Bonjours/soir Pc qui s’éteint seul puis se rallume seul :(
Dernière réponse : dans Sécurité
Bonjours ,
J'ai un ordi ACER , cela fait environs 5-6mois que mon P-C s'éteint puis se rallume (parfois plusieurs fois..)
Avez vous des solutions pour à mon problème ?
Merci d'avance ! =)
Ps : je suis un Noob en informatique ...
J'ai un ordi ACER , cela fait environs 5-6mois que mon P-C s'éteint puis se rallume (parfois plusieurs fois..)
Avez vous des solutions pour à mon problème ?
Merci d'avance ! =)
Ps : je suis un Noob en informatique ...
Autres pages sur : bonjours soir eteint seul rallume seul
Lassé par la pub ? Créez un compte
Bonsoir
ce n'est pas sûr du tout que cela soit dû à un virus...
1
Télécharge![]()
DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
++
****
2
Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php - clic sur "Download EXE" et télécharge le fichier sur ton bureau.
Voir le tutorial GMER, ça peut peut-être t'aider : http://www.malekal.com/tutorial_GMER.php
Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
Double-clique sur le fichier GMER téléchargé.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet "rootkit"
A droite, coche tout.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton Bureau et poste le contenu ici.
ce n'est pas sûr du tout que cela soit dû à un virus...
1
Télécharge
DDS et sauvegarde-le sur ton bureau.<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
++
****
2
Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php - clic sur "Download EXE" et télécharge le fichier sur ton bureau.
Voir le tutorial GMER, ça peut peut-être t'aider : http://www.malekal.com/tutorial_GMER.php
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Le rapport doit alors apparaître.
Bonjours , avec le premier logiciel j'ai réussi mais au 2ème logiciel une page bleu s'affiche et mon P.C s'éteint comme il a l'habitude le faire . ![:(]( ":(")
Voici le rapport DDS :
DDS (Ver_10-12-12.02) - NTFSx86
Run by Julien at 9:05:21,68 on 15/01/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.956 [GMT 1:00]
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\CoSoSys Ltd\Secure it Easy\SIEservice.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\CoSoSys Ltd\Secure it Easy\SiENotifier.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uStart Page = hxxp://www.lo.st
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/hypercam/{E7D64F14-7BF5-4429-A593-8979765559C6}
mWindow Title =
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - c:\program files\sfr\kit\SFRNavErrorHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: OfferBox: {fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} - c:\program files\offerbox\OfferBoxBHO.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hyprecam toolbar\tbcore3.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar avec bloqueur de fenêtres pop-up: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
TB: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [CollaborationHost] c:\windows\system32\p2phost.exe -s
uRun: [Connexion SFR 9props.exe] "c:\program files\sfr\kit\9props.exe" /trayicon
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [EPSON Stylus DX7400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe /fu "c:\users\julien~1.pc-\appdata\local\temp\E_S5989.tmp" /EF "HKCU"
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
uRun: [cacaoweb] "c:\users\julien.pc-de-edvard\appdata\roaming\cacaoweb\cacaoweb.exe" -noplayer
uRun: [Acer Tour Reminder]
uRun: [ViVi Cursor] "c:\program files\vivi cursor 2.0\ViVi_Cursor.exe" -start
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Acer Empowering Technology Monitor] c:\acer\empowering technology\SysMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [WarReg_PopUp] c:\acer\wr_popup\WarReg_PopUp.exe
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Skytel] Skytel.exe
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [eorezo]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pcmmed~1.lnk - c:\program files\acer arcade live\acer homemedia connect\kernel\dms\PCMMediaSharing.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secure~1.lnk - c:\program files\cososys ltd\secure it easy\SiENotifier.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Envoyer à OneNote - /105
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\wbsrv.dll
AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\julien~1.pc-\appdata\roaming\mozilla\firefox\profiles\zcu5n4ut.default\
FF - prefs.js: browser.search.selectedEngine - iMesh Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\imesh applications\mediabar\datamngr\firefoxextension\components\DataMngrHlp.dll
FF - component: c:\users\julien.pc-de-edvard\appdata\roaming\mozilla\firefox\profiles\zcu5n4ut.default\extensions\{28d35620-51d9-11de-9d13-2db156d89593}\components\dtTransparency.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google updater\2.4.1691.8062\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mywebsearch\bar\2.bin\NPMYWEBS.DLL
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\julien.pc-de-edvard\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: MediaBar: {28D35620-51D9-11DE-9D13-2DB156D89593} - %profile%\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: My Web Search: m3ffxtbr@mywebsearch.com - c:\program files\mywebsearch\bar\2.bin
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-8-25 11608]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade live\acer playmovie\000.fcl [2007-11-21 39408]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2007-5-6 266343]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2010-8-25 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-25 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-25 56816]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2010-8-7 28762]
R2 Secure it Easy;Secure it Easy;c:\program files\cososys ltd\secure it easy\SIEservice.exe [2009-6-3 65736]
R2 sieflt;sieflt;c:\windows\system32\drivers\sieflt.sys [2009-9-4 34112]
S2 AGWinService;AG Windows Service;"c:\program files\agi\common\win32\pythonservice.exe" --> c:\program files\agi\common\win32\PythonService.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca2584d44ef949;Service Google Update (gupdate1ca2584d44ef949);c:\program files\google\update\GoogleUpdate.exe [2009-8-25 133104]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-9 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]
S3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-5-31 80744]
=============== Created Last 30 ================
2011-01-14 10:57:20 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{a52e28b2-f9b2-45e1-a485-84ce2518da12}\mpengine.dll
2011-01-12 05:12:51 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 05:12:50 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 05:12:50 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-12 05:12:50 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 05:12:50 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 05:12:50 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 05:12:47 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-25 12:27:38 -------- d-----w- c:\progra~2\26234
2010-12-25 08:13:25 -------- d-----w- c:\program files\Unlocker
2010-12-25 08:01:31 -------- d-----w- c:\progra~2\Chat Republic Games
2010-12-16 16:46:26 -------- d-----w- c:\users\julien~1.pc-\appdata\roaming\PhotoFiltre
2010-12-16 16:42:35 -------- d-----w- c:\users\julien~1.pc-\appdata\roaming\PhotoFiltre Studio X
2010-12-16 16:42:19 -------- d-----w- c:\program files\PhotoFiltre Studio X
==================== Find3M ====================
2010-12-19 19:55:36 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-19 19:55:36 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-06 11:10:29 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:10:13 357376 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:10:13 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:09:57 603648 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-05 00:53:47 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:02:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:03:07 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 12:56:58 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-19 09:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 14:01:05 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:56:44 2037248 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 9:06:28,80 ===============
Voici le rapport DDS :
DDS (Ver_10-12-12.02) - NTFSx86
Run by Julien at 9:05:21,68 on 15/01/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.956 [GMT 1:00]
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\CoSoSys Ltd\Secure it Easy\SIEservice.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\CoSoSys Ltd\Secure it Easy\SiENotifier.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uStart Page = hxxp://www.lo.st
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/hypercam/{E7D64F14-7BF5-4429-A593-8979765559C6}
mWindow Title =
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - c:\program files\sfr\kit\SFRNavErrorHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: OfferBox: {fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} - c:\program files\offerbox\OfferBoxBHO.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hyprecam toolbar\tbcore3.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar avec bloqueur de fenêtres pop-up: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
TB: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [CollaborationHost] c:\windows\system32\p2phost.exe -s
uRun: [Connexion SFR 9props.exe] "c:\program files\sfr\kit\9props.exe" /trayicon
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [EPSON Stylus DX7400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe /fu "c:\users\julien~1.pc-\appdata\local\temp\E_S5989.tmp" /EF "HKCU"
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
uRun: [cacaoweb] "c:\users\julien.pc-de-edvard\appdata\roaming\cacaoweb\cacaoweb.exe" -noplayer
uRun: [Acer Tour Reminder]
uRun: [ViVi Cursor] "c:\program files\vivi cursor 2.0\ViVi_Cursor.exe" -start
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Acer Empowering Technology Monitor] c:\acer\empowering technology\SysMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [WarReg_PopUp] c:\acer\wr_popup\WarReg_PopUp.exe
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Skytel] Skytel.exe
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [eorezo]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pcmmed~1.lnk - c:\program files\acer arcade live\acer homemedia connect\kernel\dms\PCMMediaSharing.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secure~1.lnk - c:\program files\cososys ltd\secure it easy\SiENotifier.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Envoyer à OneNote - /105
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\wbsrv.dll
AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\julien~1.pc-\appdata\roaming\mozilla\firefox\profiles\zcu5n4ut.default\
FF - prefs.js: browser.search.selectedEngine - iMesh Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\imesh applications\mediabar\datamngr\firefoxextension\components\DataMngrHlp.dll
FF - component: c:\users\julien.pc-de-edvard\appdata\roaming\mozilla\firefox\profiles\zcu5n4ut.default\extensions\{28d35620-51d9-11de-9d13-2db156d89593}\components\dtTransparency.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google updater\2.4.1691.8062\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mywebsearch\bar\2.bin\NPMYWEBS.DLL
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\julien.pc-de-edvard\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: MediaBar: {28D35620-51D9-11DE-9D13-2DB156D89593} - %profile%\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: My Web Search: m3ffxtbr@mywebsearch.com - c:\program files\mywebsearch\bar\2.bin
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-8-25 11608]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade live\acer playmovie\000.fcl [2007-11-21 39408]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2007-5-6 266343]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2010-8-25 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-25 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-25 56816]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2010-8-7 28762]
R2 Secure it Easy;Secure it Easy;c:\program files\cososys ltd\secure it easy\SIEservice.exe [2009-6-3 65736]
R2 sieflt;sieflt;c:\windows\system32\drivers\sieflt.sys [2009-9-4 34112]
S2 AGWinService;AG Windows Service;"c:\program files\agi\common\win32\pythonservice.exe" --> c:\program files\agi\common\win32\PythonService.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca2584d44ef949;Service Google Update (gupdate1ca2584d44ef949);c:\program files\google\update\GoogleUpdate.exe [2009-8-25 133104]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-9 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]
S3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-5-31 80744]
=============== Created Last 30 ================
2011-01-14 10:57:20 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{a52e28b2-f9b2-45e1-a485-84ce2518da12}\mpengine.dll
2011-01-12 05:12:51 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 05:12:50 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 05:12:50 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-12 05:12:50 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 05:12:50 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 05:12:50 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 05:12:47 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-25 12:27:38 -------- d-----w- c:\progra~2\26234
2010-12-25 08:13:25 -------- d-----w- c:\program files\Unlocker
2010-12-25 08:01:31 -------- d-----w- c:\progra~2\Chat Republic Games
2010-12-16 16:46:26 -------- d-----w- c:\users\julien~1.pc-\appdata\roaming\PhotoFiltre
2010-12-16 16:42:35 -------- d-----w- c:\users\julien~1.pc-\appdata\roaming\PhotoFiltre Studio X
2010-12-16 16:42:19 -------- d-----w- c:\program files\PhotoFiltre Studio X
==================== Find3M ====================
2010-12-19 19:55:36 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-19 19:55:36 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-06 11:10:29 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:10:13 357376 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:10:13 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:09:57 603648 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-05 00:53:47 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:02:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:03:07 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 12:56:58 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-19 09:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 14:01:05 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:56:44 2037248 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 9:06:28,80 ===============
Bonjour
ok, on va commencer à désinfecter sans le rapport GMER![;)]( ";)")
+++++++++++
1
Télécharge ![]()
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Scanner.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
2
Télécharge TDSSKiller de Kaspersky sur ton bureau.
Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
Double clique sur "TDSSKiller.exe" pour lancer l'outil.
(Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)
Clique alors sur le bouton "Start Scan".
Laisse le scan s'effectuer.
Dans la fenêtre de résultat, assures-toi que "Malicious objects" ait le statut "Cure"
Pour la partie "Suspicious object" clique sur "Skip" et choisi "Quarantine"
Clique enfin sur "Continue"
Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"
Au redémarrage va chercher le rapport de suppression, il se trouve ici :
C:\ TDSSKiller.x.x.x.x_date_heure_log.txt
Poste son contenu dans ta prochaine réponse.
ok, on va commencer à désinfecter sans le rapport GMER
+++++++++++
1
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau./!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
2
Télécharge TDSSKiller de Kaspersky sur ton bureau.
(Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)
C:\ TDSSKiller.x.x.x.x_date_heure_log.txt
Poste son contenu dans ta prochaine réponse.
Voici la rapport AD-R :
Et Kapersky n'a donné aucun résultat ! =)
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 16/01/11 à 02:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 20:14:50 le 16/01/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
Julien@PC-DE-PAUL (Acer Aspire M5100)
============== RECHERCHE ==============
Service: "MyWebSearchService" Présent
Fichier trouvé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
Fichier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
Fichier trouvé: C:\Windows\system32\f3PSSavr.scr
Fichier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\mywebsearch.xml
Fichier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\web-search.xml
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\iMeshMediabarTb
Dossier trouvé: C:\Program Files\Everest Poker
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\DesktopIcon
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\FunWebProducts
Dossier trouvé: C:\Program Files\FunWebProducts
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\live-player
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\live-player
Dossier trouvé: C:\Program Files\live-player
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\MyWebSearch
Dossier trouvé: C:\Program Files\MyWebSearch
Dossier trouvé: C:\Program Files\SpiderMessenger
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Toolbar4
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\EoRezo
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files\EoRezo
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\ProgramData\iMesh
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
Dossier trouvé: C:\Program Files\iMesh Applications
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\iMeshMediabarTb
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\AGI
Dossier trouvé: C:\ProgramData\AGI
Dossier trouvé: C:\Program Files\AGI
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Kiwee Toolbar
Fichier trouvé: C:\Program Files\Windows Live\Messenger\Riched20.dll
Fichier trouvé: C:\Program Files\Windows Live\Messenger\Msimg32.dll
Fichier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Local\lbantjfw.bat
-- Fichier ouvert: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
Ligne trouvée: user_pref("extensions.enabledItems", "illimitux@illimitux.net:4.0,{20a82645-c095-46ed-80e3-088257605...
Ligne trouvée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKLM\Software\Classes\CLSID\{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
Clé trouvée: HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Clé trouvée: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Clé trouvée: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
Clé trouvée: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé trouvée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
Clé trouvée: HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Clé trouvée: HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Clé trouvée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Clé trouvée: HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Clé trouvée: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Clé trouvée: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Clé trouvée: HKLM\Software\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Clé trouvée: HKLM\Software\Classes\AppID\{969D2C61-9B16-407c-86B7-397BF4579BE6}
Clé trouvée: HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Clé trouvée: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Clé trouvée: HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Clé trouvée: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Clé trouvée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé trouvée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Clé trouvée: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Clé trouvée: HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Clé trouvée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Clé trouvée: HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Clé trouvée: HKLM\Software\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Clé trouvée: HKLM\Software\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Clé trouvée: HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
Clé trouvée: HKLM\Software\Classes\AppID\{AD71F65D-CD13-4837-A2DC-E4D90020E7D4}
Clé trouvée: HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Clé trouvée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Clé trouvée: HKLM\Software\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Clé trouvée: HKLM\Software\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Clé trouvée: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Clé trouvée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Clé trouvée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15}
Clé trouvée: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé trouvée: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Clé trouvée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Clé trouvée: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Clé trouvée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Clé trouvée: HKLM\Software\Classes\CLSID\{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
Clé trouvée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Clé trouvée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Clé trouvée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé trouvée: HKLM\Software\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
Clé trouvée: HKLM\Software\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Clé trouvée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé trouvée: HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
Clé trouvée: HKLM\Software\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Clé trouvée: HKLM\Software\Classes\CLSID\{B0639356-335C-4E47-B63C-12531A7A5206}
Clé trouvée: HKLM\Software\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
Clé trouvée: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé trouvée: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé trouvée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Clé trouvée: HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Clé trouvée: HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Clé trouvée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Clé trouvée: HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Clé trouvée: HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Clé trouvée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Clé trouvée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Clé trouvée: HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Clé trouvée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Clé trouvée: HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Clé trouvée: HKLM\Software\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
Clé trouvée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Clé trouvée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé trouvée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé trouvée: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
Clé trouvée: HKLM\Software\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\CLSID\{FD675817-9EFE-40cd-A75E-E94D1C85D1FE}
Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Clé trouvée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Clé trouvée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Clé trouvée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Clé trouvée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Clé trouvée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé trouvée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé trouvée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Clé trouvée: HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}
Clé trouvée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Clé trouvée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Clé trouvée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Clé trouvée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Clé trouvée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Clé trouvée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Clé trouvée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Clé trouvée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Clé trouvée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Clé trouvée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Clé trouvée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Clé trouvée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Clé trouvée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Clé trouvée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Clé trouvée: HKLM\Software\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Clé trouvée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé trouvée: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé trouvée: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Clé trouvée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Clé trouvée: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Clé trouvée: HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Clé trouvée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Clé trouvée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Clé trouvée: HKLM\Software\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Clé trouvée: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Clé trouvée: HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Clé trouvée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Clé trouvée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Clé trouvée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Clé trouvée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Clé trouvée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eephhas
Clé trouvée: HKLM\Software\Classes\AG.MediaPlayerCOM
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl
Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2
Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager
Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager
Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1
Clé trouvée: HKLM\Software\Classes\iMesh.AudioCD
Clé trouvée: HKLM\Software\Classes\iMesh.Device
Clé trouvée: HKLM\Software\Classes\iMesh.file
Clé trouvée: HKLM\Software\Classes\iMesh.LauncherEventHandler
Clé trouvée: HKLM\Software\Classes\iMesh.LauncherEventHandler.1
Clé trouvée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard
Clé trouvée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1
Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel
Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton
Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin
Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton
Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller
Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKLM\Software\AGI
Clé trouvée: HKLM\Software\DataMngr
Clé trouvée: HKLM\Software\FocusInteractive
Clé trouvée: HKLM\Software\Fun Web Products
Clé trouvée: HKLM\Software\iMesh
Clé trouvée: HKLM\Software\MyWebSearch
Clé trouvée: HKCU\Software\SpiderMessenger
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\AGI
Clé trouvée: HKCU\Software\DataMngr
Clé trouvée: HKCU\Software\FunWebProducts
Clé trouvée: HKCU\Software\Grand Virtual
Clé trouvée: HKCU\Software\MyWebSearch
Clé trouvée: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Clé trouvée: HKCU\Software\AppDataLow\Software\Fun Web Products
Clé trouvée: HKCU\Software\AppDataLow\Software\FunWebProducts
Clé trouvée: HKCU\Software\AppDataLow\Software\MyWebSearch
Clé trouvée: HKU\.DEFAULT\Software\AGI
Clé trouvée: HKU\S-1-5-18\Software\AGI
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D35620-51D9-11DE-9D13-2DB156D89593}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Clé trouvée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé trouvée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé trouvée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Clé trouvée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Clé trouvée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin
Valeur trouvée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|toolbar@kiwee.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
browser.search.defaultenginename, Web Search...
browser.search.selectedEngine, iMesh Web Search
browser.startup.homepage, hxxp://search.imesh.com/
browser.startup.homepage_override.mstone, rv:1.9.2.13
keyword.URL, hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
========================================
** Internet Explorer Version [8.0.6001.18999] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://www.facebook.com/?ref=hp
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.bigseekpro.com/hypercam/{E7D64F14-7BF5-4429-A593-8979765559C6}
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 16/01/2011 (29583 Octet(s))
C:\Ad-Report-SCAN[2].txt - 16/01/2011 (29510 Octet(s))
Fin à: 20:15:27, 16/01/2011
============== E.O.F ==============
Et Kapersky n'a donné aucun résultat ! =)
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 16/01/11 à 02:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 20:14:50 le 16/01/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
Julien@PC-DE-PAUL (Acer Aspire M5100)
============== RECHERCHE ==============
Service: "MyWebSearchService" Présent
Fichier trouvé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
Fichier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
Fichier trouvé: C:\Windows\system32\f3PSSavr.scr
Fichier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\mywebsearch.xml
Fichier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\web-search.xml
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\iMeshMediabarTb
Dossier trouvé: C:\Program Files\Everest Poker
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\DesktopIcon
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\FunWebProducts
Dossier trouvé: C:\Program Files\FunWebProducts
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\live-player
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\live-player
Dossier trouvé: C:\Program Files\live-player
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\MyWebSearch
Dossier trouvé: C:\Program Files\MyWebSearch
Dossier trouvé: C:\Program Files\SpiderMessenger
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Toolbar4
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\EoRezo
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files\EoRezo
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\ProgramData\iMesh
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
Dossier trouvé: C:\Program Files\iMesh Applications
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\iMeshMediabarTb
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\AGI
Dossier trouvé: C:\ProgramData\AGI
Dossier trouvé: C:\Program Files\AGI
Dossier trouvé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Kiwee Toolbar
Fichier trouvé: C:\Program Files\Windows Live\Messenger\Riched20.dll
Fichier trouvé: C:\Program Files\Windows Live\Messenger\Msimg32.dll
Fichier trouvé: C:\Users\Julien.PC-de-edvard\AppData\Local\lbantjfw.bat
-- Fichier ouvert: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
Ligne trouvée: user_pref("extensions.enabledItems", "illimitux@illimitux.net:4.0,{20a82645-c095-46ed-80e3-088257605...
Ligne trouvée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé trouvée: HKLM\Software\Classes\CLSID\{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
Clé trouvée: HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Clé trouvée: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Clé trouvée: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
Clé trouvée: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé trouvée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
Clé trouvée: HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Clé trouvée: HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Clé trouvée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Clé trouvée: HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Clé trouvée: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Clé trouvée: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Clé trouvée: HKLM\Software\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Clé trouvée: HKLM\Software\Classes\AppID\{969D2C61-9B16-407c-86B7-397BF4579BE6}
Clé trouvée: HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Clé trouvée: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Clé trouvée: HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Clé trouvée: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Clé trouvée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé trouvée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Clé trouvée: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé trouvée: HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Clé trouvée: HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Clé trouvée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Clé trouvée: HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Clé trouvée: HKLM\Software\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Clé trouvée: HKLM\Software\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Clé trouvée: HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
Clé trouvée: HKLM\Software\Classes\AppID\{AD71F65D-CD13-4837-A2DC-E4D90020E7D4}
Clé trouvée: HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Clé trouvée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Clé trouvée: HKLM\Software\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Clé trouvée: HKLM\Software\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Clé trouvée: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Clé trouvée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Clé trouvée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15}
Clé trouvée: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé trouvée: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Clé trouvée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Clé trouvée: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Clé trouvée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Clé trouvée: HKLM\Software\Classes\CLSID\{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
Clé trouvée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Clé trouvée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Clé trouvée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé trouvée: HKLM\Software\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
Clé trouvée: HKLM\Software\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Clé trouvée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé trouvée: HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
Clé trouvée: HKLM\Software\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé trouvée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Clé trouvée: HKLM\Software\Classes\CLSID\{B0639356-335C-4E47-B63C-12531A7A5206}
Clé trouvée: HKLM\Software\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
Clé trouvée: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé trouvée: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé trouvée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Clé trouvée: HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Clé trouvée: HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Clé trouvée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Clé trouvée: HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Clé trouvée: HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Clé trouvée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Clé trouvée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Clé trouvée: HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Clé trouvée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Clé trouvée: HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Clé trouvée: HKLM\Software\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
Clé trouvée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Clé trouvée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé trouvée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé trouvée: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
Clé trouvée: HKLM\Software\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\CLSID\{FD675817-9EFE-40cd-A75E-E94D1C85D1FE}
Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Clé trouvée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Clé trouvée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Clé trouvée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Clé trouvée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Clé trouvée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé trouvée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé trouvée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Clé trouvée: HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}
Clé trouvée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Clé trouvée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Clé trouvée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Clé trouvée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Clé trouvée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Clé trouvée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Clé trouvée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Clé trouvée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Clé trouvée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Clé trouvée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Clé trouvée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Clé trouvée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Clé trouvée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Clé trouvée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Clé trouvée: HKLM\Software\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Clé trouvée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Clé trouvée: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé trouvée: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé trouvée: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Clé trouvée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé trouvée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Clé trouvée: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Clé trouvée: HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Clé trouvée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Clé trouvée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Clé trouvée: HKLM\Software\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Clé trouvée: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Clé trouvée: HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Clé trouvée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Clé trouvée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Clé trouvée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Clé trouvée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Clé trouvée: HKLM\Software\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Clé trouvée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eephhas
Clé trouvée: HKLM\Software\Classes\AG.MediaPlayerCOM
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl
Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2
Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager
Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager
Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl
Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1
Clé trouvée: HKLM\Software\Classes\iMesh.AudioCD
Clé trouvée: HKLM\Software\Classes\iMesh.Device
Clé trouvée: HKLM\Software\Classes\iMesh.file
Clé trouvée: HKLM\Software\Classes\iMesh.LauncherEventHandler
Clé trouvée: HKLM\Software\Classes\iMesh.LauncherEventHandler.1
Clé trouvée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard
Clé trouvée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1
Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel
Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton
Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin
Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton
Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin
Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller
Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKLM\Software\AGI
Clé trouvée: HKLM\Software\DataMngr
Clé trouvée: HKLM\Software\FocusInteractive
Clé trouvée: HKLM\Software\Fun Web Products
Clé trouvée: HKLM\Software\iMesh
Clé trouvée: HKLM\Software\MyWebSearch
Clé trouvée: HKCU\Software\SpiderMessenger
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\AGI
Clé trouvée: HKCU\Software\DataMngr
Clé trouvée: HKCU\Software\FunWebProducts
Clé trouvée: HKCU\Software\Grand Virtual
Clé trouvée: HKCU\Software\MyWebSearch
Clé trouvée: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Clé trouvée: HKCU\Software\AppDataLow\Software\Fun Web Products
Clé trouvée: HKCU\Software\AppDataLow\Software\FunWebProducts
Clé trouvée: HKCU\Software\AppDataLow\Software\MyWebSearch
Clé trouvée: HKU\.DEFAULT\Software\AGI
Clé trouvée: HKU\S-1-5-18\Software\AGI
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D35620-51D9-11DE-9D13-2DB156D89593}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Clé trouvée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé trouvée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé trouvée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Clé trouvée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Clé trouvée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin
Valeur trouvée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|toolbar@kiwee.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
browser.search.defaultenginename, Web Search...
browser.search.selectedEngine, iMesh Web Search
browser.startup.homepage, hxxp://search.imesh.com/
browser.startup.homepage_override.mstone, rv:1.9.2.13
keyword.URL, hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
========================================
** Internet Explorer Version [8.0.6001.18999] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://www.facebook.com/?ref=hp
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.bigseekpro.com/hypercam/{E7D64F14-7BF5-4429-A593-8979765559C6}
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 16/01/2011 (29583 Octet(s))
C:\Ad-Report-SCAN[2].txt - 16/01/2011 (29510 Octet(s))
Fin à: 20:15:27, 16/01/2011
============== E.O.F ==============
Bonsoir
tu fais la moitié de ce que je te demande![:D]( ":D")
Par contre, apparemment, pour installer des toolbars foireuses, tu t'en sors bien. Il faut lire avant d'installer toit et n'importe quoi, sinon, ton pc va se transformer en poubelle.
Lire: Les toolbars c'est pas obligatoire!
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Nettoyer.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
![]()
après, tu fais vraiment ça:
Télécharge TDSSKiller de Kaspersky sur ton bureau.
Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
Double clique sur "TDSSKiller.exe" pour lancer l'outil.
(Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)
Clique alors sur le bouton "Start Scan".
Laisse le scan s'effectuer.
Dans la fenêtre de résultat, assures-toi que "Malicious objects" ait le statut "Cure"
Pour la partie "Suspicious object" clique sur "Skip" et choisi "Quarantine"
Clique enfin sur "Continue"
Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"
Au redémarrage va chercher le rapport de suppression, il se trouve ici :
C:\ TDSSKiller.x.x.x.x_date_heure_log.txt
Poste son contenu dans ta prochaine réponse.
tu fais la moitié de ce que je te demande
Par contre, apparemment, pour installer des toolbars foireuses, tu t'en sors bien. Il faut lire avant d'installer toit et n'importe quoi, sinon, ton pc va se transformer en poubelle.
Lire: Les toolbars c'est pas obligatoire!
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
après, tu fais vraiment ça:
Télécharge TDSSKiller de Kaspersky sur ton bureau.
(Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)
C:\ TDSSKiller.x.x.x.x_date_heure_log.txt
Poste son contenu dans ta prochaine réponse.
Ah ouai ![:p]( ":p")
Bon bah voilà le rapport AD-R :
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 16/01/11 à 02:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:30:34 le 16/01/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
Julien@PC-DE-PAUL (Acer Aspire M5100)
============== ACTION(S) ==============
Service: "MyWebSearchService" Stoppé et supprimé
Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
Fichier supprimé: C:\Windows\system32\f3PSSavr.scr
Fichier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\mywebsearch.xml
Fichier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\web-search.xml
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\iMeshMediabarTb
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\DesktopIcon
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\FunWebProducts
Dossier supprimé: C:\Program Files\FunWebProducts
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\live-player
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\live-player
Dossier supprimé: C:\Program Files\live-player
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\MyWebSearch
Dossier supprimé: C:\Program Files\MyWebSearch
Dossier supprimé: C:\Program Files\SpiderMessenger
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Toolbar4
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\OfferBox
Dossier supprimé: C:\Program Files\OfferBox
Dossier supprimé: C:\ProgramData\iMesh
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
Dossier supprimé: C:\Program Files\iMesh Applications
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\iMeshMediabarTb
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\AGI
Dossier supprimé: C:\ProgramData\AGI
Dossier supprimé: C:\Program Files\AGI
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Kiwee Toolbar
Fichier supprimé: C:\Program Files\Windows Live\Messenger\Riched20.dll
Fichier supprimé: C:\Program Files\Windows Live\Messenger\Msimg32.dll
Fichier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Local\lbantjfw.bat
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
Ligne supprimée: user_pref("extensions.enabledItems", "illimitux@illimitux.net:4.0,{20a82645-c095-46ed-80e3-088257605...
Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKLM\Software\Classes\CLSID\{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
Clé supprimée: HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Clé supprimée: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Clé supprimée: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
Clé supprimée: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé supprimée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
Clé supprimée: HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Clé supprimée: HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Clé supprimée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Clé supprimée: HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Clé supprimée: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Clé supprimée: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Clé supprimée: HKLM\Software\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Clé supprimée: HKLM\Software\Classes\AppID\{969D2C61-9B16-407c-86B7-397BF4579BE6}
Clé supprimée: HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Clé supprimée: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Clé supprimée: HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Clé supprimée: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Clé supprimée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé supprimée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Clé supprimée: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Clé supprimée: HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Clé supprimée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Clé supprimée: HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Clé supprimée: HKLM\Software\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Clé supprimée: HKLM\Software\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Clé supprimée: HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
Clé supprimée: HKLM\Software\Classes\AppID\{AD71F65D-CD13-4837-A2DC-E4D90020E7D4}
Clé supprimée: HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Clé supprimée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Clé supprimée: HKLM\Software\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Clé supprimée: HKLM\Software\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Clé supprimée: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Clé supprimée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Clé supprimée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15}
Clé supprimée: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé supprimée: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Clé supprimée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Clé supprimée: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Clé supprimée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Clé supprimée: HKLM\Software\Classes\CLSID\{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
Clé supprimée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Clé supprimée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Clé supprimée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé supprimée: HKLM\Software\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
Clé supprimée: HKLM\Software\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Clé supprimée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé supprimée: HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé supprimée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
Clé supprimée: HKLM\Software\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Clé supprimée: HKLM\Software\Classes\CLSID\{B0639356-335C-4E47-B63C-12531A7A5206}
Clé supprimée: HKLM\Software\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
Clé supprimée: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé supprimée: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé supprimée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Clé supprimée: HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Clé supprimée: HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Clé supprimée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Clé supprimée: HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Clé supprimée: HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Clé supprimée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Clé supprimée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Clé supprimée: HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Clé supprimée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Clé supprimée: HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Clé supprimée: HKLM\Software\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
Clé supprimée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Clé supprimée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé supprimée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé supprimée: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
Clé supprimée: HKLM\Software\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Classes\CLSID\{FD675817-9EFE-40cd-A75E-E94D1C85D1FE}
Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Clé supprimée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Clé supprimée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Clé supprimée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Clé supprimée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Clé supprimée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé supprimée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé supprimée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Clé supprimée: HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}
Clé supprimée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Clé supprimée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Clé supprimée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Clé supprimée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Clé supprimée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Clé supprimée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Clé supprimée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Clé supprimée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Clé supprimée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Clé supprimée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Clé supprimée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Clé supprimée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Clé supprimée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Clé supprimée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Clé supprimée: HKLM\Software\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Clé supprimée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé supprimée: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé supprimée: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Clé supprimée: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Clé supprimée: HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Clé supprimée: HKLM\Software\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Clé supprimée: HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Clé supprimée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Clé supprimée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Clé supprimée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé supprimée: HKLM\Software\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Clé supprimée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eephhas
Clé supprimée: HKLM\Software\Classes\AG.MediaPlayerCOM
Clé supprimée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé supprimée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl
Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2
Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager
Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager
Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1
Clé supprimée: HKLM\Software\Classes\iMesh.AudioCD
Clé supprimée: HKLM\Software\Classes\iMesh.Device
Clé supprimée: HKLM\Software\Classes\iMesh.file
Clé supprimée: HKLM\Software\Classes\iMesh.LauncherEventHandler
Clé supprimée: HKLM\Software\Classes\iMesh.LauncherEventHandler.1
Clé supprimée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard
Clé supprimée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1
Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel
Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton
Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin
Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton
Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller
Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Clé supprimée: HKLM\Software\OfferBox
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\AGI
Clé supprimée: HKLM\Software\DataMngr
Clé supprimée: HKLM\Software\FocusInteractive
Clé supprimée: HKLM\Software\Fun Web Products
Clé supprimée: HKLM\Software\iMesh
Clé supprimée: HKLM\Software\MyWebSearch
Clé supprimée: HKCU\Software\SpiderMessenger
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\AGI
Clé supprimée: HKCU\Software\DataMngr
Clé supprimée: HKCU\Software\FunWebProducts
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\MyWebSearch
Clé supprimée: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Clé supprimée: HKCU\Software\AppDataLow\Software\Fun Web Products
Clé supprimée: HKCU\Software\AppDataLow\Software\FunWebProducts
Clé supprimée: HKCU\Software\AppDataLow\Software\MyWebSearch
Clé supprimée: HKU\.DEFAULT\Software\AGI
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D35620-51D9-11DE-9D13-2DB156D89593}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Clé supprimée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé supprimée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé supprimée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Clé supprimée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Clé supprimée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin
Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|toolbar@kiwee.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
browser.search.defaultenginename, Web Search...
browser.search.selectedEngine, iMesh Web Search
browser.startup.homepage, hxxp://search.imesh.com/
browser.startup.homepage_override.mstone, rv:1.9.2.13
keyword.URL, hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
========================================
** Internet Explorer Version [8.0.6001.18999] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 1841 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 16/01/2011 (30372 Octet(s))
C:\Ad-Report-SCAN[1].txt - 16/01/2011 (29583 Octet(s))
C:\Ad-Report-SCAN[2].txt - 16/01/2011 (29640 Octet(s))
Fin à: 22:33:13, 16/01/2011
============== E.O.F ==============
Voilà celui de Kapersky![:)]( ":)")
:
2011/01/16 22:44:48.0438 TDSS rootkit removing tool 2.4.13.0 Jan 12 2011 09:51:11
2011/01/16 22:44:48.0438 ================================================================================
2011/01/16 22:44:48.0438 SystemInfo:
2011/01/16 22:44:48.0438
2011/01/16 22:44:48.0438 OS Version: 6.0.6001 ServicePack: 1.0
2011/01/16 22:44:48.0438 Product type: Workstation
2011/01/16 22:44:48.0438 ComputerName: PC-DE-PAUL
2011/01/16 22:44:48.0438 UserName: Julien
2011/01/16 22:44:48.0438 Windows directory: C:\Windows
2011/01/16 22:44:48.0439 System windows directory: C:\Windows
2011/01/16 22:44:48.0439 Processor architecture: Intel x86
2011/01/16 22:44:48.0439 Number of processors: 2
2011/01/16 22:44:48.0439 Page size: 0x1000
2011/01/16 22:44:48.0439 Boot type: Normal boot
2011/01/16 22:44:48.0439 ================================================================================
2011/01/16 22:44:49.0250 Initialize success
2011/01/16 22:44:53.0173 ================================================================================
2011/01/16 22:44:53.0173 Scan started
2011/01/16 22:44:53.0173 Mode: Manual;
2011/01/16 22:44:53.0173 ================================================================================
2011/01/16 22:44:54.0544 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/01/16 22:44:54.0602 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/01/16 22:44:54.0654 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/01/16 22:44:54.0680 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/01/16 22:44:54.0711 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/01/16 22:44:54.0824 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/01/16 22:44:54.0870 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/01/16 22:44:54.0969 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/16 22:44:55.0019 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/01/16 22:44:55.0084 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/01/16 22:44:55.0161 amdide (f12456ad77b1c32d8c5ca51927872850) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/16 22:44:55.0273 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/01/16 22:44:55.0312 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/16 22:44:55.0507 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/01/16 22:44:55.0553 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/01/16 22:44:55.0607 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/16 22:44:55.0652 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/01/16 22:44:55.0808 atikmdag (47a62c4c56bd325d0ce85cb063d94e9c) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/16 22:44:55.0905 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/01/16 22:44:55.0976 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys
2011/01/16 22:44:56.0140 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/01/16 22:44:56.0284 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/01/16 22:44:56.0339 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys
2011/01/16 22:44:56.0418 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/16 22:44:56.0572 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/16 22:44:56.0642 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/16 22:44:56.0671 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/16 22:44:56.0729 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/16 22:44:56.0779 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/16 22:44:56.0809 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/16 22:44:56.0861 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/16 22:44:56.0937 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/16 22:44:57.0106 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/16 22:44:57.0167 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/16 22:44:57.0243 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/01/16 22:44:57.0328 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/01/16 22:44:57.0402 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/01/16 22:44:57.0426 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/01/16 22:44:57.0479 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/01/16 22:44:57.0507 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/01/16 22:44:57.0594 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/01/16 22:44:57.0725 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/01/16 22:44:57.0797 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/16 22:44:57.0858 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/16 22:44:57.0960 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/16 22:44:58.0046 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/01/16 22:44:58.0169 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/01/16 22:44:58.0471 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/01/16 22:44:58.0619 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/01/16 22:44:58.0692 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/16 22:44:58.0811 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/16 22:44:58.0849 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/16 22:44:58.0889 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/16 22:44:58.0952 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/01/16 22:44:59.0034 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/01/16 22:44:59.0094 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/16 22:44:59.0133 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/16 22:44:59.0168 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/16 22:44:59.0254 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/01/16 22:44:59.0286 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/16 22:44:59.0307 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/16 22:44:59.0350 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/16 22:44:59.0403 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/16 22:44:59.0444 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/01/16 22:44:59.0502 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/01/16 22:44:59.0552 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/01/16 22:44:59.0608 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/16 22:44:59.0647 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/01/16 22:44:59.0694 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/16 22:44:59.0784 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/01/16 22:44:59.0934 IntcAzAudAddService (2bd6633db50a98534aa3262e0f9f5a14) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/16 22:44:59.0989 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/01/16 22:45:00.0020 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/16 22:45:00.0079 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/16 22:45:00.0144 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/16 22:45:00.0183 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/16 22:45:00.0239 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/16 22:45:00.0264 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/01/16 22:45:00.0300 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/16 22:45:00.0336 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/16 22:45:00.0383 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/16 22:45:00.0415 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/16 22:45:00.0437 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/16 22:45:00.0485 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/16 22:45:00.0580 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/01/16 22:45:00.0615 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/16 22:45:00.0685 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/16 22:45:00.0719 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/16 22:45:00.0774 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/16 22:45:00.0821 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/16 22:45:00.0876 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/01/16 22:45:00.0949 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/16 22:45:01.0122 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/16 22:45:01.0167 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/16 22:45:01.0213 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/16 22:45:01.0352 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/16 22:45:01.0461 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/01/16 22:45:01.0507 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/16 22:45:01.0544 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/16 22:45:01.0592 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/01/16 22:45:01.0655 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/16 22:45:01.0691 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/16 22:45:01.0722 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/16 22:45:01.0764 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/01/16 22:45:01.0809 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/01/16 22:45:01.0882 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/16 22:45:01.0948 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/16 22:45:02.0016 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/16 22:45:02.0209 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/16 22:45:02.0291 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/16 22:45:02.0346 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/01/16 22:45:02.0378 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/16 22:45:02.0407 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/16 22:45:02.0438 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/01/16 22:45:02.0540 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/16 22:45:02.0602 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/01/16 22:45:02.0665 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/16 22:45:02.0746 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/16 22:45:02.0802 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/16 22:45:02.0853 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/16 22:45:02.0905 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/16 22:45:02.0939 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/16 22:45:03.0006 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/16 22:45:03.0177 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/01/16 22:45:03.0287 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/16 22:45:03.0344 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/01/16 22:45:03.0430 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/01/16 22:45:03.0458 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/16 22:45:03.0500 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/16 22:45:03.0535 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/01/16 22:45:03.0572 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/01/16 22:45:03.0605 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/01/16 22:45:03.0759 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/16 22:45:03.0926 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/01/16 22:45:04.0031 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/01/16 22:45:04.0058 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/16 22:45:04.0094 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/01/16 22:45:04.0168 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/01/16 22:45:04.0213 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/16 22:45:04.0287 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/16 22:45:04.0437 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/16 22:45:04.0520 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/01/16 22:45:04.0592 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/16 22:45:04.0636 PSDFilter (c2821f33b846a52fdc25ff554acf11f2) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/01/16 22:45:04.0654 PSDNServ (28d3a91fe7791b970e6b15c88f98dfbd) C:\Windows\system32\drivers\PSDNServ.sys
2011/01/16 22:45:04.0790 psdvdisk (3a66f69459052de13ef8a0f77d728a73) C:\Windows\system32\drivers\psdvdisk.sys
2011/01/16 22:45:04.0870 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/01/16 22:45:04.0964 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/16 22:45:05.0054 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/16 22:45:05.0164 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/16 22:45:05.0227 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/16 22:45:05.0292 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/16 22:45:05.0343 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/16 22:45:05.0383 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/16 22:45:05.0463 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/16 22:45:05.0517 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/01/16 22:45:05.0548 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/16 22:45:05.0603 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/01/16 22:45:05.0693 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/16 22:45:05.0750 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/01/16 22:45:05.0925 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\Windows\system32\drivers\ScreamingBAudio.sys
2011/01/16 22:45:05.0988 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/16 22:45:06.0055 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/16 22:45:06.0090 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/01/16 22:45:06.0120 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/16 22:45:06.0177 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/01/16 22:45:06.0205 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/16 22:45:06.0239 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/16 22:45:06.0261 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/16 22:45:06.0304 sieflt (4b79a457870ffce0ea7c7c939e639a55) C:\Windows\system32\DRIVERS\sieflt.sys
2011/01/16 22:45:06.0343 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/01/16 22:45:06.0377 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/01/16 22:45:06.0413 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/01/16 22:45:06.0595 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/01/16 22:45:06.0718 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/16 22:45:06.0812 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys
2011/01/16 22:45:06.0894 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/16 22:45:06.0958 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/16 22:45:07.0009 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/01/16 22:45:07.0079 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/16 22:45:07.0175 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/16 22:45:07.0214 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/16 22:45:07.0240 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/16 22:45:07.0322 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/01/16 22:45:07.0414 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/16 22:45:07.0457 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/16 22:45:07.0495 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/16 22:45:07.0521 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/16 22:45:07.0572 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/16 22:45:07.0606 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/16 22:45:07.0726 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/16 22:45:07.0778 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/16 22:45:07.0809 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/16 22:45:07.0860 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/01/16 22:45:07.0901 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/16 22:45:07.0944 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/16 22:45:07.0972 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/01/16 22:45:08.0014 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/16 22:45:08.0042 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/16 22:45:08.0077 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/16 22:45:08.0173 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/01/16 22:45:08.0303 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/16 22:45:08.0361 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/16 22:45:08.0417 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/16 22:45:08.0459 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/16 22:45:08.0522 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/16 22:45:08.0582 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/16 22:45:08.0735 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/01/16 22:45:08.0773 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/16 22:45:08.0809 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/16 22:45:08.0843 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/01/16 22:45:08.0925 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/16 22:45:08.0992 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/16 22:45:09.0033 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/01/16 22:45:09.0073 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/01/16 22:45:09.0115 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/01/16 22:45:09.0173 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/16 22:45:09.0227 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/01/16 22:45:09.0279 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/01/16 22:45:09.0323 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/01/16 22:45:09.0367 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/16 22:45:09.0402 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/16 22:45:09.0422 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/16 22:45:09.0511 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/01/16 22:45:09.0600 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/16 22:45:09.0789 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/01/16 22:45:09.0890 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/16 22:45:09.0946 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/16 22:45:10.0048 WSVD (2584df81cc9f7e7bd3545691106f8cae) C:\Windows\system32\drivers\WSVD.sys
2011/01/16 22:45:10.0100 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/16 22:45:10.0155 yukonwlh (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/01/16 22:45:10.0215 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8903c6979ea677a9af3d36e0d3709203) C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl
2011/01/16 22:45:10.0332 ================================================================================
2011/01/16 22:45:10.0332 Scan finished
2011/01/16 22:45:10.0332 ================================================================================
Bon bah voilà le rapport AD-R :
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 16/01/11 à 02:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:30:34 le 16/01/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
Julien@PC-DE-PAUL (Acer Aspire M5100)
============== ACTION(S) ==============
Service: "MyWebSearchService" Stoppé et supprimé
Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
Fichier supprimé: C:\Windows\system32\f3PSSavr.scr
Fichier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\mywebsearch.xml
Fichier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\searchplugins\web-search.xml
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\iMeshMediabarTb
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\DesktopIcon
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\FunWebProducts
Dossier supprimé: C:\Program Files\FunWebProducts
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\live-player
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\live-player
Dossier supprimé: C:\Program Files\live-player
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\MyWebSearch
Dossier supprimé: C:\Program Files\MyWebSearch
Dossier supprimé: C:\Program Files\SpiderMessenger
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Toolbar4
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\OfferBox
Dossier supprimé: C:\Program Files\OfferBox
Dossier supprimé: C:\ProgramData\iMesh
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
Dossier supprimé: C:\Program Files\iMesh Applications
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\iMeshMediabarTb
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Roaming\AGI
Dossier supprimé: C:\ProgramData\AGI
Dossier supprimé: C:\Program Files\AGI
Dossier supprimé: C:\Users\Julien.PC-de-edvard\AppData\LocalLow\Kiwee Toolbar
Fichier supprimé: C:\Program Files\Windows Live\Messenger\Riched20.dll
Fichier supprimé: C:\Program Files\Windows Live\Messenger\Msimg32.dll
Fichier supprimé: C:\Users\Julien.PC-de-edvard\AppData\Local\lbantjfw.bat
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
Ligne supprimée: user_pref("extensions.enabledItems", "illimitux@illimitux.net:4.0,{20a82645-c095-46ed-80e3-088257605...
Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Clé supprimée: HKLM\Software\Classes\CLSID\{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
Clé supprimée: HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Clé supprimée: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Clé supprimée: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
Clé supprimée: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé supprimée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
Clé supprimée: HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Clé supprimée: HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Clé supprimée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Clé supprimée: HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Clé supprimée: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Clé supprimée: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Clé supprimée: HKLM\Software\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Clé supprimée: HKLM\Software\Classes\AppID\{969D2C61-9B16-407c-86B7-397BF4579BE6}
Clé supprimée: HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Clé supprimée: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Clé supprimée: HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Clé supprimée: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Clé supprimée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Clé supprimée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Clé supprimée: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
Clé supprimée: HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Clé supprimée: HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Clé supprimée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Clé supprimée: HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Clé supprimée: HKLM\Software\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Clé supprimée: HKLM\Software\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
Clé supprimée: HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
Clé supprimée: HKLM\Software\Classes\AppID\{AD71F65D-CD13-4837-A2DC-E4D90020E7D4}
Clé supprimée: HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Clé supprimée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Clé supprimée: HKLM\Software\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Clé supprimée: HKLM\Software\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Clé supprimée: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Clé supprimée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Clé supprimée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15}
Clé supprimée: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Clé supprimée: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Clé supprimée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Clé supprimée: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Clé supprimée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Clé supprimée: HKLM\Software\Classes\CLSID\{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
Clé supprimée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Clé supprimée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Clé supprimée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Clé supprimée: HKLM\Software\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
Clé supprimée: HKLM\Software\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Clé supprimée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Clé supprimée: HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé supprimée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
Clé supprimée: HKLM\Software\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Clé supprimée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Clé supprimée: HKLM\Software\Classes\CLSID\{B0639356-335C-4E47-B63C-12531A7A5206}
Clé supprimée: HKLM\Software\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
Clé supprimée: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Clé supprimée: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé supprimée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Clé supprimée: HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Clé supprimée: HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Clé supprimée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Clé supprimée: HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Clé supprimée: HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Clé supprimée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Clé supprimée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Clé supprimée: HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Clé supprimée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Clé supprimée: HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Clé supprimée: HKLM\Software\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
Clé supprimée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Clé supprimée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé supprimée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Clé supprimée: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
Clé supprimée: HKLM\Software\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Classes\CLSID\{FD675817-9EFE-40cd-A75E-E94D1C85D1FE}
Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Clé supprimée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Clé supprimée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Clé supprimée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Clé supprimée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Clé supprimée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé supprimée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé supprimée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Clé supprimée: HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}
Clé supprimée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Clé supprimée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Clé supprimée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Clé supprimée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Clé supprimée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Clé supprimée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Clé supprimée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Clé supprimée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Clé supprimée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Clé supprimée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Clé supprimée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Clé supprimée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Clé supprimée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Clé supprimée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Clé supprimée: HKLM\Software\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Clé supprimée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Clé supprimée: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Clé supprimée: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Clé supprimée: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Clé supprimée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Clé supprimée: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Clé supprimée: HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Clé supprimée: HKLM\Software\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Clé supprimée: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Clé supprimée: HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Clé supprimée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Clé supprimée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Clé supprimée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Clé supprimée: HKLM\Software\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé supprimée: HKLM\Software\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Clé supprimée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eephhas
Clé supprimée: HKLM\Software\Classes\AG.MediaPlayerCOM
Clé supprimée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé supprimée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl
Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2
Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager
Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager
Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl
Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1
Clé supprimée: HKLM\Software\Classes\iMesh.AudioCD
Clé supprimée: HKLM\Software\Classes\iMesh.Device
Clé supprimée: HKLM\Software\Classes\iMesh.file
Clé supprimée: HKLM\Software\Classes\iMesh.LauncherEventHandler
Clé supprimée: HKLM\Software\Classes\iMesh.LauncherEventHandler.1
Clé supprimée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard
Clé supprimée: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1
Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo
Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel
Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton
Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin
Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton
Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin
Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller
Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Clé supprimée: HKLM\Software\OfferBox
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\AGI
Clé supprimée: HKLM\Software\DataMngr
Clé supprimée: HKLM\Software\FocusInteractive
Clé supprimée: HKLM\Software\Fun Web Products
Clé supprimée: HKLM\Software\iMesh
Clé supprimée: HKLM\Software\MyWebSearch
Clé supprimée: HKCU\Software\SpiderMessenger
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\AGI
Clé supprimée: HKCU\Software\DataMngr
Clé supprimée: HKCU\Software\FunWebProducts
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\MyWebSearch
Clé supprimée: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Clé supprimée: HKCU\Software\AppDataLow\Software\Fun Web Products
Clé supprimée: HKCU\Software\AppDataLow\Software\FunWebProducts
Clé supprimée: HKCU\Software\AppDataLow\Software\MyWebSearch
Clé supprimée: HKU\.DEFAULT\Software\AGI
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D35620-51D9-11DE-9D13-2DB156D89593}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Clé supprimée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé supprimée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé supprimée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Clé supprimée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Clé supprimée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin
Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|toolbar@kiwee.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\FireFox\Profiles\zcu5n4ut.default\Prefs.js --
browser.search.defaultenginename, Web Search...
browser.search.selectedEngine, iMesh Web Search
browser.startup.homepage, hxxp://search.imesh.com/
browser.startup.homepage_override.mstone, rv:1.9.2.13
keyword.URL, hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
========================================
** Internet Explorer Version [8.0.6001.18999] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 1841 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 16/01/2011 (30372 Octet(s))
C:\Ad-Report-SCAN[1].txt - 16/01/2011 (29583 Octet(s))
C:\Ad-Report-SCAN[2].txt - 16/01/2011 (29640 Octet(s))
Fin à: 22:33:13, 16/01/2011
============== E.O.F ==============
Voilà celui de Kapersky
: 2011/01/16 22:44:48.0438 TDSS rootkit removing tool 2.4.13.0 Jan 12 2011 09:51:11
2011/01/16 22:44:48.0438 ================================================================================
2011/01/16 22:44:48.0438 SystemInfo:
2011/01/16 22:44:48.0438
2011/01/16 22:44:48.0438 OS Version: 6.0.6001 ServicePack: 1.0
2011/01/16 22:44:48.0438 Product type: Workstation
2011/01/16 22:44:48.0438 ComputerName: PC-DE-PAUL
2011/01/16 22:44:48.0438 UserName: Julien
2011/01/16 22:44:48.0438 Windows directory: C:\Windows
2011/01/16 22:44:48.0439 System windows directory: C:\Windows
2011/01/16 22:44:48.0439 Processor architecture: Intel x86
2011/01/16 22:44:48.0439 Number of processors: 2
2011/01/16 22:44:48.0439 Page size: 0x1000
2011/01/16 22:44:48.0439 Boot type: Normal boot
2011/01/16 22:44:48.0439 ================================================================================
2011/01/16 22:44:49.0250 Initialize success
2011/01/16 22:44:53.0173 ================================================================================
2011/01/16 22:44:53.0173 Scan started
2011/01/16 22:44:53.0173 Mode: Manual;
2011/01/16 22:44:53.0173 ================================================================================
2011/01/16 22:44:54.0544 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/01/16 22:44:54.0602 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/01/16 22:44:54.0654 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/01/16 22:44:54.0680 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/01/16 22:44:54.0711 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/01/16 22:44:54.0824 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/01/16 22:44:54.0870 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/01/16 22:44:54.0969 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/16 22:44:55.0019 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/01/16 22:44:55.0084 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/01/16 22:44:55.0161 amdide (f12456ad77b1c32d8c5ca51927872850) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/16 22:44:55.0273 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/01/16 22:44:55.0312 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/16 22:44:55.0507 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/01/16 22:44:55.0553 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/01/16 22:44:55.0607 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/16 22:44:55.0652 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/01/16 22:44:55.0808 atikmdag (47a62c4c56bd325d0ce85cb063d94e9c) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/16 22:44:55.0905 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/01/16 22:44:55.0976 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys
2011/01/16 22:44:56.0140 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/01/16 22:44:56.0284 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/01/16 22:44:56.0339 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys
2011/01/16 22:44:56.0418 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/16 22:44:56.0572 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/16 22:44:56.0642 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/16 22:44:56.0671 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/16 22:44:56.0729 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/16 22:44:56.0779 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/16 22:44:56.0809 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/16 22:44:56.0861 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/16 22:44:56.0937 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/16 22:44:57.0106 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/16 22:44:57.0167 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/16 22:44:57.0243 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/01/16 22:44:57.0328 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/01/16 22:44:57.0402 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/01/16 22:44:57.0426 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/01/16 22:44:57.0479 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/01/16 22:44:57.0507 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/01/16 22:44:57.0594 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/01/16 22:44:57.0725 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/01/16 22:44:57.0797 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/16 22:44:57.0858 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/16 22:44:57.0960 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/16 22:44:58.0046 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/01/16 22:44:58.0169 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/01/16 22:44:58.0471 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/01/16 22:44:58.0619 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/01/16 22:44:58.0692 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/16 22:44:58.0811 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/16 22:44:58.0849 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/16 22:44:58.0889 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/16 22:44:58.0952 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/01/16 22:44:59.0034 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/01/16 22:44:59.0094 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/16 22:44:59.0133 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/16 22:44:59.0168 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/16 22:44:59.0254 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/01/16 22:44:59.0286 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/16 22:44:59.0307 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/16 22:44:59.0350 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/16 22:44:59.0403 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/16 22:44:59.0444 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/01/16 22:44:59.0502 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/01/16 22:44:59.0552 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/01/16 22:44:59.0608 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/16 22:44:59.0647 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/01/16 22:44:59.0694 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/16 22:44:59.0784 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/01/16 22:44:59.0934 IntcAzAudAddService (2bd6633db50a98534aa3262e0f9f5a14) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/16 22:44:59.0989 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/01/16 22:45:00.0020 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/16 22:45:00.0079 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/16 22:45:00.0144 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/16 22:45:00.0183 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/16 22:45:00.0239 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/16 22:45:00.0264 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/01/16 22:45:00.0300 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/16 22:45:00.0336 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/16 22:45:00.0383 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/16 22:45:00.0415 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/16 22:45:00.0437 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/16 22:45:00.0485 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/16 22:45:00.0580 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/01/16 22:45:00.0615 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/16 22:45:00.0685 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/16 22:45:00.0719 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/16 22:45:00.0774 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/16 22:45:00.0821 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/16 22:45:00.0876 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/01/16 22:45:00.0949 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/16 22:45:01.0122 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/16 22:45:01.0167 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/16 22:45:01.0213 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/16 22:45:01.0352 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/16 22:45:01.0461 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/01/16 22:45:01.0507 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/16 22:45:01.0544 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/16 22:45:01.0592 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/01/16 22:45:01.0655 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/16 22:45:01.0691 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/16 22:45:01.0722 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/16 22:45:01.0764 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/01/16 22:45:01.0809 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/01/16 22:45:01.0882 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/16 22:45:01.0948 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/16 22:45:02.0016 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/16 22:45:02.0209 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/16 22:45:02.0291 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/16 22:45:02.0346 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/01/16 22:45:02.0378 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/16 22:45:02.0407 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/16 22:45:02.0438 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/01/16 22:45:02.0540 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/16 22:45:02.0602 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/01/16 22:45:02.0665 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/16 22:45:02.0746 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/16 22:45:02.0802 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/16 22:45:02.0853 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/16 22:45:02.0905 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/16 22:45:02.0939 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/16 22:45:03.0006 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/16 22:45:03.0177 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/01/16 22:45:03.0287 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/16 22:45:03.0344 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/01/16 22:45:03.0430 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/01/16 22:45:03.0458 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/16 22:45:03.0500 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/16 22:45:03.0535 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/01/16 22:45:03.0572 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/01/16 22:45:03.0605 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/01/16 22:45:03.0759 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/16 22:45:03.0926 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/01/16 22:45:04.0031 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/01/16 22:45:04.0058 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/16 22:45:04.0094 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/01/16 22:45:04.0168 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/01/16 22:45:04.0213 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/16 22:45:04.0287 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/16 22:45:04.0437 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/16 22:45:04.0520 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/01/16 22:45:04.0592 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/16 22:45:04.0636 PSDFilter (c2821f33b846a52fdc25ff554acf11f2) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/01/16 22:45:04.0654 PSDNServ (28d3a91fe7791b970e6b15c88f98dfbd) C:\Windows\system32\drivers\PSDNServ.sys
2011/01/16 22:45:04.0790 psdvdisk (3a66f69459052de13ef8a0f77d728a73) C:\Windows\system32\drivers\psdvdisk.sys
2011/01/16 22:45:04.0870 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/01/16 22:45:04.0964 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/16 22:45:05.0054 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/16 22:45:05.0164 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/16 22:45:05.0227 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/16 22:45:05.0292 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/16 22:45:05.0343 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/16 22:45:05.0383 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/16 22:45:05.0463 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/16 22:45:05.0517 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/01/16 22:45:05.0548 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/16 22:45:05.0603 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/01/16 22:45:05.0693 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/16 22:45:05.0750 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/01/16 22:45:05.0925 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\Windows\system32\drivers\ScreamingBAudio.sys
2011/01/16 22:45:05.0988 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/16 22:45:06.0055 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/16 22:45:06.0090 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/01/16 22:45:06.0120 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/16 22:45:06.0177 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/01/16 22:45:06.0205 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/16 22:45:06.0239 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/16 22:45:06.0261 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/16 22:45:06.0304 sieflt (4b79a457870ffce0ea7c7c939e639a55) C:\Windows\system32\DRIVERS\sieflt.sys
2011/01/16 22:45:06.0343 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/01/16 22:45:06.0377 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/01/16 22:45:06.0413 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/01/16 22:45:06.0595 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/01/16 22:45:06.0718 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/16 22:45:06.0812 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys
2011/01/16 22:45:06.0894 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/16 22:45:06.0958 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/16 22:45:07.0009 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/01/16 22:45:07.0079 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/16 22:45:07.0175 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/16 22:45:07.0214 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/16 22:45:07.0240 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/16 22:45:07.0322 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/01/16 22:45:07.0414 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/16 22:45:07.0457 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/16 22:45:07.0495 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/16 22:45:07.0521 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/16 22:45:07.0572 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/16 22:45:07.0606 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/16 22:45:07.0726 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/16 22:45:07.0778 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/16 22:45:07.0809 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/16 22:45:07.0860 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/01/16 22:45:07.0901 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/16 22:45:07.0944 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/16 22:45:07.0972 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/01/16 22:45:08.0014 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/16 22:45:08.0042 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/16 22:45:08.0077 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/16 22:45:08.0173 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/01/16 22:45:08.0303 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/16 22:45:08.0361 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/16 22:45:08.0417 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/16 22:45:08.0459 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/16 22:45:08.0522 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/16 22:45:08.0582 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/16 22:45:08.0735 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/01/16 22:45:08.0773 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/16 22:45:08.0809 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/16 22:45:08.0843 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/01/16 22:45:08.0925 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/16 22:45:08.0992 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/16 22:45:09.0033 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/01/16 22:45:09.0073 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/01/16 22:45:09.0115 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/01/16 22:45:09.0173 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/16 22:45:09.0227 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/01/16 22:45:09.0279 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/01/16 22:45:09.0323 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/01/16 22:45:09.0367 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/16 22:45:09.0402 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/16 22:45:09.0422 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/16 22:45:09.0511 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/01/16 22:45:09.0600 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/16 22:45:09.0789 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/01/16 22:45:09.0890 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/16 22:45:09.0946 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/16 22:45:10.0048 WSVD (2584df81cc9f7e7bd3545691106f8cae) C:\Windows\system32\drivers\WSVD.sys
2011/01/16 22:45:10.0100 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/16 22:45:10.0155 yukonwlh (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/01/16 22:45:10.0215 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8903c6979ea677a9af3d36e0d3709203) C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl
2011/01/16 22:45:10.0332 ================================================================================
2011/01/16 22:45:10.0332 Scan finished
2011/01/16 22:45:10.0332 ================================================================================
Bonsoir
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :![]()
Combofix
Sauvegarde-le sur ton bureau et pas ailleurs!
Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"
viens sur le forum et édition "coller"
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
<@_@>
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
Combofix Sauvegarde-le sur ton bureau et pas ailleurs!
Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"
viens sur le forum et édition "coller"
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
<@_@>
ComboFix 11-01-17.04 - Julien 18/01/2011 9:20.3.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1149 [GMT 1:00]
Lancé depuis: c:\users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\users\Diane\AppData\Roaming\OfferBox
c:\users\Diane\AppData\Roaming\OfferBox\config.dat
c:\users\Diane\AppData\Roaming\OfferBox\config.xml
c:\users\edvard\AppData\Roaming\OfferBox
c:\users\edvard\AppData\Roaming\OfferBox\config.dat
c:\users\edvard\AppData\Roaming\OfferBox\config.xml
c:\users\Invité\AppData\Roaming\OfferBox
c:\users\Invité\AppData\Roaming\OfferBox\config.dat
c:\users\Invité\AppData\Roaming\OfferBox\config.xml
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\adstorage.db
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\megavideoWQK62KPB301265349.cacao
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\storage.db
c:\users\Julien.PC-de-edvard\AppData\Roaming\Microsoft\Windows\Recent\FAQ.url
c:\windows\system32\shsvcs.dll.back
c:\windows\system32\themeui.dll.back
c:\windows\system32\uxtheme.dll.back
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-18 au 2011-01-18 ))))))))))))))))))))))))))))))))))))
.
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Julien.PC-de-edvard\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\TEMP.PC-DE-PAUL\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\JULIEN~1~PC-\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\julien\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Invité\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\edvard\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Diane\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-18 06:46 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CF472169-B553-47B5-8C7E-E0C1303DA65A}\mpengine.dll
2011-01-17 19:39 . 2010-12-14 13:48 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-01-17 19:39 . 2010-12-14 13:48 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-01-17 19:34 . 2010-12-14 13:53 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-01-17 19:33 . 2011-01-17 19:38 -------- d-----w- c:\program files\TuneUp Utilities 2011
2011-01-17 19:21 . 2011-01-17 19:21 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-16 21:20 . 2011-01-16 21:20 -------- d-----w- c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar
2011-01-16 19:37 . 2011-01-16 19:37 -------- d-----w- c:\program files\CCleaner
2011-01-16 19:13 . 2011-01-16 19:13 -------- d-----w- c:\program files\Ad-Remover
2011-01-12 05:12 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 05:12 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 05:12 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 05:12 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 05:12 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 05:12 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 05:12 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-26 14:04 . 2010-12-26 14:04 -------- d-----w- c:\users\Diane\AppData\Roaming\Sony
2010-12-25 12:27 . 2010-12-25 12:27 -------- d-----w- c:\programdata\26234
2010-12-25 08:13 . 2011-01-16 21:20 -------- d-----w- c:\program files\Unlocker
2010-12-25 08:01 . 2010-12-25 08:01 -------- d-----w- c:\programdata\Chat Republic Games
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-19 19:55 . 2007-05-06 19:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-19 19:55 . 2007-05-06 19:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-12 17:53 . 2010-08-25 06:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-06 11:10 . 2010-12-15 13:16 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:10 . 2010-12-15 13:16 357376 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:10 . 2010-12-15 13:16 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:09 . 2010-12-15 13:16 603648 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-05 00:53 . 2010-12-15 13:16 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-15 13:16 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-15 13:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-15 13:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-15 13:16 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-15 13:16 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-15 13:16 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-15 13:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-15 13:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:02 . 2010-12-15 13:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:03 . 2010-12-15 13:16 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 12:56 . 2010-12-15 13:16 2048 ----a-w- c:\windows\system32\tzres.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"cacaoweb"="c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\cacaoweb.exe" [BU]
"ViVi Cursor"="c:\program files\ViVi Cursor 2.0\ViVi_Cursor.exe" [2008-09-25 1001472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
c:\users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\Julien.PC-de-edvard\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [N/A]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
OneNote 2010 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
c:\users\edvard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
Sommaire de OneNote.onetoc2 [2008-5-22 3656]
c:\users\Invit‚\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
c:\users\julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dock.lnk - c:\vistaosx09\RKLauncher.exe [2010-5-29 708608]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-6 528384]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-6 200812]
Secure it Easy Notifier.exe.lnk - c:\program files\CoSoSys Ltd\Secure it Easy\SiENotifier.exe [2009-6-3 860360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\PythonService.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca2584d44ef949;Service Google Update (gupdate1ca2584d44ef949);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 133104]
R3 EraserUtilDrv10920;EraserUtilDrv10920;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10920.sys [x]
R3 EraserUtilDrvI9;EraserUtilDrvI9;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 Fadpu16E;Fadpu16E;c:\users\JULIEN~1.PC-\AppData\Local\Temp\Fadpu16E.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-02-24 3411964]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [2007-08-31 39408]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Secure it Easy;Secure it Easy;c:\program files\CoSoSys Ltd\Secure it Easy\SIEservice.exe [2009-06-03 65736]
S2 sieflt;sieflt;c:\windows\system32\DRIVERS\sieflt.sys [2009-06-03 34112]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2011-01-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-25 13:01]
2011-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-18 c:\windows\Tasks\User_Feed_Synchronization-{29C01C2B-1C07-48CE-B039-4A19E915CCC3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-18 c:\windows\Tasks\User_Feed_Synchronization-{41E945F8-C53F-46A9-BEBC-5CD718807E72}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-18 c:\windows\Tasks\User_Feed_Synchronization-{D24A402F-ED2A-4751-AB54-9EB6C9A1FDA3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - /105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\Firefox\Profiles\zcu5n4ut.default\
FF - prefs.js: browser.search.selectedEngine - iMesh Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-18 09:27
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s
cacaoweb = "c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?ng???? ?N???N???????????N???????N????v`??v????????????q???????Service Pack 1??????????????????????????????????????????????????????????????????????????????????k??????????j?{C?????????????k?????????????????N???E?????d???
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(2904)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
Heure de fin: 2011-01-18 09:31:10
ComboFix-quarantined-files.txt 2011-01-18 08:31
ComboFix2.txt 2010-03-20 08:16
Avant-CF: 48 812 957 696 octets libres
Après-CF: 48 568 528 896 octets libres
- - End Of File - - F94AA2035156E28917E3962278B5C03F
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1149 [GMT 1:00]
Lancé depuis: c:\users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\users\Diane\AppData\Roaming\OfferBox
c:\users\Diane\AppData\Roaming\OfferBox\config.dat
c:\users\Diane\AppData\Roaming\OfferBox\config.xml
c:\users\edvard\AppData\Roaming\OfferBox
c:\users\edvard\AppData\Roaming\OfferBox\config.dat
c:\users\edvard\AppData\Roaming\OfferBox\config.xml
c:\users\Invité\AppData\Roaming\OfferBox
c:\users\Invité\AppData\Roaming\OfferBox\config.dat
c:\users\Invité\AppData\Roaming\OfferBox\config.xml
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\adstorage.db
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\megavideoWQK62KPB301265349.cacao
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\storage.db
c:\users\Julien.PC-de-edvard\AppData\Roaming\Microsoft\Windows\Recent\FAQ.url
c:\windows\system32\shsvcs.dll.back
c:\windows\system32\themeui.dll.back
c:\windows\system32\uxtheme.dll.back
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-18 au 2011-01-18 ))))))))))))))))))))))))))))))))))))
.
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Julien.PC-de-edvard\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\TEMP.PC-DE-PAUL\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\JULIEN~1~PC-\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\julien\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Invité\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\edvard\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Diane\AppData\Local\temp
2011-01-18 08:27 . 2011-01-18 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-18 06:46 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CF472169-B553-47B5-8C7E-E0C1303DA65A}\mpengine.dll
2011-01-17 19:39 . 2010-12-14 13:48 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-01-17 19:39 . 2010-12-14 13:48 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-01-17 19:34 . 2010-12-14 13:53 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-01-17 19:33 . 2011-01-17 19:38 -------- d-----w- c:\program files\TuneUp Utilities 2011
2011-01-17 19:21 . 2011-01-17 19:21 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-16 21:20 . 2011-01-16 21:20 -------- d-----w- c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar
2011-01-16 19:37 . 2011-01-16 19:37 -------- d-----w- c:\program files\CCleaner
2011-01-16 19:13 . 2011-01-16 19:13 -------- d-----w- c:\program files\Ad-Remover
2011-01-12 05:12 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 05:12 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 05:12 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 05:12 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 05:12 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 05:12 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 05:12 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-26 14:04 . 2010-12-26 14:04 -------- d-----w- c:\users\Diane\AppData\Roaming\Sony
2010-12-25 12:27 . 2010-12-25 12:27 -------- d-----w- c:\programdata\26234
2010-12-25 08:13 . 2011-01-16 21:20 -------- d-----w- c:\program files\Unlocker
2010-12-25 08:01 . 2010-12-25 08:01 -------- d-----w- c:\programdata\Chat Republic Games
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-19 19:55 . 2007-05-06 19:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-19 19:55 . 2007-05-06 19:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-12 17:53 . 2010-08-25 06:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-06 11:10 . 2010-12-15 13:16 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:10 . 2010-12-15 13:16 357376 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:10 . 2010-12-15 13:16 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:09 . 2010-12-15 13:16 603648 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-05 00:53 . 2010-12-15 13:16 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-15 13:16 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-15 13:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-15 13:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-15 13:16 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-15 13:16 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-15 13:16 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-15 13:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-15 13:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:02 . 2010-12-15 13:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:03 . 2010-12-15 13:16 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 12:56 . 2010-12-15 13:16 2048 ----a-w- c:\windows\system32\tzres.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"cacaoweb"="c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\cacaoweb.exe" [BU]
"ViVi Cursor"="c:\program files\ViVi Cursor 2.0\ViVi_Cursor.exe" [2008-09-25 1001472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
c:\users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\Julien.PC-de-edvard\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [N/A]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
OneNote 2010 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
c:\users\edvard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
Sommaire de OneNote.onetoc2 [2008-5-22 3656]
c:\users\Invit‚\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
c:\users\julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dock.lnk - c:\vistaosx09\RKLauncher.exe [2010-5-29 708608]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-6 528384]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-6 200812]
Secure it Easy Notifier.exe.lnk - c:\program files\CoSoSys Ltd\Secure it Easy\SiENotifier.exe [2009-6-3 860360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\PythonService.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca2584d44ef949;Service Google Update (gupdate1ca2584d44ef949);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 133104]
R3 EraserUtilDrv10920;EraserUtilDrv10920;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10920.sys [x]
R3 EraserUtilDrvI9;EraserUtilDrvI9;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 Fadpu16E;Fadpu16E;c:\users\JULIEN~1.PC-\AppData\Local\Temp\Fadpu16E.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-02-24 3411964]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [2007-08-31 39408]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Secure it Easy;Secure it Easy;c:\program files\CoSoSys Ltd\Secure it Easy\SIEservice.exe [2009-06-03 65736]
S2 sieflt;sieflt;c:\windows\system32\DRIVERS\sieflt.sys [2009-06-03 34112]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2011-01-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-25 13:01]
2011-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-18 c:\windows\Tasks\User_Feed_Synchronization-{29C01C2B-1C07-48CE-B039-4A19E915CCC3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-18 c:\windows\Tasks\User_Feed_Synchronization-{41E945F8-C53F-46A9-BEBC-5CD718807E72}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-18 c:\windows\Tasks\User_Feed_Synchronization-{D24A402F-ED2A-4751-AB54-9EB6C9A1FDA3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - /105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\Firefox\Profiles\zcu5n4ut.default\
FF - prefs.js: browser.search.selectedEngine - iMesh Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-18 09:27
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s
cacaoweb = "c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?ng???? ?N???N???????????N???????N????v`??v????????????q???????Service Pack 1??????????????????????????????????????????????????????????????????????????????????k??????????j?{C?????????????k?????????????????N???E?????d???
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(2904)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
Heure de fin: 2011-01-18 09:31:10
ComboFix-quarantined-files.txt 2011-01-18 08:31
ComboFix2.txt 2010-03-20 08:16
Avant-CF: 48 812 957 696 octets libres
Après-CF: 48 568 528 896 octets libres
- - End Of File - - F94AA2035156E28917E3962278B5C03F
Bonsoir
1
Copie (Ctrl+C) le texte ci-dessous :
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
Sauvegarde ce fichier sous le nom de CFScript.txt
Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture
![]()
Combofix se lance, laisse toi guider..
Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
2
suis ce tuto et poste le rapport:
http://forum.pcastuces.com/eset_online_scanner___nouvel...
surtout, tu ne supprimes rien de ce qu'il détecte ;O)
1
Copie (Ctrl+C) le texte ci-dessous :
Driver::
Fadpu16E
File::
c:\users\Julien.PC-de-edvard\AppData\Local\Temp\Fadpu16E.sys
Folder::
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb
DirLook::
c:\programdata\26234
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cacaoweb"=-
Fadpu16E
File::
c:\users\Julien.PC-de-edvard\AppData\Local\Temp\Fadpu16E.sys
Folder::
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar
c:\users\Julien.PC-de-edvard\AppData\Roaming\cacaoweb
DirLook::
c:\programdata\26234
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cacaoweb"=-
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
Sauvegarde ce fichier sous le nom de CFScript.txt
Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture
Ne touche à rien tant que le scan n'est pas terminé.
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
2
suis ce tuto et poste le rapport:
http://forum.pcastuces.com/eset_online_scanner___nouvel...
surtout, tu ne supprimes rien de ce qu'il détecte ;O)
Voici le rapport de Combo fix et le scan avec Eset s'arrête à 18 % ![:(]( ":(")
ComboFix 11-01-17.04 - Julien 19/01/2011 16:31:55.4.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.996 [GMT 1:00]
Lancé depuis: c:\users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\ComboFix.exe
Commutateurs utilisés :: c:\users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FILE ::
"c:\users\Julien.PC-de-edvard\AppData\Local\Temp\Fadpu16E.sys"
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\affid.ini
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\data.ini
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\Interop.SHDocVw.dll
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\QuickStores.ico
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\QuickStoresToolbar.dll
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.dat
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.exe
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.msg
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\Update.exe
Une copie infectée de c:\windows\system32\userinit.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\ERDNT\cache\userinit.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_FADPU16E
-------\Service_Fadpu16E
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-19 au 2011-01-19 ))))))))))))))))))))))))))))))))))))
.
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL.002\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL.001\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL.000\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\JULIEN~1~PC-\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\julien\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\Invité\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\edvard\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\Diane\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-19 12:17 . 2011-01-19 12:17 -------- d-----w- c:\users\Diane\AppData\Roaming\TuneUp Software
2011-01-18 08:31 . 2011-01-19 15:46 -------- d-----w- c:\users\Julien.PC-de-edvard\AppData\Local\temp
2011-01-18 06:46 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CF472169-B553-47B5-8C7E-E0C1303DA65A}\mpengine.dll
2011-01-17 19:39 . 2010-12-14 13:48 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-01-17 19:39 . 2010-12-14 13:48 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-01-17 19:34 . 2010-12-14 13:53 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-01-17 19:33 . 2011-01-17 19:38 -------- d-----w- c:\program files\TuneUp Utilities 2011
2011-01-17 19:21 . 2011-01-17 19:21 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-16 19:37 . 2011-01-16 19:37 -------- d-----w- c:\program files\CCleaner
2011-01-16 19:13 . 2011-01-16 19:13 -------- d-----w- c:\program files\Ad-Remover
2011-01-12 05:12 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 05:12 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 05:12 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 05:12 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 05:12 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 05:12 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 05:12 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-26 14:04 . 2010-12-26 14:04 -------- d-----w- c:\users\Diane\AppData\Roaming\Sony
2010-12-25 12:27 . 2010-12-25 12:27 -------- d-----w- c:\programdata\26234
2010-12-25 08:13 . 2011-01-16 21:20 -------- d-----w- c:\program files\Unlocker
2010-12-25 08:01 . 2010-12-25 08:01 -------- d-----w- c:\programdata\Chat Republic Games
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-19 19:55 . 2007-05-06 19:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-19 19:55 . 2007-05-06 19:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-12 17:53 . 2010-08-25 06:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-06 11:10 . 2010-12-15 13:16 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:10 . 2010-12-15 13:16 357376 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:10 . 2010-12-15 13:16 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:09 . 2010-12-15 13:16 603648 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-05 00:53 . 2010-12-15 13:16 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-15 13:16 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-15 13:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-15 13:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-15 13:16 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-15 13:16 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-15 13:16 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-15 13:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-15 13:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:02 . 2010-12-15 13:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:03 . 2010-12-15 13:16 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 12:56 . 2010-12-15 13:16 2048 ----a-w- c:\windows\system32\tzres.dll
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\26234 ----
2010-12-25 12:27 . 2010-11-18 15:30 3172 ----a-w- c:\programdata\26234\{063AF445-B488-4731-B357-A8077EA346D1}.swf
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ViVi Cursor"="c:\program files\ViVi Cursor 2.0\ViVi_Cursor.exe" [2008-09-25 1001472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
c:\users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\Julien.PC-de-edvard\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [N/A]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
OneNote 2010 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
c:\users\edvard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
Sommaire de OneNote.onetoc2 [2008-5-22 3656]
c:\users\Invit‚\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
c:\users\julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dock.lnk - c:\vistaosx09\RKLauncher.exe [2010-5-29 708608]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-6 528384]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-6 200812]
Secure it Easy Notifier.exe.lnk - c:\program files\CoSoSys Ltd\Secure it Easy\SiENotifier.exe [2009-6-3 860360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\PythonService.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca2584d44ef949;Service Google Update (gupdate1ca2584d44ef949);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 133104]
R3 EraserUtilDrv10920;EraserUtilDrv10920;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10920.sys [x]
R3 EraserUtilDrvI9;EraserUtilDrvI9;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-02-24 3411964]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [2007-08-31 39408]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Secure it Easy;Secure it Easy;c:\program files\CoSoSys Ltd\Secure it Easy\SIEservice.exe [2009-06-03 65736]
S2 sieflt;sieflt;c:\windows\system32\DRIVERS\sieflt.sys [2009-06-03 34112]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2011-01-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-25 13:01]
2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{29C01C2B-1C07-48CE-B039-4A19E915CCC3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{41E945F8-C53F-46A9-BEBC-5CD718807E72}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{D24A402F-ED2A-4751-AB54-9EB6C9A1FDA3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - /105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\Firefox\Profiles\zcu5n4ut.default\
FF - prefs.js: browser.search.selectedEngine - iMesh Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-QuickStores-Toolbar_is1 - c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.exe
**************************************************************************
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés:
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(2928)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CISVC.EXE
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2011-01-19 16:51:43 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-01-19 15:51
ComboFix2.txt 2011-01-18 08:31
ComboFix3.txt 2010-03-20 08:16
Avant-CF: 48 374 767 616 octets libres
Après-CF: 48 197 627 904 octets libres
- - End Of File - - DA7D3549AFC9FBCE67D98FC9E9BFB718
ComboFix 11-01-17.04 - Julien 19/01/2011 16:31:55.4.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.996 [GMT 1:00]
Lancé depuis: c:\users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\ComboFix.exe
Commutateurs utilisés :: c:\users\Julien.PC-de-edvard\Music\Franz Ferdinand\Downloads\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FILE ::
"c:\users\Julien.PC-de-edvard\AppData\Local\Temp\Fadpu16E.sys"
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\affid.ini
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\data.ini
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\Interop.SHDocVw.dll
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\QuickStores.ico
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\QuickStoresToolbar.dll
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.dat
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.exe
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.msg
c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\Update.exe
Une copie infectée de c:\windows\system32\userinit.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\ERDNT\cache\userinit.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_FADPU16E
-------\Service_Fadpu16E
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-19 au 2011-01-19 ))))))))))))))))))))))))))))))))))))
.
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL.002\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL.001\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\TEMP.PC-DE-PAUL.000\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\JULIEN~1~PC-\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\julien\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\Invité\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\edvard\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\Diane\AppData\Local\temp
2011-01-19 15:43 . 2011-01-19 15:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-19 12:17 . 2011-01-19 12:17 -------- d-----w- c:\users\Diane\AppData\Roaming\TuneUp Software
2011-01-18 08:31 . 2011-01-19 15:46 -------- d-----w- c:\users\Julien.PC-de-edvard\AppData\Local\temp
2011-01-18 06:46 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CF472169-B553-47B5-8C7E-E0C1303DA65A}\mpengine.dll
2011-01-17 19:39 . 2010-12-14 13:48 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-01-17 19:39 . 2010-12-14 13:48 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-01-17 19:34 . 2010-12-14 13:53 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-01-17 19:33 . 2011-01-17 19:38 -------- d-----w- c:\program files\TuneUp Utilities 2011
2011-01-17 19:21 . 2011-01-17 19:21 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-16 19:37 . 2011-01-16 19:37 -------- d-----w- c:\program files\CCleaner
2011-01-16 19:13 . 2011-01-16 19:13 -------- d-----w- c:\program files\Ad-Remover
2011-01-12 05:12 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 05:12 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 05:12 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 05:12 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 05:12 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 05:12 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 05:12 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-26 14:04 . 2010-12-26 14:04 -------- d-----w- c:\users\Diane\AppData\Roaming\Sony
2010-12-25 12:27 . 2010-12-25 12:27 -------- d-----w- c:\programdata\26234
2010-12-25 08:13 . 2011-01-16 21:20 -------- d-----w- c:\program files\Unlocker
2010-12-25 08:01 . 2010-12-25 08:01 -------- d-----w- c:\programdata\Chat Republic Games
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-19 19:55 . 2007-05-06 19:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-19 19:55 . 2007-05-06 19:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-12 17:53 . 2010-08-25 06:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-06 11:10 . 2010-12-15 13:16 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-06 11:10 . 2010-12-15 13:16 357376 ----a-w- c:\windows\system32\taskschd.dll
2010-11-06 11:10 . 2010-12-15 13:16 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-06 11:09 . 2010-12-15 13:16 603648 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-05 00:53 . 2010-12-15 13:16 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-15 13:16 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-15 13:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-15 13:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-15 13:16 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-15 13:16 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-15 13:16 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-15 13:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-15 13:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:02 . 2010-12-15 13:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:03 . 2010-12-15 13:16 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 12:56 . 2010-12-15 13:16 2048 ----a-w- c:\windows\system32\tzres.dll
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\26234 ----
2010-12-25 12:27 . 2010-11-18 15:30 3172 ----a-w- c:\programdata\26234\{063AF445-B488-4731-B357-A8077EA346D1}.swf
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-25 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ViVi Cursor"="c:\program files\ViVi Cursor 2.0\ViVi_Cursor.exe" [2008-09-25 1001472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
c:\users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\Julien.PC-de-edvard\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [N/A]
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
OneNote 2010 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
c:\users\edvard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
Sommaire de OneNote.onetoc2 [2008-5-22 3656]
c:\users\Invit‚\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
c:\users\julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dock.lnk - c:\vistaosx09\RKLauncher.exe [2010-5-29 708608]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-6 528384]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-6 200812]
Secure it Easy Notifier.exe.lnk - c:\program files\CoSoSys Ltd\Secure it Easy\SiENotifier.exe [2009-6-3 860360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\PythonService.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca2584d44ef949;Service Google Update (gupdate1ca2584d44ef949);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 133104]
R3 EraserUtilDrv10920;EraserUtilDrv10920;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10920.sys [x]
R3 EraserUtilDrvI9;EraserUtilDrvI9;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-02-24 3411964]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [2007-08-31 39408]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Secure it Easy;Secure it Easy;c:\program files\CoSoSys Ltd\Secure it Easy\SIEservice.exe [2009-06-03 65736]
S2 sieflt;sieflt;c:\windows\system32\DRIVERS\sieflt.sys [2009-06-03 34112]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2011-01-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-25 13:01]
2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 13:06]
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{29C01C2B-1C07-48CE-B039-4A19E915CCC3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{41E945F8-C53F-46A9-BEBC-5CD718807E72}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
2011-01-19 c:\windows\Tasks\User_Feed_Synchronization-{D24A402F-ED2A-4751-AB54-9EB6C9A1FDA3}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - /105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Julien.PC-de-edvard\AppData\Roaming\Mozilla\Firefox\Profiles\zcu5n4ut.default\
FF - prefs.js: browser.search.selectedEngine - iMesh Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-QuickStores-Toolbar_is1 - c:\users\Julien.PC-de-edvard\AppData\Roaming\QuickStoresToolbar\unins000.exe
**************************************************************************
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés:
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(2928)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CISVC.EXE
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2011-01-19 16:51:43 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-01-19 15:51
ComboFix2.txt 2011-01-18 08:31
ComboFix3.txt 2010-03-20 08:16
Avant-CF: 48 374 767 616 octets libres
Après-CF: 48 197 627 904 octets libres
- - End Of File - - DA7D3549AFC9FBCE67D98FC9E9BFB718
re
Réessaye un scan GMER, en mode sans échec s'il le faut.
si ça marche pas:
Télécharge RootRepeal
http://rootrepeal.googlepages.com/RootRepeal.zip
Déconnecte la machine d'Internet.
Dézippe sur le bureau (Unzip ou extraire tout...).
Désactive tes programmes de sécurité ( Pare-Feu, anti-spyware, anti-virus).
Double clic sur RootRepeal.exe
Une fenêtre s'ouvre,choisis dans les onglets en bas Report.
Clic Scan ,Coche les 6 cases, clic Ok
Coche C:\ puis Ok
Le scan se lance, une fois fini clic sur Save Report.
Sauve le rapport sur le bureau.
Réactive tes logiciels de protections et relance Internet.
Copie/Colle le rapport dans ta prochaine réponse.
Réessaye un scan GMER, en mode sans échec s'il le faut.
si ça marche pas:
Télécharge RootRepeal
http://rootrepeal.googlepages.com/RootRepeal.zip
Déconnecte la machine d'Internet.
Dézippe sur le bureau (Unzip ou extraire tout...).
Désactive tes programmes de sécurité ( Pare-Feu, anti-spyware, anti-virus).
Double clic sur RootRepeal.exe
Une fenêtre s'ouvre,choisis dans les onglets en bas Report.
Clic Scan ,Coche les 6 cases, clic Ok
Coche C:\ puis Ok
Le scan se lance, une fois fini clic sur Save Report.
Sauve le rapport sur le bureau.
Réactive tes logiciels de protections et relance Internet.
Copie/Colle le rapport dans ta prochaine réponse.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumMon pc s éteint tout seul
- ForumPc eteint se rallume tout seul
- ForumPc en veille se rallume tout seul
- ForumPc s'eteint et se rallume seul
- ForumPc bureau se rallume tout seul
- ForumPc qui s éteint tout seul
- solutionsPc se rallume tout seul
- ForumLe pc se rallume tout seul
- ForumMon pc se rallume seul
- ForumPc se rallume tout seul a minuit
- Voir plus
