"=C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.688]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.688]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.688]
"Description"=6.0.12.688
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.67\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.67\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer]
"Description"=Unity Player 2.1.0f5
"Path"=C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP]
"Description"=Viewpoint Media Player for Mozilla
"Path"=C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de
{3112ca9c-de6d-4884-a869-9855de68056c}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B7D3E479-CC68-42B5-A338-938ECE35F419}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browser.xpt
browsercomps.dll
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npitunes.dll
npitunes.xpt
npnul32.dll
nppdf32.dll
nppdf32.FRA
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
amazon-france.xml
babylon.xml
bing.xml
cnrtl-tlfi-fr.xml
eBay-france.xml
google.xml
MediaDICO-fr.xml
wikipedia-fr.xml
yahoo-france.xml
D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\Firefox\Profiles\rvuvxpar.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\Firefox\Profiles\rvuvxpar.default\searchplugins\
Chercher Malin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23 940856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-28 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll [2008-09-02 398768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-08-18 5960520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll [2010-03-23 160056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23 940856]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-08-18 5960520]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX3800 Series (Copie 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-03-28 202256]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-09-11 86960]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-08-18 160592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BPS Remover]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCD]
E:\Run.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2009-01-21 166912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-05-26 257088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2009-10-07 1086760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDAS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerStrip]
c:\program files\powerstrip\pstrip.exe [2008-11-19 737312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RayV]
C:\Program Files\RayV\RayV\RayV.exe [2009-03-22 2417960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-08-18 160592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2010-03-26 19522592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-03-28 202256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransVente]
C:\PROGRA~1\TRANSV~1\TransVente.exe [2006-11-23 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusKeeper]
C:\Program Files\AxBx\VirusKeeper 2007 Pro Evaluation\VirusKeeper.exe [2006-11-10 2551944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WahOO]
D:\Documents and Settings\brigitte.SN048927920021\Local Settings\Application Data\WahOO\WahOO.exe [2010-04-21 2235392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TotalReduc.lnk]
C:\PROGRA~1\TOTALR~1\TOTALR~1.EXE [2008-12-01 1156616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^brigitte.SN048927920021^Menu Démarrer^Programmes^Démarrage^Last.fm Helper.lnk]
C:\PROGRA~1\Last.fm\LASTFM~1.EXE [2008-01-08 106496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"UleadBurningHelper"=2
"stllssvr"=3
"STI Simulator"=2
"PLFlash DeviceIoControl Service"=2
"MysqlInventime"=3
"MioNet"=2
"maconfservice"=3
"iPod Service"=3
"idsvc"=3
"IDriverT"=3
"gusvc"=3
"gupdate1cac596cc7ac1a6"=2
"GoogleDesktopManager"=3
"FirebirdServerMAGIXInstance"=3
"ES lite Service"=2
"CyberLink Media Library Service"=2
"CLSched"=2
"CLCapSvc"=2
"BCUService"=2
"Ati HotKey Poller"=2
"AOL ACS"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-03 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-01-21 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x95000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\AOL 9.0\aol.exe"="C:\Program Files\AOL 9.0\aol.exe:*:Disabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL 9.0"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\StubInstaller.exe"="D:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer"
"C:\Program Files\adslTV\adslTV.exe"="C:\Program Files\adslTV\adslTV.exe:*:Disabled:adslTV"
"C:\Program Files\Last.fm\LastFM.exe"="C:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\KSS\PeerTV\PeerCast.exe"="C:\Program Files\KSS\PeerTV\PeerCast.exe:*:Enabled:PeerCast"
"C:\Program Files\KSS\PeerTV\mplayer.exe"="C:\Program Files\KSS\PeerTV\mplayer.exe:*:Disabled:MPlayer/MEncoder - Movie Player"
"C:\Program Files\KSS\PeerTV\VLC\vlc.exe"="C:\Program Files\KSS\PeerTV\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Joost\xulrunner\tvprunner.exe"="C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood"
"C:\Program Files\Zattoo\Zattoo2.exe"="C:\Program Files\Zattoo\Zattoo2.exe:*:Enabled: "
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"D:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe"="D:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe:*:Disabled:Programme d'installation de Kaspersky Internet Security 7.0"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Disabled:Application de pilotage à distance TeamViewer"
"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"=C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.siren"=sirenacm.dll
"msacm.clmp3enc"=C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*
======List of files/folders created in the last 1 month======
2011-08-21 00:59:05 ----D---- D:\Documents and Settings\brigitte.SN048927920021\Application Data\QuickStoresToolbar
2011-08-21 00:59:02 ----D---- C:\Program Files\Unlocker
2011-08-20 22:56:53 ----D---- D:\Documents and Settings\brigitte.SN048927920021\Application Data\GlarySoft
2011-08-20 22:48:22 ----D---- C:\Program Files\Glary Utilities
2011-08-20 10:00:25 ----ASH---- C:\pagefile.sys
2011-08-16 23:15:02 ----D---- C:\Program Files\FoxTabVideoConverter(2)
2011-08-10 12:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-10 12:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-10 12:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-10 12:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-10 12:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
======List of files/folders modified in the last 1 month======
2011-08-22 09:39:35 ----D---- C:\WINDOWS\Prefetch
2011-08-22 09:39:32 ----D---- C:\Program Files\Trend Micro
2011-08-22 09:06:41 ----D---- C:\WINDOWS\Temp
2011-08-22 08:43:00 ----AD---- C:\WINDOWS\system32
2011-08-22 08:43:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-22 08:39:37 ----SD---- C:\WINDOWS\Tasks
2011-08-22 08:39:26 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-22 02:12:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-21 21:51:43 ----SHD---- C:\WINDOWS\Installer
2011-08-21 21:51:43 ----D---- C:\Config.Msi
2011-08-21 01:05:32 ----RSD---- C:\WINDOWS\assembly
2011-08-21 01:05:32 ----D---- C:\WINDOWS\WinSxS
2011-08-21 00:59:02 ----RD---- C:\Program Files
2011-08-21 00:31:38 ----D---- C:\Program Files\Mozilla Firefox
2011-08-21 00:11:34 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-08-20 23:46:37 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-20 23:37:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-08-20 22:35:07 ----D---- C:\WINDOWS
2011-08-20 21:55:01 ----D---- C:\WINDOWS\system32\drivers
2011-08-20 21:55:01 ----D---- C:\WINDOWS\Debug
2011-08-20 21:37:24 ----D---- C:\WINDOWS\system32\config
2011-08-20 21:36:48 ----D---- C:\WINDOWS\system32\wbem
2011-08-20 21:36:47 ----D---- C:\WINDOWS\Registration
2011-08-20 21:36:10 ----SD---- D:\Documents and Settings\brigitte.SN048927920021\Application Data\Microsoft
2011-08-20 21:26:39 ----D---- C:\Program Files\Wanadoo
2011-08-20 21:19:26 ----D---- C:\Program Files\TransVente
2011-08-20 21:16:26 ----A---- C:\WINDOWS\win.ini
2011-08-20 21:16:26 ----A---- C:\WINDOWS\system.ini
2011-08-20 09:22:32 ----A---- C:\WINDOWS\imsins.BAK
2011-08-14 10:20:38 ----HD---- C:\WINDOWS\inf
2011-08-10 15:00:52 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-10 12:29:17 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-08-10 12:29:00 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-10 12:25:39 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-10 12:24:55 ----D---- C:\Program Files\Internet Explorer
2011-08-10 12:24:31 ----D---- C:\WINDOWS\ie8updates
2011-07-25 17:09:56 ----A---- C:\WINDOWS\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-06-17 872064]
R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-28 45200]
R0 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2010-04-22 19496]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-14 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-11 56816]
R2 PStrip;PSTRIP; \??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS []
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-05-27 799744]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-03 1273344]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-26 5883936]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S0 NDISRD;NDISRD; C:\WINDOWS\system32\drivers\NDISRD.sys [2005-05-17 15340]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-03-05 157696]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-01-21 6278560]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;Philips SPC210NC Webcam; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527]
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2007-12-17 57328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-14 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-03 380928]
R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]
S2 gupdate1cac596cc7ac1a6;Service Google Update (gupdate1cac596cc7ac1a6); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-17 133104]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-17 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
S4 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S4 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
S4 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
S4 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
S4 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S4 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-07 1838592]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-05-26 501312]
S4 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S4 MioNet;MioNet Service; C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 139264]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2009-10-07 87344]
S4 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S4 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2007-12-02 74384]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
-----------------EOF-----------------
|
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 22 Août 2011 à 11h32
Fais ceci,
* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.
* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 22 Août 2011 à 12h14
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 12:10:22 le 22/08/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
brigitte@SN048927920021 ( )
============== RECHERCHE ==============
Dossier trouvé: C:\Program Files\Mozilla FireFox\extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419}
Dossier trouvé: D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Imesh
Fichier trouvé: D:\Documents and Settings\brigitte.SN048927920021\Application Data\Microsoft\Internet Explorer\Quick Launch\imesh.lnk
Dossier trouvé: D:\Documents and Settings\brigitte.SN048927920021\Application Data\Toolbar4
Dossier trouvé: D:\Documents and Settings\All Users\Application Data\Viewpoint
Dossier trouvé: C:\Program Files\Viewpoint
Dossier trouvé: D:\Documents and Settings\brigitte.SN048927920021\Application Data\EoRezo
Dossier trouvé: C:\Program Files\EoRezo
Dossier trouvé: D:\Documents and Settings\brigitte.SN048927920021\Application Data\ItsLabel
Dossier trouvé: D:\Documents and Settings\brigitte.SN048927920021\Local Settings\Application Data\iMesh
Dossier trouvé: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\iMesh
Dossier trouvé: C:\Program Files\iMesh Applications
Clé trouvée: HKLM\Software\Classes\CLSID\{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
Clé trouvée: HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Clé trouvée: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Clé trouvée: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
Clé trouvée: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé trouvée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé trouvée: HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Clé trouvée: HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Clé trouvée: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Clé trouvée: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Clé trouvée: HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Clé trouvée: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Clé trouvée: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Clé trouvée: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Clé trouvée: HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Clé trouvée: HKLM\Software\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Clé trouvée: HKLM\Software\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Clé trouvée: HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
Clé trouvée: HKLM\Software\Classes\AppID\{AD71F65D-CD13-4837-A2DC-E4D90020E7D4}
Clé trouvée: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Clé trouvée: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Clé trouvée: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé trouvée: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Clé trouvée: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Clé trouvée: HKLM\Software\Classes\CLSID\{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
Clé trouvée: HKLM\Software\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
Clé trouvée: HKLM\Software\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Clé trouvée: HKLM\Software\Classes\CLSID\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}
Clé trouvée: HKLM\Software\Classes\CLSID\{B0639356-335C-4E47-B63C-12531A7A5206}
Clé trouvée: HKLM\Software\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
Clé trouvée: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé trouvée: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé trouvée: HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Clé trouvée: HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Clé trouvée: HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Clé trouvée: HKLM\Software\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
Clé trouvée: HKLM\Software\Classes\CLSID\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}
Clé trouvée: HKLM\Software\Classes\Interface\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}
Clé trouvée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé trouvée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé trouvée: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
Clé trouvée: HKLM\Software\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Clé trouvée: HKLM\Software\Classes\CLSID\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}
Clé trouvée: HKLM\Software\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
Clé trouvée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Clé trouvée: HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
Clé trouvée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Clé trouvée: HKLM\Software\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
Clé trouvée: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé trouvée: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé trouvée: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Clé trouvée: HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Clé trouvée: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Clé trouvée: HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Clé trouvée: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ADEA3C4E-2184-40A2-9556-488456427E80}
Clé trouvée: HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
Clé trouvée: HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Clé trouvée: HKLM\Software\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé trouvée: HKLM\Software\Classes\iMesh.AudioCD
Clé trouvée: HKLM\Software\Classes\iMesh.Device
Clé trouvée: HKLM\Software\Classes\iMesh.file
Clé trouvée: HKLM\Software\Classes\iMesh.LauncherEventHandler
Clé trouvée: HKLM\Software\Classes\iMesh.LauncherEventHandler.1
Clé trouvée: HKLM\Software\Classes\iMeshIEHelper.UrlHelper
Clé trouvée: HKLM\Software\Classes\iMeshIEHelper.UrlHelper.1
Clé trouvée: HKLM\Software\iMesh
Clé trouvée: HKLM\Software\MetaStream
Clé trouvée: HKLM\Software\Viewpoint
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\iMesh
Clé trouvée: HKCU\Software\ItsLabel
Clé trouvée: HKCU\Software\WebMediaPlayer
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\BHO iMesh
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé trouvée: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [6.0 (fr)] ****
Plugins\npitunes.dll (?)
HKLM_MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 (x)
HKLM_MozillaPlugins\@rayv.com/rayvplugin (x)
HKLM_MozillaPlugins\@unity3d.com/UnityPlayer (x)
HKLM_MozillaPlugins\@viewpoint.com/VMP (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=941b21030000000000006cf049ecf637&tlver=1.4.19.19&affID=17162/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\quickstores@quickstores.de (QuickStores-Toolbar)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419} (iMesh MediaBar)
HKLM_Extensions|{22119944-ED35-4ab1-910B-E619EA06A115} - C:\Program Files\Siber Systems\AI RoboForm\Firefox
-- D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\FireFox\Profiles\rvuvxpar.default --
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Searchplugins\Chercher Malin.xml (hxxp://www.cherchermalin.com/)
Prefs.js - browser.download.lastDir, D:\\Documents and Settings\\brigitte.SN048927920021\\Mes documents\\Récemment mis à jour
Prefs.js - browser.search.defaultenginename, SearchTheWeb
Prefs.js - browser.search.selectedEngine, Search the web (Babylon)
Prefs.js - browser.startup.homepage_override.buildID, 20110811165603
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=941b21030000000000006cf049ecf637&tlver=1.4.19.19&instlRef=ss...
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie
HKCU_Main|SearchMigratedDefaultURL - hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU_Main|Start Page - hxxp://fr.search.yahoo.com/search?p=firefox&fr=chr-devicevm&type=IEBD
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search bar - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - "SearchHook Class" (C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll)
HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\PROGRA~1\Wanadoo\SEARCH~1.DLL)
HKCU_URLSearchHooks|{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - "?" (x)
HKCU_SearchScopes\Emjysoft - "Rechercher..." (hxxp://start.emjysoft.com/opensearch.php?recherche={searchTerms})
HKCU_SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Chercher Malin - "Chercher Malin" (hxxp://www.cherchermalin.com/?t=Q0908141537&s=b&keywords={searchTerms})
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} - "Web Search" (hxxp://search.imesh.com/webResults.html?src=ieb&q={searchTerms})
HKLM_SearchScopes\Emjysoft - "Rechercher..." (hxxp://start.emjysoft.com/opensearch.php?recherche={searchTerms})
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\ShellBrowser|{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} (x)
HKCU_Toolbar\ShellBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
HKCU_Toolbar\WebBrowser|{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} (x)
HKCU_Toolbar\WebBrowser|{968631B6-4729-440D-9BF4-251F5593EC9A} (x)
HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
HKCU_Toolbar\WebBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} (x)
HKCU_Toolbar\WebBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C} (x)
HKLM_Toolbar|{724d43a0-0d85-11d4-9908-00400523e39a} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
HKLM_Toolbar|{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} (mscoree.dll) (x)
HKLM_ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE} - C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh, Inc)
HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\IMinent Toolbar\TbHelper2.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} - C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe (x)
HKLM_ElevationPolicy\{F459C053-BD3B-4e2f-9B15-F6EE9ADD67C8} - C:\Program Files\RayV\RayV\RayV.exe (RayV)
HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4C} - "Options" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,883)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4E} - "Personnaliser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,886)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F50} - "Générateur" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,877)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F51} - "Icône de la BT" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F52} - "Initialiser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,887)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F53} - "Réinitialiser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,888)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F54} - "Vider" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,889)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F55} - "Déconnexion" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,875)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540000} - "Identités" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,870)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540001} - "Cartes" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,871)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540002} - "Notes Sécurisées" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,879)
HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - "QuickStores-Toolbar" (mscoree.dll) (x)
BHO\{474597C5-AB09-49d6-A4D5-2E8D7341384E} - "UrlHelper Class" (C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll)
BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll)
BHO\{9CB65201-89C4-402c-BA80-02D8C59F9B1D} - "Ask Search Assistant BHO" () (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)
D:\Ad-Report-SCAN[1].txt - 22/08/2011 12:10:43 (12514 Octet(s))
Fin à: 12:11:29, 22/08/2011
============== E.O.F ==============
|
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 22 Août 2011 à 16h52
Passons à la suppression:
-----------------------------------------------------------
* Double clic sur le programme Ad-Remover pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Nettoyer"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 22 Août 2011 à 22h32
KLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} - C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe (x)
HKLM_ElevationPolicy\{F459C053-BD3B-4e2f-9B15-F6EE9ADD67C8} - C:\Program Files\RayV\RayV\RayV.exe (RayV)
HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4C} - "Options" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,883)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4E} - "Personnaliser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,886)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F50} - "Générateur" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,877)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F51} - "Icône de la BT" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F52} - "Initialiser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,887)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F53} - "Réinitialiser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,888)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F54} - "Vider" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,889)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F55} - "Déconnexion" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,875)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540000} - "Identités" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,870)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540001} - "Cartes" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,871)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540002} - "Notes Sécurisées" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,879)
HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - "QuickStores-Toolbar" (mscoree.dll) (x)
BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 350 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)
D:\Ad-Report-CLEAN[1].txt - 22/08/2011 22:28:03 (14864 Octet(s))
D:\Ad-Report-SCAN[1].txt - 22/08/2011 12:10:43 (18578 Octet(s))
Fin à: 22:29:33, 22/08/2011
============== E.O.F ============== |
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 23 Août 2011 à 21h31
re,
il manque un gros bout du rapport  |
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 24 Août 2011 à 18h30
Logfile of random's system information tool 1.09 (written by random/random)
Run by brigitte at 2011-08-24 18:23:05
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 594 MB (2%) free of 31 GB
Total RAM: 1022 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:26, on 24/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Téléchargements\RSIT(2).exe
C:\Program Files\trend micro\brigitte.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.search.yahoo.com/search?p=firefox&fr=chr-devicevm&type=IEBD
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O5 "LPT1:" /M "Stylus DX3800"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Cartes - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O8 - Extra context menu item: Déconnexion - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Icône de la BT - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O8 - Extra context menu item: Identités - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O8 - Extra context menu item: Initialiser - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O8 - Extra context menu item: Notes Sécurisées - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O8 - Extra context menu item: Options RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Réinitialiser - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
O8 - Extra context menu item: Vider les champs - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O9 - Extra 'Tools' menuitem: Options RoboForm - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O9 - Extra button: Personnaliser - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra 'Tools' menuitem: Personnaliser le menu - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: Icône de la BT - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra 'Tools' menuitem: Icône de la BT - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra button: Initialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra 'Tools' menuitem: Initialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra button: Réinitialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F53} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
O9 - Extra 'Tools' menuitem: Réinitialiser - {320AF880-6646-11D3-ABEE-C5DBF3571F53} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
O9 - Extra button: Vider - {320AF880-6646-11D3-ABEE-C5DBF3571F54} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
O9 - Extra 'Tools' menuitem: Vider les champs - {320AF880-6646-11D3-ABEE-C5DBF3571F54} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
O9 - Extra button: Déconnexion - {320AF880-6646-11D3-ABEE-C5DBF3571F55} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html
O9 - Extra 'Tools' menuitem: Déconnexion - {320AF880-6646-11D3-ABEE-C5DBF3571F55} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html
O9 - Extra button: Identités - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra 'Tools' menuitem: Identités - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra button: Cartes - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra 'Tools' menuitem: Cartes - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra button: Notes Sécurisées - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra 'Tools' menuitem: Notes Sécurisées - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143306003005
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1cac596cc7ac1a6) (gupdate1cac596cc7ac1a6) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 15771 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Nouvelle Tâche.job
C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-721009202-3587564979-2248012791-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-721009202-3587564979-2248012791-1006.job
C:\WINDOWS\tasks\RegistryBooster.job
C:\WINDOWS\tasks\WinMaximizer-brigitte-Startup.job
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\Firefox\Profiles\rvuvxpar.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "extensions.enabledItems" - "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W, {B7D3E479-CC68-42B5-A338-938ECE35F419}:2.0.0.54356, {C9B68337-E93A-44EA-94DC-CB300EC06444}:3.26.0, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}:1.2.1.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0, {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss&mntrId=941b21030000000000006cf049ecf637&tlver=1.4.19.19&instlRef=sst&affID=17162&q="
"{22119944-ED35-4ab1-910B-E619EA06A115}"=C:\Program Files\Siber Systems\AI RoboForm\Firefox
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ma-config.com/HardwareDetection]
"Description"=Détection de sa configuration
"Path"=C:\Program Files\ma-config.com\nphardwaredetection.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rayv.com/rayvplugin]
"Description"=RayV Plugin
"Path"=C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.688]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.688]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.688]
"Description"=6.0.12.688
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.68\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.68\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer]
"Description"=Unity Player 2.1.0f5
"Path"=C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de
{3112ca9c-de6d-4884-a869-9855de68056c}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browser.xpt
browsercomps.dll
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npitunes.dll
npitunes.xpt
npnul32.dll
nppdf32.dll
nppdf32.FRA
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
amazon-france.xml
babylon.xml
bing.xml
cnrtl-tlfi-fr.xml
eBay-france.xml
google.xml
MediaDICO-fr.xml
wikipedia-fr.xml
yahoo-france.xml
D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\Firefox\Profiles\rvuvxpar.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\Firefox\Profiles\rvuvxpar.default\searchplugins\
Chercher Malin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23 940856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-28 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-08-18 5960520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll [2010-03-23 160056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll [2010-03-23 940856]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-08-18 5960520]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX3800 Series (Copie 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-03-28 202256]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-09-11 86960]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-08-18 160592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BPS Remover]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCD]
E:\Run.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2009-01-21 166912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-05-26 257088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2009-10-07 1086760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDAS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerStrip]
c:\program files\powerstrip\pstrip.exe [2008-11-19 737312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RayV]
C:\Program Files\RayV\RayV\RayV.exe [2009-03-22 2417960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-08-18 160592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2010-03-26 19522592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-03-28 202256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransVente]
C:\PROGRA~1\TRANSV~1\TransVente.exe [2006-11-23 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusKeeper]
C:\Program Files\AxBx\VirusKeeper 2007 Pro Evaluation\VirusKeeper.exe [2006-11-10 2551944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WahOO]
D:\Documents and Settings\brigitte.SN048927920021\Local Settings\Application Data\WahOO\WahOO.exe [2010-04-21 2235392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^TotalReduc.lnk]
C:\PROGRA~1\TOTALR~1\TOTALR~1.EXE [2008-12-01 1156616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^brigitte.SN048927920021^Menu Démarrer^Programmes^Démarrage^Last.fm Helper.lnk]
C:\PROGRA~1\Last.fm\LASTFM~1.EXE [2008-01-08 106496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"UleadBurningHelper"=2
"stllssvr"=3
"STI Simulator"=2
"PLFlash DeviceIoControl Service"=2
"MysqlInventime"=3
"MioNet"=2
"maconfservice"=3
"iPod Service"=3
"idsvc"=3
"IDriverT"=3
"gusvc"=3
"gupdate1cac596cc7ac1a6"=2
"GoogleDesktopManager"=3
"FirebirdServerMAGIXInstance"=3
"ES lite Service"=2
"CyberLink Media Library Service"=2
"CLSched"=2
"CLCapSvc"=2
"BCUService"=2
"Ati HotKey Poller"=2
"AOL ACS"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-03 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-01-21 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x95000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\AOL 9.0\aol.exe"="C:\Program Files\AOL 9.0\aol.exe:*:Disabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL 9.0"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\StubInstaller.exe"="D:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer"
"C:\Program Files\adslTV\adslTV.exe"="C:\Program Files\adslTV\adslTV.exe:*:Disabled:adslTV"
"C:\Program Files\Last.fm\LastFM.exe"="C:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\KSS\PeerTV\PeerCast.exe"="C:\Program Files\KSS\PeerTV\PeerCast.exe:*:Enabled:PeerCast"
"C:\Program Files\KSS\PeerTV\mplayer.exe"="C:\Program Files\KSS\PeerTV\mplayer.exe:*:Disabled:MPlayer/MEncoder - Movie Player"
"C:\Program Files\KSS\PeerTV\VLC\vlc.exe"="C:\Program Files\KSS\PeerTV\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Joost\xulrunner\tvprunner.exe"="C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood"
"C:\Program Files\Zattoo\Zattoo2.exe"="C:\Program Files\Zattoo\Zattoo2.exe:*:Enabled: "
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"D:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe"="D:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe:*:Disabled:Programme d'installation de Kaspersky Internet Security 7.0"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Disabled:Application de pilotage à distance TeamViewer"
"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"=C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.siren"=sirenacm.dll
"msacm.clmp3enc"=C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*
======List of files/folders created in the last 1 month======
2011-08-22 12:09:29 ----D---- C:\Program Files\Ad-Remover
2011-08-21 00:59:05 ----D---- D:\Documents and Settings\brigitte.SN048927920021\Application Data\QuickStoresToolbar
2011-08-21 00:59:02 ----D---- C:\Program Files\Unlocker
2011-08-20 22:56:53 ----D---- D:\Documents and Settings\brigitte.SN048927920021\Application Data\GlarySoft
2011-08-20 22:48:22 ----D---- C:\Program Files\Glary Utilities
2011-08-20 10:00:25 ----ASH---- C:\pagefile.sys
2011-08-16 23:15:02 ----D---- C:\Program Files\FoxTabVideoConverter(2)
2011-08-10 12:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-10 12:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-10 12:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-10 12:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-10 12:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
======List of files/folders modified in the last 1 month======
2011-08-24 18:23:10 ----D---- C:\Program Files\Trend Micro
2011-08-24 17:04:16 ----D---- C:\WINDOWS\Temp
2011-08-24 17:04:01 ----D---- C:\WINDOWS\Prefetch
2011-08-24 16:56:41 ----SHD---- C:\WINDOWS\Installer
2011-08-24 16:56:41 ----D---- C:\Config.Msi
2011-08-24 16:25:59 ----AD---- C:\WINDOWS\system32
2011-08-24 16:25:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-24 16:22:34 ----SD---- C:\WINDOWS\Tasks
2011-08-24 16:22:23 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-23 22:41:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-23 21:22:01 ----D---- C:\WINDOWS
2011-08-22 22:29:14 ----RD---- C:\Program Files
2011-08-21 01:05:32 ----RSD---- C:\WINDOWS\assembly
2011-08-21 01:05:32 ----D---- C:\WINDOWS\WinSxS
2011-08-21 00:31:38 ----D---- C:\Program Files\Mozilla Firefox
2011-08-21 00:11:34 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-08-20 23:46:37 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-20 23:37:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-08-20 22:35:29 ----A---- C:\WINDOWS\imsins.BAK
2011-08-20 21:55:01 ----D---- C:\WINDOWS\system32\drivers
2011-08-20 21:55:01 ----D---- C:\WINDOWS\Debug
2011-08-20 21:37:24 ----D---- C:\WINDOWS\system32\config
2011-08-20 21:36:48 ----D---- C:\WINDOWS\system32\wbem
2011-08-20 21:36:47 ----D---- C:\WINDOWS\Registration
2011-08-20 21:36:10 ----SD---- D:\Documents and Settings\brigitte.SN048927920021\Application Data\Microsoft
2011-08-20 21:26:39 ----D---- C:\Program Files\Wanadoo
2011-08-20 21:19:26 ----D---- C:\Program Files\TransVente
2011-08-20 21:16:26 ----A---- C:\WINDOWS\win.ini
2011-08-20 21:16:26 ----A---- C:\WINDOWS\system.ini
2011-08-14 10:20:38 ----HD---- C:\WINDOWS\inf
2011-08-10 15:00:52 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-10 12:29:17 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-08-10 12:29:00 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-10 12:25:39 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-10 12:24:55 ----D---- C:\Program Files\Internet Explorer
2011-08-10 12:24:31 ----D---- C:\WINDOWS\ie8updates
2011-07-25 17:09:56 ----A---- C:\WINDOWS\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-06-17 872064]
R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-28 45200]
R0 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2010-04-22 19496]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-14 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-11 56816]
R2 PStrip;PSTRIP; \??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS []
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-05-27 799744]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-03 1273344]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-26 5883936]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S0 NDISRD;NDISRD; C:\WINDOWS\system32\drivers\NDISRD.sys [2005-05-17 15340]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-03-05 157696]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-01-21 6278560]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;Philips SPC210NC Webcam; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527]
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2007-12-17 57328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-14 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-03 380928]
R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]
S2 gupdate1cac596cc7ac1a6;Service Google Update (gupdate1cac596cc7ac1a6); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-17 133104]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-17 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
S4 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S4 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
S4 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
S4 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
S4 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S4 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-07 1838592]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-05-26 501312]
S4 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S4 MioNet;MioNet Service; C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 139264]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2009-10-07 87344]
S4 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S4 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2007-12-02 74384]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
-----------------EOF-----------------
|
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 24 Août 2011 à 20h33
1) Désactive le Teatimer de Spybot
[*]Ouvre Spybot
[*]Rends-toi dans le menu Mode
[*]Coche la case Mode Avancé
[*]Clique sur Outils (tout en bas)
[*]Dans Résident, tu décoches la case Resident Teatimer
-----> L'icône doit être absente de la barre des tâches...
Tutoriel animé :
-->source ici
(merci Balltrap34 !)
ensuite,
Fais ceci,
* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.
* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 24 Août 2011 à 21h15
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 21:11:33 le 24/08/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
brigitte@SN048927920021 ( )
============== RECHERCHE ==============
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [6.0 (fr)] ****
Plugins\npitunes.dll (?)
HKLM_MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 (x)
HKLM_MozillaPlugins\@rayv.com/rayvplugin (x)
HKLM_MozillaPlugins\@unity3d.com/UnityPlayer (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=941b21030000000000006cf049ecf637&tlver=1.4.19.19&affID=17162/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\quickstores@quickstores.de (QuickStores-Toolbar)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
HKLM_Extensions|{22119944-ED35-4ab1-910B-E619EA06A115} - C:\Program Files\Siber Systems\AI RoboForm\Firefox
-- D:\Documents and Settings\brigitte.SN048927920021\Application Data\Mozilla\FireFox\Profiles\rvuvxpar.default --
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Searchplugins\Chercher Malin.xml (hxxp://www.cherchermalin.com/)
Prefs.js - browser.download.lastDir, D:\\Documents and Settings\\brigitte.SN048927920021\\Mes documents\\Récemment mis à jour
Prefs.js - browser.search.defaultenginename, SearchTheWeb
Prefs.js - browser.search.selectedEngine, Search the web (Babylon)
Prefs.js - browser.startup.homepage_override.buildID, 20110811165603
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=941b21030000000000006cf049ecf637&tlver=1.4.19.19&instlRef=ss...
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.search.yahoo.com/search?p=firefox&fr=chr-devicevm&type=IEBD
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - "SearchHook Class" (C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll)
HKCU_URLSearchHooks|{08C06D61-F1F3-4799-86F8-BE1A89362C85} - "Search Class" (C:\PROGRA~1\Wanadoo\SEARCH~1.DLL)
HKCU_SearchScopes\Emjysoft - "Rechercher..." (hxxp://start.emjysoft.com/opensearch.php?recherche={searchTerms})
HKCU_SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Chercher Malin - "Chercher Malin" (hxxp://www.cherchermalin.com/?t=Q0908141537&s=b&keywords={searchTerms})
HKLM_SearchScopes\Emjysoft - "Rechercher..." (hxxp://start.emjysoft.com/opensearch.php?recherche={searchTerms})
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\ShellBrowser|{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} (x)
HKCU_Toolbar\ShellBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
HKCU_Toolbar\WebBrowser|{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} (x)
HKCU_Toolbar\WebBrowser|{968631B6-4729-440D-9BF4-251F5593EC9A} (x)
HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
HKCU_Toolbar\WebBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} (x)
HKLM_Toolbar|{724d43a0-0d85-11d4-9908-00400523e39a} (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
HKLM_Toolbar|{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} (mscoree.dll) (x)
HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\IMinent Toolbar\TbHelper2.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} - C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe (x)
HKLM_ElevationPolicy\{F459C053-BD3B-4e2f-9B15-F6EE9ADD67C8} - C:\Program Files\RayV\RayV\RayV.exe (RayV)
HKLM_Extensions\-{FB5F1910-F110-11d2-BB9E-00C04F795683} - "Messenger" (C:\Program Files\Messenger\msmsgs.exe,301)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46} - "Remplir" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,880)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49} - "Enregistrer" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,873)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4C} - "Options" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,883)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4E} - "Personnaliser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,886)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F50} - "Générateur" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,877)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F51} - "Icône de la BT" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F52} - "Initialiser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,887)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F53} - "Réinitialiser" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,888)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F54} - "Vider" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,889)
HKLM_Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F55} - "Déconnexion" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,875)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540000} - "Identités" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,870)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540001} - "Cartes" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,871)
HKLM_Extensions\{45DB34C3-955C-11D3-ABEF-444553540002} - "Notes Sécurisées" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,879)
HKLM_Extensions\{724d43aa-0d85-11d4-9908-00400523e39a} - "Barre RoboForm" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll,900)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - "QuickStores-Toolbar" (mscoree.dll) (x)
BHO\{724d43a9-0d85-11d4-9908-00400523e39a} - "?" (C:\Program Files\Siber Systems\AI RoboForm\roboform.dll)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 350 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
D:\Ad-Report-CLEAN[1].txt - 22/08/2011 22:28:03 (18191 Octet(s))
D:\Ad-Report-SCAN[1].txt - 22/08/2011 12:10:43 (18578 Octet(s))
D:\Ad-Report-SCAN[2].txt - 24/08/2011 21:11:37 (7428 Octet(s))
Fin à: 21:12:24, 24/08/2011
============== E.O.F ==============
|
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 25 Août 2011 à 22h10
Ensuite fais ceci:
Télécharge Malwarebytes' Anti-Malware (MBAM)
[*] Double clique sur le fichier téléchargé pour lancer le processus d'installation.
[*] Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
[*] Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
[*] Sélectionne "Exécuter un examen rapide"
[*] Clique sur "Rechercher"
[*] L'analyse démarre, le scan est relativement long, c'est normal.
[*] A la fin de l'analyse, un message s'affiche :
Citation L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
[*] Ferme tes navigateurs.
[*] Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
[*] MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
ps:
--->aide visuelle sur Mbam ici
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 26 Août 2011 à 08h13
AMalwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7573
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
26/08/2011 08:09:16
mbam-log-2011-08-26 (08-09-16).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 724831
Temps écoulé: 8 minute(s), 36 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté) |
| |
|
|
|
|
Winx
19798 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 26 Août 2011 à 09h41
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
phil295
97 messages
DVD-RW
|
Le 26 Août 2011 à 17h26
C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe probably a variant of Win32/Agent.DYVNCLY trojan
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\nero810_eval01net.exe Win32/Toolbar.AskSBar application
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Téléchargements\Nero_BackItUpAndBurn-1.2.17b_trial.exe Win32/Toolbar.AskSBar application
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Téléchargements\pcfix-v206-fr.exe Win32/Adware.PCFixCleaner application
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Téléchargements\unlocker_unlocker_1.9.1_32_bits_francais_20237.exe Win32/Adware.ADON application
D:\Documents and Settings\brigitte.SN048927920021\Mes documents\Téléchargements\VideoConverterSetup.exe a variant of Win32/InstallCore.B application
|
| |
|
|
|
|
Demander de l'aide
RSS
Profil
Les Pays-Bas inscrivent la neutralité du net dans la loi
Facebook Messenger: Plus besoin d'un navigateur web pour discuter sur le chat Facebook
Google Drive: Google lancerait bientôt un service de stockage en ligne
Un tiers des divorces en Angleterre seraient liés à Facebook
Des photos privées de Mark Zuckerberg dévoilées à cause d'une faille de sécurité Facebook
Rock-It 2.0 : un amplificateur à se mettre dans la poche
Google Chrome passe devant Firefox et devient le second navigateur mondial
Procurez vous le nouveau design de Youtube dès maintenant
Appelez vos amis Facebook via Skype - même s'ils n'ont pas Skype!
Impact des cyber-attaques sur le monde réel: Aux portes d'une guerre?
Débutants: Pré-remplir un e-mail dans un formulaire avec la fonction HTML mailto
Achetez et vendez votre matériel multimédia d'occasion sur notre service de petites annonces informatiques gratuites
