Probleme avec explorer

Ask to Old Man · le 03 Déc 2010 20:19

Salut, dés que j'ouvre mon explorer, j'ai une fenêtre Windows installer qui s'ouvre pour installer "search settings installer"
savez vous comment faire pour s'en débarrasser?

Edt AtOM Sujet déplacé en rubrique adéquate.

bernard53 · le 03 Déc 2010 20:42

bonsoir

tu as un intrus qui c'est installé sans ta demande.

Fait ceci pout tant séparer.

Installe Malewarebytes' Antimalware,
Téléchargement

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

Si cela ne résous pas ton soucis fait cela en plus.

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php

Skynet · le 04 Déc 2010 17:17

salut merci pour les conseils
l'analyse avec Installe Malewarebytes' Antimalware, n'a rien donné

et voici le rapport OTL

Code: Tout sélectionner: OTL logfile created on: 04/12/2010 16:32:29 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fabien\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 137,87 Gb Total Space | 26,35 Gb Free Space | 19,11% Space Free | Partition Type: NTFS Drive D: | 11,18 Gb Total Space | 2,35 Gb Free Space | 21,05% Space Free | Partition Type: NTFS Drive G: | 944,67 Mb Total Space | 4,31 Mb Free Space | 0,46% Space Free | Partition Type: FAT Computer Name: PC-DE-FABIEN | User Name: Fabien | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Fabien\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe () PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) PRC - C:\Program Files\Neuf\Kit\9props.exe (SFR) PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\Fabien\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1_17\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L) SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (Bdfndisf) -- C:\Windows\System32\drivers\bdfndisf.sys (BitDefender LLC) DRV - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC) DRV - (bdfsfltr) -- C:\Windows\System32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (bdfm) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.) DRV - (BDVEDISK) -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys (BitDefender S.R.L.) DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.) DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys () DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.) DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation) DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Presario&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Presario&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Presario&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://google.mini15.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 44 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q=" FF - prefs.js..network.proxy.type: 4 FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q=" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\ [2009/11/16 19:58:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/31 12:11:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/20 09:57:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\tbextension\ [2009/05/08 23:58:34 | 000,000,000 | ---D | M] [2010/03/14 11:53:23 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Extensions [2010/03/14 11:53:23 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010/12/03 19:02:53 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions [2010/04/28 14:00:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/09/23 20:45:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010/08/26 20:13:19 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2010/11/26 22:12:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009/09/13 16:40:26 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010/01/30 17:29:46 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010/07/15 09:37:44 | 000,000,000 | ---D | M] -- C:\Users\Fabien\AppData\Roaming\mozilla\Firefox\Profiles\v8mosu4n.default\extensions\piclens@cooliris.com [2010/11/01 14:23:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/11/01 14:23:04 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010/04/20 12:08:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/20 20:50:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/20 19:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2009/11/16 18:44:45 | 000,065,536 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\FFComm.dll [2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/01/25 15:07:03 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/01/25 15:07:03 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/25 15:07:03 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/01/25 15:07:04 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/03/23 22:13:53 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/09/03 20:56:15 | 000,327,702 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 http://www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 http://www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 http://www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 http://www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 http://www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 http://www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 http://www.100888290cs.com O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 http://www.10sek.com O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com O1 - Hosts: 11213 more lines... O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender) O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\Neuf\Kit\9props.exe (SFR) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Intranet local) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\Fabien\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Users\Fabien\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/05/08 20:30:04 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009/09/13 17:12:36 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O32 - AutoRun File - [2009/09/13 17:12:36 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a}\Shell - "" = AutoRun O33 - MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a}\Shell\AutoRun\command - "" = F:\DPFMate.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/12/04 16:30:19 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Fabien\Desktop\OTL.exe [2010/11/18 12:23:04 | 000,000,000 | ---D | C] -- C:\Users\Fabien\Desktop\Emilie Rose [2010/11/15 21:35:42 | 000,000,000 | ---D | C] -- C:\Users\Fabien\Documents\Youcam [2010/11/14 19:18:05 | 000,000,000 | ---D | C] -- C:\Users\Fabien\Desktop\week end du 12 novembre [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/12/04 16:30:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Fabien\Desktop\OTL.exe [2010/12/04 16:23:34 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{76444ECB-2AC7-4FCF-B614-BFFEBD69D8DC}.job [2010/12/04 15:51:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/12/04 15:45:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/04 15:45:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/04 14:27:11 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010/12/04 13:49:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2010/12/04 13:46:24 | 000,000,281 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/12/04 13:45:41 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/12/04 13:45:37 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter.job [2010/12/04 13:45:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/04 13:43:32 | 000,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin [2010/11/29 19:03:45 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/27 17:41:50 | 000,000,757 | ---- | M] () -- C:\Users\Fabien\Desktop\Glary Utilities.lnk [2010/11/27 15:47:26 | 001,081,638 | ---- | M] () -- C:\Users\Fabien\Desktop\brochure-diversification-alimentaire.pdf [2010/11/26 18:30:52 | 000,000,827 | ---- | M] () -- C:\Windows\System32\BDUpdateV1.xml [2010/11/21 21:05:51 | 000,000,676 | ---- | M] () -- C:\Users\Fabien\Documents\cc_20101121_210545.reg [2010/11/20 10:04:43 | 000,119,296 | ---- | M] () -- C:\Users\Fabien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/20 10:01:14 | 003,573,808 | ---- | M] () -- C:\Users\Fabien\Desktop\Capture_20101120.wmv [2010/11/20 09:57:34 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/11/16 20:02:34 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/11/16 20:02:34 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/11/16 20:02:34 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/11/16 20:02:34 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/11/08 20:33:58 | 000,038,804 | ---- | M] () -- C:\Users\Fabien\Documents\cc_20101108_203349.reg [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/11/27 15:47:23 | 001,081,638 | ---- | C] () -- C:\Users\Fabien\Desktop\brochure-diversification-alimentaire.pdf [2010/11/21 21:05:48 | 000,000,676 | ---- | C] () -- C:\Users\Fabien\Documents\cc_20101121_210545.reg [2010/11/20 10:00:07 | 003,573,808 | ---- | C] () -- C:\Users\Fabien\Desktop\Capture_20101120.wmv [2010/11/08 20:33:52 | 000,038,804 | ---- | C] () -- C:\Users\Fabien\Documents\cc_20101108_203349.reg [2010/11/01 14:27:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/04/13 18:10:53 | 000,000,036 | ---- | C] () -- C:\Users\Fabien\AppData\Local\housecall.guid.cache [2010/04/05 16:28:24 | 000,327,168 | ---- | C] () -- C:\Windows\System32\cutil32.dll [2010/02/19 18:10:36 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll [2009/10/15 16:35:47 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/05/27 19:06:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/05/18 17:15:15 | 000,005,972 | ---- | C] () -- C:\Users\Fabien\AppData\Local\d3d9caps.dat [2009/05/11 13:45:59 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009/05/11 13:45:59 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2009/05/09 11:50:06 | 000,119,296 | ---- | C] () -- C:\Users\Fabien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/08 23:22:51 | 000,031,007 | ---- | C] () -- C:\Users\Fabien\AppData\Roaming\UserTile.png [2009/05/08 23:05:38 | 000,000,000 | ---- | C] () -- C:\Users\Fabien\AppData\Local\QSwitch.txt [2009/05/08 23:05:38 | 000,000,000 | ---- | C] () -- C:\Users\Fabien\AppData\Local\DSwitch.txt [2009/05/08 23:05:38 | 000,000,000 | ---- | C] () -- C:\Users\Fabien\AppData\Local\AtStart.txt [2009/05/08 21:23:42 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2008/04/23 17:34:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\txmlutil.dll [2008/02/11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2007/08/20 13:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll [2007/08/20 13:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [2008/10/01 08:29:44 | 000,966,656 | ---- | M] () -- C:\assistant.exe [2009/12/10 11:04:42 | 005,369,856 | ---- | M] () -- C:\Logiciel de photoreflex.exe [2008/09/15 06:58:08 | 002,723,264 | ---- | M] (Microsoft Corporation) -- C:\vcredist_x86.exe [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2007/01/12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll [2008/07/17 12:06:54 | 000,001,536 | ---- | M] () MD5=CAA9BBBE220DDB97B81FAC66321B513B -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2007/09/29 22:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys [2007/09/30 13:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\SwSetup\Drivers\IMSM\Files\64\iastor.sys [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys [2007/09/30 13:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\SwSetup\Drivers\IMSM\Files\32\iastor.sys [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

EDIT :

j'ai oublie le rapport extra txt

Code: Tout sélectionner: OTL Extras logfile created on: 04/12/2010 16:32:29 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Fabien\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 137,87 Gb Total Space | 26,35 Gb Free Space | 19,11% Space Free | Partition Type: NTFS Drive D: | 11,18 Gb Total Space | 2,35 Gb Free Space | 21,05% Space Free | Partition Type: NTFS Drive G: | 944,67 Mb Total Space | 4,31 Mb Free Space | 0,46% Space Free | Partition Type: FAT Computer Name: PC-DE-FABIEN | User Name: Fabien | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Pro 2.5.Browse] -- "C:\Program Files\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems) Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Logiciel de photoreflex] -- "C:\Logiciel de photoreflex.exe" "%1" () Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{150ED3BE-4E5C-4B71-A0F1-13BCFAECA4D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{2603141C-6E41-47EC-B725-73C6F0D0C7FE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{352CF0FB-66E5-4641-8173-9A9E73A900AF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{376CAA2E-1C48-43B7-B177-F1D4F12A0786}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{3A1C72EA-D4F7-4203-9DD5-8EC13AB2E7AF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe | "{479B19A3-AF44-482B-B63F-4739C8CB7D05}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe | "{4B802C91-0EEE-430E-A778-B1DE048A8D98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{5931E572-B46E-4E1F-B7C4-4D026980FAF8}" = lport=2869 | protocol=6 | dir=in | app=system | "{5F68DA38-EFA8-4814-B174-8FA68F918E7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{6191F39F-7AB3-4F84-974F-C5F367164CD3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{629DB2AF-51CA-46AA-BE78-4D125A91107D}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{6944C8DC-621A-4A99-A3D4-3ACCDD289216}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{9904C3E0-D418-4615-A07C-C2437EFD111C}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | "{A1E3D6D0-0B69-4840-8718-0B3F6B0061CF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe | "{AB2D2F36-14FF-441A-A15C-6719E89E4637}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{B7C83ACC-1FF9-40DB-BD7D-0FD9B26133EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{C061E49A-2FFD-4625-BC39-1008982EC263}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C06A3EB5-B51F-4E89-959E-7917E7A35138}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{C6345188-FDF7-4C38-BE5F-AC28EA326061}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe | "{C744B12E-7109-4665-AB87-D3910BB92E8E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{D0AD75B3-F70A-40F8-B3D8-859A160AFADF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{D8C0773A-5D84-491F-9279-842F752B29ED}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | "{E6A01BB5-405C-4B1F-B6C8-49FA6FA94C73}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | "{EF66CCD4-3C09-42A8-A923-ED137EDE384F}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01CC372F-DC4D-4F98-B919-B021C38F850E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{0CACAC97-5EB6-4E9C-A4F0-8FD3F7AD9AC1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{19DDB0DD-24AE-4CF5-837C-BEB4A1F4EEE2}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe | "{28EB2268-34B9-4A87-9FF0-F9B2B3B501B2}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{36A2118F-E370-4330-9FFD-2F26D5E96575}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{43949986-75F5-4385-A639-A9E601F98B1A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{44DF104C-0788-4901-8DC5-028A9BDB0463}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{555AF121-D7FB-4EE3-8244-679A441D6950}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "{577AF669-2032-4935-BF06-15E744931D16}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{637FDF51-9BEB-4A04-87F9-29F0BF2F03EF}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{65562794-0C8F-4F94-BB3E-C53B87B5A66C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{69E2CC7B-5159-4E02-BE51-E2CA08E94B98}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{74D5B957-8FFD-46B7-AC04-18F235F621BC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{8AECD8F2-BAB5-417B-A4A1-6EE676E1E972}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{8C7BB814-629C-4F42-AEE9-23ACFFB70627}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "{964EA0D4-D5A4-407B-A332-B9FAA38E967E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A3D58AFC-C5AB-44F8-825C-715180779689}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{D85A666C-0777-4DCE-9842-A48D771397EE}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{DA3B4891-D5BA-465A-8554-518D2BDEB7FC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E6EAB7D0-6A92-4B98-BB44-14107150DBE5}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe | "{EDDCDF7D-445C-44FB-B811-3E5CD244B346}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EE91A1C5-F335-4725-8266-E0A5DD519EC1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "TCP Query User{3A04A71F-F3B7-4BAE-B924-4CC7B5890466}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{3CADDF5F-4B2A-47F9-96A2-A4B08C490280}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{06BF1B44-DF6B-4EC8-BE2B-825CB989DDCC}" = Google SketchUp 8 "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1 "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support "{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.6 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3 "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{85833A03-476B-43B3-B61C-5EB946DBF6E4}" = HP User Guides 0092 "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ACF317C-CA66-4363-AEBF-A073B124AA1A}" = BitDefender Total Security 2009 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista "{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant "{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "CCleaner" = CCleaner (remove only) "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "CopyTrans Suite" = CopyTrans Suite désinstallation uniquement "doPDF 6 printer_is1" = doPDF 6.3 printer "eMule" = eMule "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81 "Free Video Converter_is1" = Free Video Converter V 2.5 "Glary Utilities_is1" = Glary Utilities 2.30.0.1066 "Google Updater" = Outil de mise à jour Google "HDMI" = Intel(R) Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "Picasa 3" = Picasa 3 "SFR_Kit" = SFR - Kit de connexion "TVWiz" = Intel(R) TV Wizard "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VideoLAN VLC media player 0.8.6d "WinLiveSuite" = Windows Live "WinRAR archiver" = WinRAR archiver "Zapu - The Share Accelerator" = Zapu - The Share Accelerator [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Facebook Plug-In" = Facebook Plug-In [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 29/09/2010 07:36:18 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 29/09/2010 07:36:18 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 3931 Error - 29/09/2010 07:36:18 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3931 Error - 29/09/2010 07:36:19 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 29/09/2010 07:36:19 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 4992 Error - 29/09/2010 07:36:19 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 4992 Error - 29/09/2010 07:36:20 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 29/09/2010 07:36:20 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 6053 Error - 29/09/2010 07:36:20 | Computer Name = PC-de-Fabien | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 6053 Error - 29/09/2010 13:08:01 | Computer Name = PC-de-Fabien | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 20/11/2010 05:18:12 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000 Description = Error - 25/11/2010 11:46:14 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7009 Description = Error - 25/11/2010 11:46:14 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000 Description = Error - 26/11/2010 11:10:33 | Computer Name = PC-de-Fabien | Source = DCOM | ID = 10005 Description = Error - 26/11/2010 11:10:33 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7009 Description = Error - 26/11/2010 11:10:33 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000 Description = Error - 26/11/2010 11:11:03 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7009 Description = Error - 26/11/2010 11:12:26 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000 Description = Error - 02/12/2010 13:35:04 | Computer Name = PC-de-Fabien | Source = Service Control Manager | ID = 7000 Description = Error - 04/12/2010 08:43:23 | Computer Name = PC-de-Fabien | Source = DCOM | ID = 10010 Description = < End of report >

bernard53 · le 04 Déc 2010 19:49

Ok fait ceci dans cet ordre s.t.p

1-Téléchargez MyHosts sur votre bureau .

Pour le lancer, faites un double-clic sur l'icône de MyHosts qui se trouve sur votre bureau.

Le rapport " MyHosts.txt " s'ouvre quelques secondes après, copiez son contenu et postez-le sur le forum où vous vous faites aider.

Si par erreur vous avez fermé le rapport " MyHosts.txt " avant de le copier, vous pouvez le retrouver à la racine de votre disque système ( par exemple C:\MyHosts.txt ) .

IMPORTANT :
MyHosts doit être lancé sur une session ayant des droits "administrateur", toute exécution sur un compte "limité" entraînera l'apparition d'une fenêtre DOS vous demandant de le relancer à partir d'un compte administrateur.

2-* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
DRV - (SymIMMP) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- C:\Windows\System32\DRIVERS\SymIM.sys File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
:Files
C:\Program Files\Application Updater
- C:\Program Files\Search Settings
:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.Txt"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php

3-Télécharger AD-Remover (créé par C_XX) :

http://www.teamxscript.org/adremoverTelechargement.html

Cliquez sur "DOWNLOAD " et enregistrez-le "sur votre bureau"

Une fois téléchargé sur votre bureau, double-cliquez sur son icone pour lancer l'installation.

Sous vista et Windows7 : clic droit sur son icone et sélectionnez "Exécuter en tant qu'administrateur".
L'installation se fera automatiquement.

A l'écran principal, cliquez sur Nettoyer pour exécuter le nettoyage.

Une fois l'ordinateur redémarré, il ne vous reste plus qu'à copier/coller le rapport sur le forum comme le précédent.
Le rapport se trouve à cet endroit : C:\Ad-Report-CLEAN[1].txt

4-Télécharge USBFix depuis ce lien : <<ICI>>

Double cliquez sur "UsbFix.exe" présent sur votre bureau.
L'installation est automatique.

Branche tes lecteurs externes

Valide Recherche

Une fois l'analyse terminée, un rapport de scan vous est proposé...

CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse

Skynet · le 06 Déc 2010 20:34

salut

donc voici le rapport my host

Code: Tout sélectionner: ** Rapport MyHosts.txt ** MyHosts V.1.0.0.2 de jeanmimigab Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides Résultat de l'opération:restauration du fichier hosts réussi... ** Fin du rapport **

EDIT :

la suite le rapport OTL

Code: Tout sélectionner: All processes killed ========== OTL ========== Process ApplicationUpdater.exe killed successfully! Service Application Updater stopped successfully! Service Application Updater deleted successfully! C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully. Service SymIMMP stopped successfully! Service SymIMMP deleted successfully! File C:\Windows\System32\DRIVERS\SymIM.sys File not found not found. Service SymIM stopped successfully! Service SymIM deleted successfully! File C:\Windows\System32\DRIVERS\SymIM.sys File not found not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully. C:\Program Files\Search Settings\SearchSettings.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found. File C:\Program Files\Search Settings\SearchSettings.dll not found. ========== FILES ========== C:\Program Files\Application Updater folder moved successfully. File\Folder - C:\Program Files\Search Settings not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41085 bytes User: Default User ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Fabien ->Temp folder emptied: 2024269 bytes ->Temporary Internet Files folder emptied: 5343701 bytes ->Java cache emptied: 67198311 bytes ->FireFox cache emptied: 175501087 bytes ->Flash cache emptied: 158719 bytes User: Public User: TEMP %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 15342 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 1317485570 bytes Total Files Cleaned = 1 495,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12062010_203548 Files\Folders moved on Reboot... C:\Users\Fabien\AppData\Local\Temp\ehmsas.txt moved successfully. Registry entries deleted on Reboot...

EDIT Bis :

voici le rapport adclean

Code: Tout sélectionner: ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 11/11/10 à 11:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:53:14 le 06/12/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Fabien@PC-DE-FABIEN (Hewlett-Packard Compaq Presario A900 Notebook PC) ============== ACTION(S) ============== Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js Fichier supprimé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com Dossier supprimé: C:\Users\Fabien\AppData\LocalLow\Search Settings Dossier supprimé: C:\Program Files\Search Settings Dossier supprimé: C:\Users\Fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TorrentSpeeder Dossier supprimé: C:\Program Files\TorrentSpeeder Dossier supprimé: C:\ProgramData\Viewpoint Dossier supprimé: C:\Program Files\Viewpoint (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé supprimée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1 Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1 Clé supprimée: HKLM\Software\Application Updater Clé supprimée: HKLM\Software\MetaStream Clé supprimée: HKLM\Software\Search Settings Clé supprimée: HKLM\Software\Viewpoint Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\TorrentSpeeder Clé supprimée: HKLM\Software\Classes\Installer\Products\D82C50F59AED6DA47AA360145789E8BA Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\D82C50F59AED6DA47AA360145789E8BA Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E58306C6-FD73-43CC-A39C-A54DC2055342} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E58306C6-FD73-43CC-A39C-A54DC2055342} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9-4AD6-A73A-064175988EAB} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.12 (fr)] ** -- C:\Users\Fabien\AppData\Roaming\Mozilla\FireFox\Profiles\v8mosu4n.default\User.js -- keyword.URL, hxxp://redirecterror.sfr.fr/?q= -- C:\Users\Fabien\AppData\Roaming\Mozilla\FireFox\Profiles\v8mosu4n.default\Prefs.js -- browser.download.lastDir, C:\\Users\\Fabien\\Desktop browser.startup.homepage, hxxp://www.google.fr/ browser.startup.homepage_override.mstone, rv:1.9.2.12 keyword.URL, hxxp://redirecterror.sfr.fr/?q= ======================================== ** Internet Explorer Version [8.0.6001.18975] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 67 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 06/12/2010 (4984 Octet(s)) Fin à: 20:54:50, 06/12/2010 ============== E.O.F ==============

EDIT Ter :

et voila le rapport usbfi

Code: Tout sélectionner: ############################## | UsbFix 7.035 | [Recherche] Utilisateur: Fabien (Administrateur) # PC-DE-FABIEN [Hewlett-Packard Compaq Presario A900 Notebook PC] Mis à jour le 05/12/10 par El Desaparecido / C_XX Lancé à 21:05:24 | 06/12/2010 Site Web: http://www.teamxscript.org Contact: eldesaparecido@teamxscript.org CPU: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz CPU 2: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2 Internet Explorer 8.0.6001.18975 Pare-feu Windows: Activé Antivirus: BitDefender Antivirus 12.0 [Enabled | Updated] Firewall: BitDefender Firewall 12.0 [Enabled] RAM -> 3061 Mo C:\ (%systemdrive%) -> Disque fixe # 138 Go (32 Go libre(s) - 23%) [] # NTFS D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 21%) [PRESARIO_RP] # NTFS E:\ -> CD-ROM G:\ -> Disque amovible # 2 Go (1 Go libre(s) - 81%) [] # FAT ################## | Éléments infectieux | ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a} Shell\AutoRun\Command = F:\DPFMate.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |

bernard53 · le 06 Déc 2010 21:24

Très bien pour les rapports.

fait ceci pour USBFIX.

Branche tes lecteurs externes
Relance USBFIX
Valide Suppression
Une fois l'analyse terminée, un rapport de scan vous est proposé...

CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse

Skynet · le 06 Déc 2010 22:38

voici le rapport

Code: Tout sélectionner: ############################## | UsbFix 7.035 | [Suppression] Utilisateur: Fabien (Administrateur) # PC-DE-FABIEN [Hewlett-Packard Compaq Presario A900 Notebook PC] Mis à jour le 05/12/10 par El Desaparecido / C_XX Lancé à 22:27:29 | 06/12/2010 Site Web: http://www.teamxscript.org Contact: eldesaparecido@teamxscript.org CPU: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz CPU 2: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2 Internet Explorer 8.0.6001.18975 Pare-feu Windows: Activé Antivirus: BitDefender Antivirus 12.0 [Enabled | Updated] Firewall: BitDefender Firewall 12.0 [Enabled] RAM -> 3061 Mo C:\ (%systemdrive%) -> Disque fixe # 138 Go (31 Go libre(s) - 22%) [] # NTFS D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 21%) [PRESARIO_RP] # NTFS E:\ -> CD-ROM G:\ -> Disque amovible # 2 Go (1 Go libre(s) - 81%) [] # FAT ################## | Éléments infectieux | Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-1000 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-500 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3112872192-4035799025-1426558545-500 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3039967825-2895691146-1922016862-500 ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ed6b1376-d22b-11df-aa4c-001eec73d78a} ################## | Listing | [06/12/2010 - 22:30:05 | SHD ] C:\$RECYCLE.BIN [22/08/2009 - 18:51:42 | N | 421] C:\38-index-4.4.6.txt [17/06/2010 - 15:45:13 | N | 691] C:\38-index-4.5.9.txt [06/12/2010 - 20:54:50 | N | 5114] C:\Ad-Report-CLEAN[1].txt [15/09/2008 - 06:57:58 | N | 24576] C:\ash_spti.dll [01/10/2008 - 08:29:44 | N | 966656] C:\assistant.exe [08/05/2009 - 20:30:04 | N | 74] C:\autoexec.bat [13/09/2009 - 17:12:36 | RASHD ] C:\autorun.inf [08/05/2009 - 23:58:55 | D ] C:\Binaries [27/05/2009 - 19:30:12 | D ] C:\boot [11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr [15/09/2008 - 06:57:58 | N | 242475] C:\ca-bundle.crt [18/09/2006 - 22:43:37 | N | 10] C:\config.sys [02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings [17/06/2010 - 16:02:30 | N | 7306] C:\faire part.mcf [17/06/2010 - 16:02:29 | N | 0] C:\faire part.mcf~ [15/09/2008 - 06:57:58 | N | 131072] C:\fpxjpeg.dll [14/06/2010 - 13:06:57 | D ] C:\Games [09/05/2009 - 11:07:38 | N | 2490432] C:\HighLogging.log [14/06/2010 - 13:57:49 | D ] C:\HP [29/09/2009 - 15:12:10 | N | 132] C:\httpdwl.dat [22/08/2009 - 18:54:48 | D ] C:\imageformats [08/05/2009 - 21:22:36 | D ] C:\Intel [04/07/2009 - 21:49:18 | N | 0] C:\IO.SYS [08/05/2009 - 20:07:19 | N | 370] C:\IPH.PH [16/07/2009 - 13:10:38 | N | 212992] C:\libcurl.dll [16/07/2009 - 13:10:38 | N | 1032192] C:\libeay32.dll [15/09/2008 - 06:58:00 | N | 319488] C:\libhunspell.dll [15/09/2008 - 06:58:00 | N | 170496] C:\libssh2.dll [15/09/2008 - 06:58:00 | N | 322990] C:\libssl32.dll [10/12/2009 - 11:04:42 | N | 5369856] C:\Logiciel de photoreflex.exe [18/07/2010 - 10:47:55 | N | 127] C:\mbam-error.txt [04/07/2009 - 21:49:18 | N | 0] C:\MSDOS.SYS [08/05/2009 - 20:39:54 | RHD ] C:\MSOCache [06/12/2010 - 20:32:44 | D ] C:\MyHosts [06/12/2010 - 20:32:45 | N | 230] C:\MyHosts.txt [06/12/2010 - 20:56:41 | ASH | 3524546560] C:\pagefile.sys [17/06/2010 - 15:47:27 | D ] C:\photofun [15/09/2008 - 06:58:02 | N | 163840] C:\picn1020.dll [15/09/2008 - 06:58:02 | N | 188416] C:\picn1120.dll [15/09/2008 - 06:58:02 | N | 118784] C:\picn1320.dll [15/09/2008 - 06:58:04 | N | 180224] C:\picn20.dll [15/09/2008 - 06:58:04 | N | 159744] C:\picn2720.dll [15/09/2008 - 06:58:06 | N | 1511424] C:\picn6620.dll [15/09/2008 - 06:58:06 | N | 1507328] C:\picn6720.dll [06/12/2010 - 20:54:26 | D ] C:\Program Files [06/12/2010 - 20:54:24 | HD ] C:\ProgramData [16/07/2009 - 13:10:20 | N | 1052672] C:\QtCLucene4.dll [16/07/2009 - 13:10:22 | N | 2076672] C:\QtCore4.dll [27/11/2009 - 11:48:34 | N | 7671808] C:\QtGui4.dll [16/07/2009 - 13:10:32 | N | 413696] C:\QtHelp4.dll [16/07/2009 - 13:10:32 | N | 921600] C:\QtNetwork4.dll [16/07/2009 - 13:10:34 | N | 200704] C:\QtSql4.dll [16/07/2009 - 13:10:34 | N | 270336] C:\QtSvg4.dll [16/07/2009 - 13:10:34 | N | 9318400] C:\QtWebKit4.dll [16/07/2009 - 13:10:38 | N | 364544] C:\QtXml4.dll [15/09/2008 - 06:57:56 | N | 450560] C:\RecDev.dll [15/09/2008 - 06:57:56 | N | 85504] C:\RedEye.dll [17/06/2010 - 15:51:13 | D ] C:\resources [15/09/2008 - 06:58:08 | N | 753664] C:\sadw.dll [15/09/2008 - 06:58:08 | N | 380928] C:\safpx.dll [15/09/2008 - 06:57:56 | N | 77824] C:\SAFPXLB.dll [15/09/2008 - 06:57:56 | N | 147456] C:\SoftCore.dll [16/07/2009 - 13:10:38 | N | 212992] C:\ssleay32.dll [26/06/2009 - 12:13:59 | D ] C:\SwSetup [06/12/2010 - 21:56:11 | SHD ] C:\System Volume Information [08/05/2009 - 23:02:25 | D ] C:\System.sav [13/09/2009 - 18:03:29 | N | 692] C:\TCleaner.txt [16/05/2009 - 10:00:40 | N | 594] C:\updatedatfix.log [06/12/2010 - 22:30:05 | D ] C:\UsbFix [06/12/2010 - 22:27:36 | A | 5190] C:\UsbFix.txt [21/03/2010 - 11:48:03 | D ] C:\Users [15/09/2008 - 06:58:08 | N | 2723264] C:\vcredist_x86.exe [05/12/2010 - 17:22:38 | D ] C:\Windows [15/09/2008 - 06:58:10 | N | 77824] C:\wnaspi32.dll [15/09/2008 - 06:57:58 | N | 299008] C:\XMPFiles.dll [15/09/2008 - 06:57:58 | N | 327680] C:\XMPToolkit.dll [15/09/2008 - 06:58:10 | N | 69632] C:\zlib1.dll [15/09/2008 - 06:57:58 | N | 1053696] C:\_ISource30.dll [04/12/2010 - 17:37:04 | D ] C:\_OTL [15/09/2008 - 06:57:58 | N | 81920] C:\_SAFPX10.dll [15/09/2008 - 06:57:58 | N | 368640] C:\_SAJ2K10.dll [15/09/2008 - 06:57:58 | N | 225280] C:\_SARAW10.dll [06/12/2010 - 22:30:05 | SHD ] D:\$RECYCLE.BIN [11/09/2005 - 16:18:54 | N | 340] D:\AUTOMODE [13/09/2009 - 17:12:36 | RASHD ] D:\autorun.inf [08/05/2009 - 22:54:25 | N | 13] D:\BLOCK.RIN [08/05/2009 - 23:46:45 | D ] D:\boot [04/10/2006 - 00:02:44 | SH | 438328] D:\bootmgr [06/09/2008 - 12:19:22 | SH | 891] D:\Desktop.ini [10/09/2002 - 17:14:28 | N | 8134] D:\Folder.htt [08/05/2009 - 23:46:45 | D ] D:\HP [08/05/2009 - 23:05:00 | N | 828] D:\MASTER.LOG [08/05/2009 - 23:46:45 | D ] D:\preload [29/01/2007 - 18:59:36 | N | 109342] D:\protect.chinese hong kong [29/01/2007 - 18:59:24 | N | 109360] D:\protect.chinese simplified [29/01/2007 - 18:59:36 | N | 109342] D:\protect.chinese traditional [14/02/2007 - 19:30:34 | N | 111653] D:\protect.czech [29/01/2007 - 18:55:24 | N | 109124] D:\protect.danish [29/01/2007 - 18:57:48 | N | 109049] D:\protect.dutch [29/01/2007 - 18:55:48 | N | 109092] D:\protect.ed [29/01/2007 - 18:55:48 | N | 109092] D:\protect.english [29/01/2007 - 18:56:08 | N | 109092] D:\protect.finnish [29/01/2007 - 18:56:20 | N | 109060] D:\protect.french [29/01/2007 - 18:55:34 | N | 109094] D:\protect.german [14/02/2007 - 19:38:50 | N | 112541] D:\protect.greek [14/02/2007 - 19:40:00 | N | 112375] D:\protect.hebrew [28/08/2007 - 15:57:46 | N | 111475] D:\protect.hungarian [29/01/2007 - 18:56:46 | N | 108979] D:\protect.italian [29/01/2007 - 18:57:30 | N | 109795] D:\protect.japanese [29/01/2007 - 18:57:36 | N | 109487] D:\protect.korean [14/02/2007 - 19:44:28 | N | 111402] D:\protect.norwegian [14/02/2007 - 19:45:16 | N | 111585] D:\protect.polish [14/02/2007 - 19:46:04 | N | 111448] D:\protect.portuguese [14/02/2007 - 19:46:40 | N | 111697] D:\protect.portuguese brazilian [29/01/2007 - 18:58:20 | N | 163804] D:\protect.russian [29/01/2007 - 18:55:54 | N | 109016] D:\protect.spanish [14/02/2007 - 19:48:56 | N | 111445] D:\protect.swedish [14/02/2007 - 19:49:30 | N | 111598] D:\protect.turkish [08/05/2009 - 23:46:46 | RD ] D:\RECOVERY [08/05/2009 - 23:46:45 | D ] D:\SOURCES [08/05/2009 - 23:46:45 | SHD ] D:\System Volume Information [08/05/2009 - 23:46:46 | D ] D:\Tools [08/05/2009 - 21:48:16 | N | 0] D:\USER [08/05/2009 - 23:46:45 | D ] D:\WINDOWS [01/01/1601 - 01:00:00 | D ] G:\DCIM [01/01/1601 - 01:00:00 | D ] G:\MISC ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-FABIEN.zip http://www.teamxscript.org/Upload.php Merci de votre contribution. ################## | E.O.F |

Skynet · le 07 Déc 2010 10:10

Bonjour,

@cana14 : Merci de lire les consignes en haut du sujet pour les balises [code], c'est la seconde fois que je corrige et pas qu'un peu.

Merci aussi de te servir du bouton "EDITER" au besoin.

Cordialement.

bernard53 · le 07 Déc 2010 12:50

OK cana14 comment va ton pc maintenant?

cana14 · le 07 Déc 2010 17:56

Salut bien écoute a priori j'ai plu le message de Windows installer donc cela a l'air d'avoir porté s'est fruit tes conseils.
je te remercie beaucoup
a plus

bernard53 · le 07 Déc 2010 18:31

ok fait ceci pour terminer.

Télécharge << DelFix >> de Xplode

* Lance le.

* A l'invite, [Suppression] ()

* Un rapport va s'ouvrir à la fin, colle le dans la réponse

Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]

Puis:

Bon maintenant on va mettre la restauration du système propre.
Pour cela:

1- Valides les touches Windows et Pause en même temps.

Puis Protection du système

Sur cette fenêtre décoches la case concernant le DD ou est installé ton système normalement C:

Valide et acceptes les demandes suivantes.

***Pour Windows 7** il faut valider l'onglet Configurer puis valider la désactivation de la restauration.

**Toujours sur cette même fenêtre : Il te faut donc maintenant recrée un nouveau point de restauration.

Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »

Nommes ce point PC- Clean: Valides.

Vous pouvez maintenant fermer toutes les fenêtres.

Bonne soirée

Probleme avec explorer

Probleme avec explorer

Re: Probleme avec explorer

Re: Probleme avec explorer

Re: Probleme avec explorer

Re: Probleme avec explorer

Re: Probleme avec explorer

Re: Probleme avec explorer

Sujets similaires

Qui est en ligne