Pages internet s'ouvrent sans arret

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Pages internet s'ouvrent sans arret

Messagede oeno33 » 01 Juil 2012, 15:35

Bonjour,

Comme beaucoup d'utilisateurs, j'ai un problème de pages internet (que des pubs) qui s'ouvrent de manière intempestive sans arrêt. J'ai consulté plusieurs forums et en ai donc conclus que mon ordinateur était infecté. J'ai donc suivi une procédure trouvée sur le votre générant des rapports d'analyse: un rapport de Malwarebytes' Anti-Malware et 2 rapport OTL.
Je vous envoie donc ces rapports afin de solliciter votre aide pour désinfecter mon ordinateur. Comme préciser dans la procédure, je poste ces rapports dans plusieurs messages en raison de leur taille.

Merci par avance de votre aide

le rapport de Malwarebytes' Anti-Malware:
Malwarebytes Anti-Malware (Essai) 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.07.01.02

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Famille Miot-serti :: FAMILLEMIOT-SER [administrateur]

Protection: Activé

01/07/2012 12:26:10
mbam-log-2012-07-01 (12-28-43).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 207087
Temps écoulé: 2 minute(s), 18 seconde(s)

Processus mémoire détecté(s): 4
C:\Users\Famille Miot-serti\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe (Trojan.Eorezo) -> 2172 -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (PUP.Tuto4PC) -> 1768 -> Aucune action effectuée.
C:\Program Files (x86)\PCTuto\pctuto.exe (Adware.Eorezo) -> 3356 -> Aucune action effectuée.
C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Adware.Eorezo) -> 3744 -> Aucune action effectuée.

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 19
HKCR\CLSID\{0722A2AC-4CF8-4310-AFEE-F87AA9BE10AA} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\Tuto4pcFrSolimbaBHO.Tuto4pcBHO.1 (Adware.Eorezo) -> Aucune action effectuée.
HKCR\Tuto4pcFrSolimbaBHO.Tuto4pcBHO (Adware.Eorezo) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0722A2AC-4CF8-4310-AFEE-F87AA9BE10AA} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\TypeLib\{8640C08A-5D22-4529-A8AD-0436026188F2} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\Interface\{BD490E24-D18C-4323-B481-79DD4F62E758} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\PCTutoBHO.PCTBHO.1 (Adware.Eorezo) -> Aucune action effectuée.
HKCR\PCTutoBHO.PCTBHO (Adware.Eorezo) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Adware.Eorezo) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Adware.Eorezo) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78} (Adware.Eorezo) -> Aucune action effectuée.
HKCR\bho_project.bho_object (Trojan.BHO) -> Aucune action effectuée.
HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Aucune action effectuée.
HKLM\SOFTWARE\Tuto4pc (PUP.Tuto4PC) -> Aucune action effectuée.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tuto4pc_is1 (PUP.Tuto4PC) -> Aucune action effectuée.

Valeur(s) du Registre détectée(s): 5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|autoupdater (Trojan.Eorezo) -> Données: C:\Users\Famille Miot-serti\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe -runonce -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|UpdateTuto4PCHP (PUP.Tuto4PC) -> Données: C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe -runonce -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|PCTuto (Adware.Eorezo) -> Données: "C:\Program Files (x86)\PCTuto\pctuto.exe" -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Tutorials (Adware.Eorezo) -> Données: "C:\Program Files (x86)\Tuto4pc\tuto4pc.exe" -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|eoweather (Trojan.StartPage) -> Données: C:\Program Files (x86)\qtreg.vbs -> Aucune action effectuée.

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 1
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc (PUP.Tuto4PC) -> Aucune action effectuée.

Fichier(s) détecté(s): 18
C:\Users\Famille Miot-serti\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe (Trojan.Eorezo) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (PUP.Tuto4PC) -> Aucune action effectuée.
C:\Program Files (x86)\PCTuto\pctuto.exe (Adware.Eorezo) -> Aucune action effectuée.
C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Adware.Eorezo) -> Aucune action effectuée.
C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll (Adware.Eorezo) -> Aucune action effectuée.
C:\Program Files (x86)\PCTuto\pctutoBHO.dll (Adware.Eorezo) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\PCtuto\UpdatePCTuto\UpdatePCTuto.exe (PUP.Tuto4PC) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PC.exe (PUP.Tuto4PC) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\Downloads\outlook express setup.exe (PUP.AdBundle) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\Downloads\Quick Zip_telechargement_01net.exe (PUP.Toolbar.Repacked) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\Downloads\SoftonicDownloader_pour_modele-de-calendrier-excel-annuel.exe (PUP.ToolbarDownloader) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\Downloads\SWF Opener.exe (PUP.AdBundler) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\user_profil.cyp (PUP.Tuto4PC) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\shared.cyp (PUP.Tuto4PC) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\user_config.cyp (PUP.Tuto4PC) -> Aucune action effectuée.
C:\Program Files (x86)\PCTuto\confmedia.cyp (Trojan.Eorezo) -> Aucune action effectuée.
C:\Users\Famille Miot-serti\Local Settings\Application Data\MAJTuto\MAJTuto.exe (Adware.EoRezo) -> Aucune action effectuée.
C:\Program Files (x86)\qtreg.vbs (Trojan.StartPage) -> Aucune action effectuée.

(fin)
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede oeno33 » 01 Juil 2012, 15:45

Comme précisé dans mon précédent message voici le 1er rapport OTL en 2 parties car trop gros:

Merci encore, j'ai l'impression qu'il y a de quoi faire...

OTL logfile created on: 01/07/2012 13:48:56 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Famille Miot-serti\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

5,87 Gb Total Physical Memory | 4,21 Gb Available Physical Memory | 71,74% Memory free
11,73 Gb Paging File | 9,90 Gb Available in Paging File | 84,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,54 Gb Total Space | 623,11 Gb Free Space | 91,03% Space Free | Partition Type: NTFS

Computer Name: FAMILLEMIOT-SER | User Name: Famille Miot-serti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/01 11:49:20 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Famille Miot-serti\Desktop\OTL.exe
PRC - [2012/06/14 17:20:22 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2012/05/27 21:00:18 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/04/27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/04/13 17:56:20 | 000,990,056 | ---- | M] (Tuto4PC) -- C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/21 12:20:40 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/21 07:55:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:55:20 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/10 11:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/08/10 11:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/08/10 11:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/29 01:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/29 01:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/05/27 05:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/04/13 19:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 19:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/03/11 08:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 08:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2007/01/11 20:57:20 | 000,291,760 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
PRC - [2006/12/11 18:11:58 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/01 08:18:34 | 000,115,137 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012/06/14 08:54:16 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/14 08:54:08 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/06/13 22:16:19 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/13 22:16:04 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/13 22:16:00 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/13 22:15:53 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/13 22:15:51 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/27 21:00:18 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012/05/13 09:18:37 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\68eb2c96de3918a4757f5f768dc671c7\IAStorUtil.ni.dll
MOD - [2012/05/13 08:44:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/05/13 08:43:48 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/13 08:43:42 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/13 08:43:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/13 08:43:37 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/13 08:43:28 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012/05/13 08:28:46 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/13 08:27:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012/05/13 08:27:14 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/13 08:17:49 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012/05/13 08:15:45 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/13 08:15:45 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/13 08:15:37 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/13 08:15:31 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/02/20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/15 20:42:53 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/03/15 20:42:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/06/29 01:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/05/20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2007/01/11 20:57:20 | 000,291,760 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
MOD - [2006/08/08 21:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrscw.dll
MOD - [2006/05/25 22:20:44 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\iptk.dll
MOD - [2005/12/29 17:34:22 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrdrec.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/25 16:41:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2006/12/11 18:12:22 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcrcoms.exe -- (lxcr_device)
SRV - [2012/06/17 09:05:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/14 17:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/21 12:20:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/21 07:55:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/15 12:20:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/10 11:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/29 01:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/05/27 05:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/04/13 19:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/11 18:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/21 12:22:38 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/07/21 12:22:37 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/06/02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/06/02 07:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/06/02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/09/22 03:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/08/25 18:50:48 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/25 16:05:44 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/05/15 15:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010/05/11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/13 19:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/13 12:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/01/27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\URLSearchHook: {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228304


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3228304
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\URLSearchHook: {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\URLSearchHook: {bb1227ac-7a0d-4076-8c1a-51a1348f6fa8} - No CLSID value found
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={2EA06774-8763-49A1-897D-9D8AA823C73D}&mid=98abeae8f7c547d0a0b1cd3c4e3b5986-b7d4f777c8f7ed82e1f6b163e2cad18bc04c177f&lang=en&ds=ft011&pr=sa&d=2012-06-29 09:45:01&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228304
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs&a=19emB393cn9
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede oeno33 » 01 Juil 2012, 15:47

Voila la suite du 1er rapport:
========== FireFox ==========

FF - prefs.js..CT3228304.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "01net 3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3228304&SearchSource=13"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3228304&SearchSource=2&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 09:05:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/12 21:48:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/04/23 08:51:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 09:05:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/12 21:48:44 | 000,000,000 | ---D | M]

[2011/09/10 08:20:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Extensions
[2012/07/01 12:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions
[2012/07/01 12:04:24 | 000,000,000 | ---D | M] (01net 3) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions\{681d7a5c-c4a3-4434-828f-2287ab4c0572}
[2012/05/30 20:57:12 | 000,000,000 | ---D | M] (WinZipBar_FR Community Toolbar) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions\{bb1227ac-7a0d-4076-8c1a-51a1348f6fa8}
[2012/06/29 08:48:15 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions\plugin@videofiledownload.com
[2012/07/01 12:04:29 | 000,000,907 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\searchplugins\conduit.xml
[2011/09/10 08:36:52 | 000,002,185 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\searchplugins\MyStart Search.xml
[2012/04/28 12:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/17 09:05:19 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/30 08:09:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/14 21:54:28 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/06/29 09:44:59 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/14 21:54:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/14 21:54:28 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/14 21:54:28 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/14 21:54:28 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/14 21:54:28 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - Extension: YouTube = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Wajam = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: Gmail = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (01net 3 Toolbar) - {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (VideoFileDownload) - {8F04D391-CC20-4BAE-8517-50371C7349D2} - C:\Program Files (x86)\OApps\bho_project.dll (VideoFileDownload)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (01net 3 Toolbar) - {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..\Toolbar\WebBrowser: (no name) - {BB1227AC-7A0D-4076-8C1A-51A1348F6FA8} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [LXCRCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCRtime.DLL (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxcrmon.exe] C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe ()
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1833546820-2947247365-798683735-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1833546820-2947247365-798683735-1001..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1833546820-2947247365-798683735-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKLM..\RunOnce: [UpdateTuto4PCHP] C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (Tuto4PC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..Trusted Domains: dainrauscher.com ([]https in Local intranet)
O15 - HKU\S-1-5-21-1833546820-2947247365-798683735-1001\..Trusted Domains: rbcdain.com ([]https in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B55F8F18-6891-4E08-9E4E-EC74395C4AED}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{83c9b02c-85fb-11e1-b98f-1c7508dfb075}\Shell - "" = AutoRun
O33 - MountPoints2\{83c9b02c-85fb-11e1-b98f-1c7508dfb075}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/07/01 12:34:36 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\Desktop\help
[2012/07/01 12:33:03 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\Desktop\depannage ordinateur
[2012/07/01 12:20:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/07/01 12:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/07/01 12:19:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/07/01 12:12:31 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Malwarebytes
[2012/07/01 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/01 12:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/01 12:12:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/01 12:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/01 12:06:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/07/01 12:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\01net_3
[2012/07/01 12:04:30 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\CRE
[2012/07/01 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\ATI
[2012/07/01 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\ATI
[2012/07/01 11:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/07/01 11:54:27 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\GetRightToGo
[2012/07/01 11:50:36 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Famille Miot-serti\Desktop\OTL.exe
[2012/06/30 12:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/06/30 12:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/30 12:39:12 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\Google
[2012/06/30 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/06/29 09:44:55 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2012/06/29 09:44:52 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\Wajam
[2012/06/29 09:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/06/29 09:44:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/29 09:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook Express Launcher
[2012/06/29 08:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2012/06/29 08:50:18 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc
[2012/06/29 08:50:18 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\Tuto4PC
[2012/06/29 08:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuto4pc
[2012/06/29 08:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
[2012/06/29 08:48:35 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnH Solutions
[2012/06/29 08:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
[2012/06/29 08:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnH Solutions
[2012/06/29 08:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012/06/29 08:48:13 | 000,633,399 | ---- | C] (UnH Solutions ) -- C:\Users\Famille Miot-serti\Desktop\SWFOpenerSetup.exe
[2012/06/27 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamax Poker
[2012/06/19 07:18:53 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/19 07:18:53 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/19 07:18:53 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/19 07:18:40 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/19 07:18:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/19 07:18:40 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/19 07:18:24 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/19 07:18:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/13 08:51:38 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 08:51:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/13 08:51:29 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/06/13 08:51:28 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/13 08:51:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/13 08:51:27 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/06/13 08:51:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/13 08:51:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/06/13 08:51:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/13 08:51:26 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/06/13 08:51:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/06/13 08:51:26 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/13 08:51:26 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/13 08:51:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/06/13 08:51:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/06/13 08:51:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/06/13 08:51:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/06/13 08:51:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 08:51:14 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 08:51:14 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/13 08:51:12 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 08:51:11 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 08:51:11 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 08:51:06 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 08:50:58 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 08:50:57 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

========== Files - Modified Within 30 Days ==========

[2012/07/01 13:51:58 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/01 13:51:58 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/01 13:51:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/07/01 13:49:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/01 13:48:54 | 000,704,714 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/07/01 13:48:54 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/01 13:48:54 | 000,130,988 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/07/01 13:48:54 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/01 13:48:53 | 001,549,936 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/01 13:44:42 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/01 13:44:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/01 13:44:26 | 428,900,351 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/01 12:19:11 | 000,001,108 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/01 12:19:06 | 000,000,928 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\NTREGOPT.lnk
[2012/07/01 12:19:06 | 000,000,909 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\ERUNT.lnk
[2012/07/01 12:12:12 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/01 11:49:20 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Famille Miot-serti\Desktop\OTL.exe
[2012/07/01 11:46:38 | 000,198,449 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\procedure analyse ordinateur.pdf
[2012/06/30 12:40:34 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/06/30 12:40:32 | 000,002,243 | ---- | M] () -- C:\Users\Famille Miot-serti\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/29 08:48:35 | 000,001,100 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\SWF Opener.lnk
[2012/06/29 08:48:18 | 000,633,399 | ---- | M] (UnH Solutions ) -- C:\Users\Famille Miot-serti\Desktop\SWFOpenerSetup.exe
[2012/06/27 21:23:40 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\Winamax Poker.lnk
[2012/06/24 09:33:26 | 005,738,496 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\A.M.M Reconnaissez vous ces personnages .pps
[2012/06/14 08:52:12 | 000,311,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/12 20:06:09 | 000,004,608 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/03 00:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe

========== Files Created - No Company Name ==========

[2012/07/01 13:51:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/07/01 12:19:11 | 000,001,108 | ---- | C] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/01 12:19:06 | 000,000,928 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\NTREGOPT.lnk
[2012/07/01 12:19:06 | 000,000,909 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\ERUNT.lnk
[2012/07/01 12:12:12 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/01 11:46:38 | 000,198,449 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\procedure analyse ordinateur.pdf
[2012/06/30 12:40:34 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/06/30 12:40:32 | 000,002,243 | ---- | C] () -- C:\Users\Famille Miot-serti\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/30 12:39:15 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/30 12:39:15 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/29 08:48:35 | 000,001,100 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\SWF Opener.lnk
[2012/06/24 09:33:24 | 005,738,496 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\A.M.M Reconnaissez vous ces personnages .pps
[2012/01/15 10:34:47 | 000,004,608 | ---- | C] () -- C:\Users\Famille Miot-serti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/09 19:40:37 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcrcomx.dll
[2011/11/09 19:40:37 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCRinst.dll
[2011/11/09 19:40:36 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrinpa.dll
[2011/11/09 19:40:36 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcriesc.dll
[2011/11/09 19:40:35 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrpmui.dll
[2011/11/09 19:40:32 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrserv.dll
[2011/11/09 19:40:32 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrusb1.dll
[2011/11/09 19:40:31 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrlmpm.dll
[2011/11/09 19:40:31 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrppls.exe
[2011/11/09 19:40:31 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrprox.dll
[2011/11/09 19:40:31 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrpplc.dll
[2011/11/09 19:40:30 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrcoms.exe
[2011/11/09 19:40:30 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrcomm.dll
[2011/11/09 19:40:30 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrih.exe
[2011/11/09 19:40:29 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrcomc.dll
[2011/03/15 12:23:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/15 12:12:26 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/03/15 12:11:55 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/03/15 12:11:55 | 000,193,400 | ---- | C] () -- C:\Windows\flicker.dll
[2011/03/15 12:11:55 | 000,066,424 | ---- | C] () -- C:\Windows\setpwlin.exe
[2011/03/15 12:11:55 | 000,059,992 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011/03/15 12:11:55 | 000,000,673 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011/03/15 12:11:55 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011/03/02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/03/02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/03/02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/03/02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/03/02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010/11/17 15:30:01 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/11/17 14:56:27 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/11/17 14:55:51 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2010/11/17 14:47:51 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012/07/01 12:04:31 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\GetRightToGo
[2011/09/10 08:23:35 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\PCtuto
[2011/12/11 18:39:43 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\pdfforge
[2012/05/27 20:54:45 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Samsung
[2012/05/27 20:57:14 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Temp
[2011/09/10 09:02:37 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Thunderbird
[2012/06/29 08:50:18 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Tuto4pc
[2012/04/06 13:27:30 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
[2012/06/07 19:07:50 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/07/17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/02/04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/07/17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/02/04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/07/17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/02/04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/07/17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/02/04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IASTOR.SYS >
[2010/04/13 03:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x64\iaStor.sys
[2010/04/13 19:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/13 19:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_d085c8f0cb5c2856\iaStor.sys
[2010/04/13 03:35:20 | 000,435,736 | ---- | M] (Intel Corporation) MD5=E11ED9B1EA60E747655E1090C7509D08 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x86\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/07/17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/07/17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/07/17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:CFE0B346

< End of report >
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede oeno33 » 01 Juil 2012, 15:48

Et voici le 2eme rapport OTL:
OTL Extras logfile created on: 01/07/2012 13:48:56 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Famille Miot-serti\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

5,87 Gb Total Physical Memory | 4,21 Gb Available Physical Memory | 71,74% Memory free
11,73 Gb Paging File | 9,90 Gb Available in Paging File | 84,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,54 Gb Total Space | 623,11 Gb Free Space | 91,03% Space Free | Partition Type: NTFS

Computer Name: FAMILLEMIOT-SER | User Name: Famille Miot-serti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1833546820-2947247365-798683735-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05F2706A-7004-4CEE-821B-40A2638DCEBC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0612A7AA-9BF9-4811-83F3-F2260D18902D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{09D49FF9-135E-4149-9DFA-D4DD86EC0A57}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{13A5307D-639C-4386-8F7C-6894E683DC5D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{19D81D45-50CE-4C7F-8515-DAA735617043}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2DA1E9A7-188E-4D06-A07D-1BF1AA8D2EBF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45C00BC7-A6AA-4D17-91FD-3E3CEE8785D4}" = rport=445 | protocol=6 | dir=out | app=system |
"{4A73876C-8AFE-4885-AB42-88C7C586C18C}" = lport=139 | protocol=6 | dir=in | app=system |
"{5F3E1CD3-0D4E-4BC9-8241-41B507DF560C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{61F87E46-269E-436F-9EFD-8EBAB8A2CEB7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{774F23BD-9F6C-4814-B9DD-DA3F1BCCF3B3}" = lport=138 | protocol=17 | dir=in | app=system |
"{7FD97BC0-9D5E-4FC3-9DB0-00C568CFB179}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EB3F948-5F57-4AFA-A4B1-C93AEA149B96}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9112D57E-7EC5-4B8E-BB12-E557591F07C0}" = rport=138 | protocol=17 | dir=out | app=system |
"{93EA0AB1-379A-4949-B6B7-E128DA0451BB}" = rport=137 | protocol=17 | dir=out | app=system |
"{970CDD19-D473-4E09-8768-3A2BBFC0AD0F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9A47A553-2F49-4301-A8F7-0B42FFD41760}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B31BDA0A-0DB9-46DD-A0EB-A5E5607158DB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C19CD569-5EB5-4C5F-8C22-C9145C85AE07}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C215C84E-FD2D-41E6-87F5-C83732108130}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CFD398BA-3735-49A1-A9F2-3869324DD5F4}" = rport=139 | protocol=6 | dir=out | app=system |
"{E4D2AEAB-49B8-422D-AE19-ED978CDCBB2C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E913906E-57BC-4066-8C80-467C0A667F62}" = lport=445 | protocol=6 | dir=in | app=system |
"{EF88A98D-C544-48A7-8F1D-86F69FF9F0BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{FE185A2D-C953-4053-9BDC-D83BABF7E957}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{056C1635-CA05-4155-9290-C27991697164}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0A9BA941-DAFF-4433-B055-717090149B10}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0E878357-05C0-4FAB-BC50-E555ED1AFCF0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{119C700A-4C1A-42B1-8156-870EDBCF3868}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{1AFBBC42-56A2-47F5-A4C3-A3F0E6CC1889}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20381A14-7389-4CC3-BFD2-59D406EE4341}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2400 series\lxcrmon.exe |
"{331F063E-D326-4DEA-9552-FAD4CCE637F1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3993054E-15E3-455E-9F18-947B2FA0D2EE}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxcrcoms.exe |
"{3DA6F4D9-EA57-41FB-BEBD-91A14EACCD99}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{434EDF57-9B8E-4C1F-B865-8C5E91D6EB76}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4B850F8D-5B5D-440E-ABD9-1E75DF807605}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F4017ED-F5CE-4335-B369-AD80B0BF2617}" = protocol=17 | dir=in | app=c:\windows\system32\lxcrcoms.exe |
"{58476DE3-A03E-4C93-A15A-31C39D453573}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5FA091B7-5246-42C6-BA18-91FF5CDCA275}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C196BF7-BAB6-4F11-8283-2EE2DE4FC683}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2400 series\lxcraiox.exe |
"{708921F4-E0BA-45F5-AC14-255D62C3AD22}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{748A3A1E-17B0-4BD7-9A42-E8E5431DC7D0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{773BEABC-0B7F-45A2-B31C-24F382356B1B}" = protocol=6 | dir=out | app=system |
"{7A8C688C-59A2-4FD2-9CB9-190FF3594181}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{7AC92188-354D-4F3B-9D9C-93956D4A04D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{822B8E01-517C-4BAB-920D-A4641231F0CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D021ACE-94B2-4EFD-A581-898BBE6E6277}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DA46819-6220-4C96-9BD5-655695513219}" = protocol=6 | dir=in | app=c:\windows\system32\lxcrcoms.exe |
"{903BC000-1C72-4951-A041-B3D5A0E86956}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{94F1B868-820B-47B6-9E7B-35DF3DB4B654}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A53F14B8-5184-4A47-AFC2-2EE9A4DF438F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B1DADA21-E565-4090-A8BE-CB0E9732B0D4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B28C53C1-336D-4C19-B0B8-0422E08A1122}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{BA03D8E3-DD65-49FA-9893-940C0408A1B8}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2400 series\lxcraiox.exe |
"{C5626F25-8449-41A1-911F-1D7AD3BEFEE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxcrcoms.exe |
"{C748B0AB-0ECF-4672-8BB6-2DFBCAE31F69}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DB8B7D4E-515A-42AA-89DF-8484A973A7EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E350C08B-1C65-4314-BC57-C6A509511976}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E36E312C-3710-412D-91C2-3E2CE2D059AC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E59440D2-6FC9-4DB8-9C3B-CE6032958702}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E75E734C-EBE8-43F3-BAEE-26ADB74728A6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EA5DC667-B8EA-4541-8F2B-2FCF75B63698}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EDB80628-5A12-4E7D-943F-27925B02E65B}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2400 series\lxcrmon.exe |
"{EE457E94-4C31-47CA-9B32-73C78C06B72E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1EE3705-8452-4003-908D-AED6F903876B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F45D1F6C-7B06-41E5-8F95-91BEBC5DB984}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FAA90FD4-A69E-4156-B4C2-E12A16CE9172}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FDC04325-C9FB-4247-B9F2-9F9B73749CDA}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A0B8EEF-41D4-FABD-BBC8-84397D53D1F2}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}" = ATI Catalyst Install Manager
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.6.5_WHQL
"Lexmark 2400 Series" = Lexmark 2400 Series
"Lexmark Fax Solutions" = Solutions de télécopie Lexmark
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B057B23-641D-3826-37E6-32659B2CD274}" = CCC Help Danish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D3C01F2-3A39-0248-42A0-4F52DAE2302B}" = Winamax Poker
"{0D4464C2-F0AF-AE2A-3CDF-137687198FAF}" = CCC Help Japanese
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Barre d'outils
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1B0BB33F-F7DD-5E48-D07A-FF3645D20D8E}" = CCC Help Chinese Standard
"{1B192700-C368-49C1-BF81-D2F9BA065534}" = Catalyst Control Center - Branding
"{1CDD5987-A25E-FDA6-FF67-13667183B935}" = CCC Help Finnish
"{1D3CC42C-1F48-2CE4-65D9-ECA043A0A105}" = Catalyst Control Center InstallProxy
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21ED5CFB-6724-7485-F56E-16AE158B8D53}" = CCC Help Hungarian
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28849F27-E11E-F067-C4B5-7F4CDB75D473}" = ccc-core-static
"{31501D72-B6BB-145E-29D6-C144D6819A26}" = CCC Help Chinese Traditional
"{32B28D14-04E6-2B5A-6D6B-394F0B2FC1B1}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3BDBB1B1-0DBE-6192-D674-6F4B438D7BE1}" = CCC Help Italian
"{3D9601FE-48EE-488F-990B-2F5DB2BB0346}" = CCC Help Swedish
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E5CCE8D-65F2-86FA-C53D-2ECA4E8C6404}" = CCC Help Dutch
"{43B2F1C5-1AAE-C4D0-93F8-C03F97CF8710}" = CCC Help French
"{442BE853-E839-2A5D-1249-B36AF96AB486}" = CCC Help Norwegian
"{488EF105-7A2A-1D7A-FB23-6CA41D0DB54B}" = CCC Help Korean
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D328ECC-B82B-381E-6570-B55192EA54E5}" = Catalyst Control Center Localization All
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}" = Photo Notifier and Animation Creator
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}" = MioMore Desktop 2008
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3079E7-974F-56A0-162A-1B649F6C85D8}" = CCC Help Turkish
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98A26988-E99C-2EA6-684A-3FFE6F3A90F9}" = PX Profile Update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4EF8AA-7EF4-A62A-0F80-7A828296A647}" = CCC Help Thai
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B902AB32-FE75-77BB-F54A-3A8E26D2D2DD}" = CCC Help English
"{BA140B33-9533-C8D5-BA7E-4EF1E59AA6EA}" = CCC Help Portuguese
"{BA97C7F2-82B0-5B0F-68CE-1C0EE2CB0609}" = CCC Help Czech
"{C19CA0D5-3131-1222-3176-D60A04F56586}" = CCC Help German
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D68BBEA3-D1AC-F898-A22C-FB1D1244C852}" = CCC Help Polish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E9B566E7-1591-D86B-2212-F3454EBE0087}" = CCC Help Greek
"{EB378F1E-9484-F16E-6378-975CDD915A35}" = CCC Help Russian
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F177758C-B671-B885-A7DF-6BA84B51679C}" = Catalyst Control Center Graphics Previews Vista
"01net_3 Toolbar" = 01net 3 Toolbar
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IncrediMail" = IncrediMail 2.0
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 fr)" = Mozilla Firefox 13.0.1 (x86 fr)
"Mozilla Thunderbird 12.0.1 (x86 fr)" = Mozilla Thunderbird 12.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PCTuto Avast_is1" = PCTuto Avast 2.0
"PCTuto Maj_is1" = PCTuto Maj 1.0
"PCTuto_is1" = PCTuto 2.0
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"Tuto Firefox_is1" = Tuto Firefox1.0.0.0
"Tuto4pc_is1" = Tuto4pc
"UpdatePCTuto_is1" = UpdatePCTuto 2.0
"vfd-apl" = VideoFileDownload
"Wajam" = Wajam
"wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1" = Winamax Poker
"WinLiveSuite" = Windows Live

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20/06/2012 08:45:33 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5428

Error - 20/06/2012 10:33:37 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 20/06/2012 10:33:37 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6489251

Error - 20/06/2012 10:33:37 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6489251

Error - 20/06/2012 10:33:39 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 20/06/2012 10:33:39 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6490811

Error - 20/06/2012 10:33:39 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6490811

Error - 20/06/2012 10:33:40 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 20/06/2012 10:33:40 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6491825

Error - 20/06/2012 10:33:40 | Computer Name = FamilleMiot-ser | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6491825

[ System Events ]
Error - 13/05/2012 02:19:06 | Computer Name = FamilleMiot-ser | Source = Service Control Manager | ID = 7000
Description = Le service Windows Search n’a pas pu démarrer en raison de l’erreur :
%%1053

Error - 13/05/2012 05:41:16 | Computer Name = FamilleMiot-ser | Source = bowser | ID = 8003
Description =

Error - 14/05/2012 12:05:37 | Computer Name = FamilleMiot-ser | Source = NetBT | ID = 4321
Description = Le nom "WORKGROUP :1d" n’a pas pu être enregistré sur l’interface
avec l’adresse IP 192.168.10.61. L’ordinateur avec l’adresse IP 192.168.10.34 n’a
pas permis que le nom soit réclamé par cet ordinateur.

Error - 10/06/2012 12:44:36 | Computer Name = FamilleMiot-ser | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 18:42:51 le ?10/?06/?2012 n’était pas
prévu.

Error - 26/06/2012 08:58:18 | Computer Name = FamilleMiot-ser | Source = bowser | ID = 8003
Description =

Error - 27/06/2012 13:21:21 | Computer Name = FamilleMiot-ser | Source = bowser | ID = 8003
Description =

Error - 01/07/2012 02:18:31 | Computer Name = FamilleMiot-ser | Source = Service Control Manager | ID = 7024
Description = Le service Windows Search s’est arrêté avec l’erreur service particulière
%%-1073473535.

Error - 01/07/2012 02:18:31 | Computer Name = FamilleMiot-ser | Source = Service Control Manager | ID = 7031
Description = Le service Windows Search s’est terminé de manière inattendue. Ceci
s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000
millisecondes : Redémarrer le service.

Error - 01/07/2012 02:19:01 | Computer Name = FamilleMiot-ser | Source = Service Control Manager | ID = 7032
Description = Le Gestionnaire de services de contrôle a essayé d’entreprendre une
action corrective (Redémarrer le service) après la fin inattendue du service Windows
Search, mais cette action a échoué en raison de l’erreur suivante : %%1056

Error - 01/07/2012 07:44:39 | Computer Name = FamilleMiot-ser | Source = Service Control Manager | ID = 7000
Description = Le service MAJTuto n’a pas pu démarrer en raison de l’erreur : %%2


< End of report >

mille merci encore
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede nickW » 01 Juil 2012, 19:02

Bonjour,


C'est toi qui as demandé/accepté l'installation de Tuto4pc!

Tu n'as pas dû lire les conditions d'utilisation jusqu'au bout, bien qu'elles soient édifiantes:
EN TÉLÉCHARGEANT GRATUITEMENT CET APPLICATIF VOUS BÉNÉFICIEREZ AUSSI EN SITE UNDER D'UNE SÉLECTION DES MEILLEURES OFFRES COMMERCIALES DU NET
Source: http://tuto4pc.com/

REGLE 3 : CESSION DES DONNEES PERSONNELS
LES DONNEES COMMUNIQUEES LORS DU TELECHARGEMENT DES LOGICIELS TUTO4PC POURRONT ETRE CEDEES A TOUT TIERS. VOUS POUVEZ Y OPPOSER EN ECRIVANT A : TUTO4PC, 14, RUE LINCOLN 75008 PARIS – OU PAR COURRIER ELECTRONIQUE A L’ADRESSE : contact@tuto4pc.com

Les dits composants peuvent faire apparaître, sur l'écran de l'Utilisateur, des messages publicitaires ou autres informations de la part d'TUTO4PC ou d’annonceurs tiers (avec qui TUTO4PC a conclu les accords correspondants) dans le but d'expliquer les services proposés par TUTO4PC ainsi que le bon mode d'utilisation, ou tout autre service, promotions, offres commerciales susceptibles d'intéresser l'Utilisateur.

L’Utilisateur accepte que les services proposés par TUTO4PC associés aux logiciels téléchargés et en particulier les Logiciels TUTO4PC, puissent modifier les paramètres de navigateur WEB (bookmark, page d'accueil, onglet).
Source: http://tuto4pc.com/faq.html



Premiers nettoyages:


Étape 1: Désinstallation
Démarrer-->Panneau de configuration-->Programmes-->Programmes et fonctionnalités
Sélectionner (si trouvé) PCTuto Avast 2.0 puis cliquer sur Désinstaller
Sélectionner (si trouvé) PCTuto Maj 1.0 puis cliquer sur Désinstaller
Sélectionner (si trouvé) PCTuto 2.0 puis cliquer sur Désinstaller
Sélectionner (si trouvé) Tuto Firefox1.0.0.0 puis cliquer sur Désinstaller
Sélectionner (si trouvé) Tuto4pc puis cliquer sur Désinstaller
Sélectionner (si trouvé) UpdatePCTuto 2.0 puis cliquer sur Désinstaller


Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 3: Malwarebytes' Anti-Malware, nettoyage
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher, comme ceci:

Image

Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats":
Image


Si des éléments nuisibles ont été détectés, cliquer sur le bouton "Supprimer la sélection": Image

Attendre patiemment sans rien faire d'autre la fin du nettoyage.
Un redémarrage est parfois nécessaire. Accepter.
Une fenêtre du Bloc-notes s'ouvre pour afficher le rapport. Fermer le Bloc-notes.
Cliquer sur le bouton "Quitter" pour fermer Malwarebytes' Anti-Malware.


Étape 4: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 5: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Analyse rapide:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 6: Résultats
Envoyer en réponse:
*- le rapport de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-****-**-** (**-**-**).txt situé dans le dossier %SystemDrive%\Users\<tonprofil>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs où ****-**-** (**-**-**) représente la date [année-mois-jour] et l'heure [hh-mn-ss])
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.Txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End of report>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: Pages internet s'ouvrent sans arret

Messagede oeno33 » 01 Juil 2012, 20:01

Bonjour NickW,

Je ne sais ce que c'est que ce truc que j'ai accepté. C'est vrai que lorsqu'on installe un logiciel, on accepte les conditions sans vraiment les lire (:oops:) mais on ne m'y prendra plus....

J'ai fait tout ce que tu m'as indiqué et voila les rapports. Je n'ai pas vraiment utilisé l'ordinateur, mais il me semble que ça va mieux. Aucune fenêtre ne s'est ouverte pendant toute la procédure de nettoyage.

J'attends ton verdict...

Merci beaucoup

oeno33

Malwarebytes Anti-Malware (Essai) 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.07.01.08

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Famille Miot-serti :: FAMILLEMIOT-SER [administrateur]

Protection: Activé

01/07/2012 20:40:38
mbam-log-2012-07-01 (20-40-38).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 207315
Temps écoulé: 43 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 4
C:\Users\Famille Miot-serti\Downloads\outlook express setup.exe (PUP.AdBundle) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Famille Miot-serti\Downloads\Quick Zip_telechargement_01net.exe (PUP.Toolbar.Repacked) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Famille Miot-serti\Downloads\SoftonicDownloader_pour_modele-de-calendrier-excel-annuel.exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Famille Miot-serti\Downloads\SWF Opener.exe (PUP.AdBundler) -> Mis en quarantaine et supprimé avec succès.

(fin)
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede oeno33 » 01 Juil 2012, 20:06

Et voila le second rapport


OTL logfile created on: 01/07/2012 20:46:57 - Run 2
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Famille Miot-serti\Desktop\depannage ordinateur
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

5,87 Gb Total Physical Memory | 3,99 Gb Available Physical Memory | 67,97% Memory free
11,73 Gb Paging File | 9,64 Gb Available in Paging File | 82,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,54 Gb Total Space | 622,66 Gb Free Space | 90,96% Space Free | Partition Type: NTFS

Computer Name: FAMILLEMIOT-SER | User Name: Famille Miot-serti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/01 20:22:39 | 000,400,352 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012/07/01 11:49:20 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Famille Miot-serti\Desktop\depannage ordinateur\OTL.exe
PRC - [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/06/14 17:20:22 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2012/04/27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/21 12:20:40 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/21 07:55:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:55:20 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/10 11:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/08/10 11:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/08/10 11:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/29 01:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/29 01:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/05/27 05:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/04/13 19:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 19:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/03/11 08:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 08:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2007/01/11 20:57:20 | 000,291,760 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
PRC - [2006/12/11 18:11:58 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/01 20:22:41 | 001,977,312 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012/07/01 20:22:41 | 000,162,784 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012/07/01 20:22:41 | 000,021,984 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012/06/28 12:28:56 | 000,438,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll
MOD - [2012/06/28 12:28:54 | 003,972,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
MOD - [2012/06/28 12:27:40 | 000,554,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
MOD - [2012/06/28 12:27:38 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libegl.dll
MOD - [2012/06/28 12:27:29 | 000,140,328 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
MOD - [2012/06/28 12:27:28 | 000,262,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
MOD - [2012/06/28 12:27:26 | 002,386,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
MOD - [2012/06/14 08:54:45 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll
MOD - [2012/06/14 08:54:16 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/14 08:54:08 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/05/13 09:18:37 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\68eb2c96de3918a4757f5f768dc671c7\IAStorUtil.ni.dll
MOD - [2012/05/13 08:44:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/05/13 08:43:48 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/13 08:43:42 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/13 08:43:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/13 08:43:37 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/13 08:43:28 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012/02/20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/15 20:42:53 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/03/15 20:42:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/06/29 01:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/05/20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2007/01/11 20:57:20 | 000,291,760 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe
MOD - [2006/08/08 21:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrscw.dll
MOD - [2006/05/25 22:20:44 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\iptk.dll
MOD - [2005/12/29 17:34:22 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2400 Series\lxcrdrec.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/25 16:41:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2006/12/11 18:12:22 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcrcoms.exe -- (lxcr_device)
SRV - [2012/06/17 09:05:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/14 17:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/21 12:20:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/21 07:55:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/15 12:20:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/10 11:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/29 01:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/05/27 05:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/04/13 19:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/03/18 06:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/11 18:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/21 12:22:38 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/07/21 12:22:37 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/06/02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/06/02 07:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/06/02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/09/22 03:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/08/25 18:50:48 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/25 16:05:44 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/05/15 15:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010/05/11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/13 19:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/13 12:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/01/27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\URLSearchHook: {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228304

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3228304
IE - HKCU\..\URLSearchHook: {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {bb1227ac-7a0d-4076-8c1a-51a1348f6fa8} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={2EA06774-8763-49A1-897D-9D8AA823C73D}&mid=98abeae8f7c547d0a0b1cd3c4e3b5986-b7d4f777c8f7ed82e1f6b163e2cad18bc04c177f&lang=en&ds=ft011&pr=sa&d=2012-06-29 09:45:01&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3228304
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs&a=19emB393cn9
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..CT3228304.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "01net 3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3228304&SearchSource=2&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 09:05:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/12 21:48:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/07/01 20:22:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 09:05:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/12 21:48:44 | 000,000,000 | ---D | M]

[2011/09/10 08:20:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Extensions
[2012/07/01 12:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions
[2012/07/01 12:04:24 | 000,000,000 | ---D | M] (01net 3) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions\{681d7a5c-c4a3-4434-828f-2287ab4c0572}
[2012/05/30 20:57:12 | 000,000,000 | ---D | M] (WinZipBar_FR Community Toolbar) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions\{bb1227ac-7a0d-4076-8c1a-51a1348f6fa8}
[2012/06/29 08:48:15 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Famille Miot-serti\AppData\Roaming\mozilla\Firefox\Profiles\e5afu65c.default\extensions\plugin@videofiledownload.com
[2012/07/01 12:04:29 | 000,000,907 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\searchplugins\conduit.xml
[2011/09/10 08:36:52 | 000,002,185 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\searchplugins\MyStart Search.xml
[2012/04/28 12:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/17 09:05:19 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/30 08:09:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/14 21:54:28 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/06/29 09:44:59 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/14 21:54:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/14 21:54:28 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/14 21:54:28 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/14 21:54:28 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/14 21:54:28 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjoighipaepgidagabcjjpjgaihnfahb\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: 01net 3 = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjoighipaepgidagabcjjpjgaihnfahb\2.3.15.10_0\
CHR - Extension: YouTube = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Wajam = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: Gmail = C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (01net 3 Toolbar) - {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (VideoFileDownload) - {8F04D391-CC20-4BAE-8517-50371C7349D2} - C:\Program Files (x86)\OApps\bho_project.dll (VideoFileDownload)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (01net 3 Toolbar) - {681d7a5c-c4a3-4434-828f-2287ab4c0572} - C:\Program Files (x86)\01net_3\prxtb01ne.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BB1227AC-7A0D-4076-8C1A-51A1348F6FA8} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [LXCRCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCRtime.DLL (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxcrmon.exe] C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe ()
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [comnetwork] File not found
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCTuto] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Tutorials] File not found
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - Startup: C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dainrauscher.com ([]https in Local intranet)
O15 - HKCU\..Trusted Domains: rbcdain.com ([]https in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B55F8F18-6891-4E08-9E4E-EC74395C4AED}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{83c9b02c-85fb-11e1-b98f-1c7508dfb075}\Shell - "" = AutoRun
O33 - MountPoints2\{83c9b02c-85fb-11e1-b98f-1c7508dfb075}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/01 12:33:03 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\Desktop\depannage ordinateur
[2012/07/01 12:20:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/07/01 12:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/07/01 12:19:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/07/01 12:12:31 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Malwarebytes
[2012/07/01 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/01 12:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/01 12:12:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/01 12:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/01 12:06:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/07/01 12:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\01net_3
[2012/07/01 12:04:30 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\CRE
[2012/07/01 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\ATI
[2012/07/01 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\ATI
[2012/07/01 11:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/07/01 11:54:27 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\GetRightToGo
[2012/06/30 12:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/06/30 12:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/30 12:39:12 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\Google
[2012/06/30 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/06/29 09:44:55 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2012/06/29 09:44:52 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Local\Wajam
[2012/06/29 09:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/06/29 09:44:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/29 09:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook Express Launcher
[2012/06/29 08:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2012/06/29 08:48:35 | 000,000,000 | ---D | C] -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnH Solutions
[2012/06/29 08:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
[2012/06/29 08:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnH Solutions
[2012/06/29 08:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012/06/29 08:48:13 | 000,633,399 | ---- | C] (UnH Solutions ) -- C:\Users\Famille Miot-serti\Desktop\SWFOpenerSetup.exe
[2012/06/27 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamax Poker

========== Files - Modified Within 30 Days ==========

[2012/07/01 20:50:44 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/01 20:50:44 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/01 20:49:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/01 20:48:44 | 001,549,936 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/01 20:48:44 | 000,704,714 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/07/01 20:48:44 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/01 20:48:44 | 000,130,988 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/07/01 20:48:44 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/01 20:43:20 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/01 20:43:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/01 20:43:06 | 428,900,351 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/01 13:51:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/07/01 12:19:11 | 000,001,108 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/01 12:12:12 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/30 12:40:34 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/06/30 12:40:32 | 000,002,243 | ---- | M] () -- C:\Users\Famille Miot-serti\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/29 08:48:35 | 000,001,100 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\SWF Opener.lnk
[2012/06/29 08:48:18 | 000,633,399 | ---- | M] (UnH Solutions ) -- C:\Users\Famille Miot-serti\Desktop\SWFOpenerSetup.exe
[2012/06/27 21:23:40 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\Winamax Poker.lnk
[2012/06/24 09:33:26 | 005,738,496 | ---- | M] () -- C:\Users\Famille Miot-serti\Desktop\A.M.M Reconnaissez vous ces personnages .pps
[2012/06/14 08:52:12 | 000,311,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/12 20:06:09 | 000,004,608 | ---- | M] () -- C:\Users\Famille Miot-serti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2012/07/01 13:51:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/07/01 12:19:11 | 000,001,108 | ---- | C] () -- C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/01 12:12:12 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/30 12:40:34 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/06/30 12:40:32 | 000,002,243 | ---- | C] () -- C:\Users\Famille Miot-serti\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/30 12:39:15 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/30 12:39:15 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/29 08:48:35 | 000,001,100 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\SWF Opener.lnk
[2012/06/24 09:33:24 | 005,738,496 | ---- | C] () -- C:\Users\Famille Miot-serti\Desktop\A.M.M Reconnaissez vous ces personnages .pps
[2012/01/15 10:34:47 | 000,004,608 | ---- | C] () -- C:\Users\Famille Miot-serti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/09 19:40:37 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcrcomx.dll
[2011/11/09 19:40:37 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCRinst.dll
[2011/11/09 19:40:36 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrinpa.dll
[2011/11/09 19:40:36 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcriesc.dll
[2011/11/09 19:40:35 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrpmui.dll
[2011/11/09 19:40:32 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrserv.dll
[2011/11/09 19:40:32 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrusb1.dll
[2011/11/09 19:40:31 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrlmpm.dll
[2011/11/09 19:40:31 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrppls.exe
[2011/11/09 19:40:31 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrprox.dll
[2011/11/09 19:40:31 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrpplc.dll
[2011/11/09 19:40:30 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrcoms.exe
[2011/11/09 19:40:30 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrcomm.dll
[2011/11/09 19:40:30 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrih.exe
[2011/11/09 19:40:29 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcrcomc.dll
[2011/03/15 12:23:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/15 12:12:26 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/03/15 12:11:55 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/03/15 12:11:55 | 000,193,400 | ---- | C] () -- C:\Windows\flicker.dll
[2011/03/15 12:11:55 | 000,066,424 | ---- | C] () -- C:\Windows\setpwlin.exe
[2011/03/15 12:11:55 | 000,059,992 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011/03/15 12:11:55 | 000,000,673 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011/03/15 12:11:55 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011/03/02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/03/02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/03/02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/03/02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/03/02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010/11/17 15:30:01 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/11/17 14:56:27 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/11/17 14:55:51 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2010/11/17 14:47:51 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012/07/01 12:04:31 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\GetRightToGo
[2011/12/11 18:39:43 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\pdfforge
[2012/05/27 20:54:45 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Samsung
[2012/05/27 20:57:14 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Temp
[2011/09/10 09:02:37 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\Thunderbird
[2012/04/06 13:27:30 | 000,000,000 | ---D | M] -- C:\Users\Famille Miot-serti\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
[2012/06/07 19:07:50 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:CFE0B346

< End of report >
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede nickW » 08 Juil 2012, 22:47

Bonsoir,

Nouvelle analyse:


Étape 1: AdwCleaner (de Xplode), téléchargement
Télécharger AdwCleaner depuis la page ci-dessous:
http://general-changelog-team.fr/fr/dow ... adwcleaner
(cliquer sur la flèche verte)
Enregistrer le fichier adwcleaner.exe sur le Bureau.


Étape 2: AdwCleaner (de Xplode), analyse
Faire un clic droit sur adwcleaner.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal d'AdwCleaner s'affiche:
Image

Cliquer sur le bouton Recherche.

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer la fenêtre d'AdwCleaner.
Fermer le Bloc-notes.


Étape 3: Résultat
Envoyer en réponse:
*- le rapport d'analyse d'AdwCleaner (contenu du fichier %SystemDrive%\AdwCleaner[Rn].txt, n étant un numéro d'ordre).
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: Pages internet s'ouvrent sans arret

Messagede oeno33 » 09 Juil 2012, 07:01

Bonjour,

Voilà le dernier rapport d'analyse. Merci par avance



# AdwCleaner v1.701 - Rapport créé le 09/07/2012 à 08:00:07
# Mis à jour le 02/07/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits)
# Nom d'utilisateur : Famille Miot-serti - FAMILLEMIOT-SER
# Exécuté depuis : C:\Users\Famille Miot-serti\Downloads\adwcleaner.exe
# Option [Recherche]


***** [Services] *****

Présent : WajamUpdater

***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\Famille Miot-serti\AppData\Local\Conduit
Dossier Présent : C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Dossier Présent : C:\Users\Famille Miot-serti\AppData\Local\Wajam
Dossier Présent : C:\Users\Famille Miot-serti\AppData\LocalLow\Conduit
Dossier Présent : C:\Users\Famille Miot-serti\AppData\Roaming\pdfforge
Dossier Présent : C:\Users\Famille Miot-serti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Dossier Présent : C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\Smartbar
Dossier Présent : C:\Program Files\Babylon
Dossier Présent : C:\Program Files (x86)\Conduit
Dossier Présent : C:\Program Files (x86)\PCtuto
Dossier Présent : C:\Program Files (x86)\Wajam
Fichier Présent : C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\searchplugins\Conduit.xml
Fichier Présent : C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\searchplugins\MyStart Search.xml
Fichier Présent : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registre] *****

[*] Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT3148726
[*] Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT3228304
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Présente : HKCU\Software\AppDataLow\Software\SmartBar
Clé Présente : HKCU\Software\AppDataLow\Toolbar
Clé Présente : HKCU\Software\Conduit
Clé Présente : HKCU\Software\IGearSettings
Clé Présente : HKCU\Software\IM
Clé Présente : HKCU\Software\ImInstaller
Clé Présente : HKCU\Software\PCTuto
Clé Présente : HKCU\Software\Softonic
Clé Présente : HKCU\Software\Tutorials
Clé Présente : HKCU\Software\Wajam
Clé Présente : HKLM\SOFTWARE\Classes\AppID\PCTutoBHO.DLL
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Clé Présente : HKLM\SOFTWARE\PCTuto
Clé Présente : HKLM\SOFTWARE\Wajam
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [comnetwork]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [PcTuto]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Tutorials]
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Clé Présente : HKCU\Software\AppDataLow\Toolbar
[x64] Clé Présente : HKCU\Software\Conduit
[x64] Clé Présente : HKCU\Software\IGearSettings
[x64] Clé Présente : HKCU\Software\IM
[x64] Clé Présente : HKCU\Software\ImInstaller
[x64] Clé Présente : HKCU\Software\PCTuto
[x64] Clé Présente : HKCU\Software\Softonic
[x64] Clé Présente : HKCU\Software\Tutorials
[x64] Clé Présente : HKCU\Software\Wajam
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\PCTutoBHO.DLL
[x64] Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO
[x64] Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
[x64] Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
[x64] Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1

***** [Registre - GUID] *****

Clé Présente : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BD490E24-D18C-4323-B481-79DD4F62E758}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7600.16385

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource= ... =CT3228304

-\\ Mozilla Firefox v13.0.1 (fr)

Nom du profil : default
Fichier : C:\Users\Famille Miot-serti\AppData\Roaming\Mozilla\Firefox\Profiles\e5afu65c.default\prefs.js

Présente : user_pref("CT3228304.1000082.isPlayDisplay", "true");
Présente : user_pref("CT3228304.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Présente : user_pref("CT3228304.1000234.TWC_TMP_city", "BORDEAUX");
Présente : user_pref("CT3228304.1000234.TWC_TMP_country", "FR");
Présente : user_pref("CT3228304.3228304a129838879214741687000000paramsGK0", "{\"updateReqTime\":1341152567361,\[...]
Présente : user_pref("CT3228304.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Présente : user_pref("CT3228304.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Présente : user_pref("CT3228304.FirstTime", "true");
Présente : user_pref("CT3228304.FirstTimeFF3", "true");
Présente : user_pref("CT3228304.RSS_Pub_Config", "{\"settings\":{\"icon\":\"hxxp://storage.conduit.com/bankimag[...]
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000ReadItemsArr", "%7B%22569233%22%3A0%2C%22[...]
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000cat0", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000cat1", "%5B%7B%22type%22%3A%22rss%22%2C%2[...]
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000embeddedVersion", "2.4.0");
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000feedsObj", "%7B%22channels%22%3A%7B%22id%[...]
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000lastReportTime", "1341154335240 ");
Présente : user_pref("CT3228304.RSSapp3228304a129838879214741687000000newFeeds", "newFeeds");
Présente : user_pref("CT3228304.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Présente : user_pref("CT3228304.UserID", "UN76312849997236563");
Présente : user_pref("CT3228304.addressBarTakeOverEnabledInHidden", "true");
Présente : user_pref("CT3228304.autoDisableScopes", 0);
Présente : user_pref("CT3228304.browser.search.defaultthis.engineName", true);
Présente : user_pref("CT3228304.defaultSearch", "true");
Présente : user_pref("CT3228304.embeddedsData", "[{\"appId\":\"129838879213960425\",\"apiPermissions\":{\"cross[...]
Présente : user_pref("CT3228304.enableAlerts", "always");
Présente : user_pref("CT3228304.enableSearchFromAddressBar", "true");
Présente : user_pref("CT3228304.firstTimeDialogOpened", "true");
Présente : user_pref("CT3228304.fixPageNotFoundError", "true");
Présente : user_pref("CT3228304.fixPageNotFoundErrorInHidden", "true");
Présente : user_pref("CT3228304.fixUrls", true);
Présente : user_pref("CT3228304.installId", "ct3228304_01net.exe");
Présente : user_pref("CT3228304.installType", "ConduitNSISIntegration");
Présente : user_pref("CT3228304.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Présente : user_pref("CT3228304.isNewTabEnabled", true);
Présente : user_pref("CT3228304.isPerformedSmartBarTransition", "true");
Présente : user_pref("CT3228304.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Présente : user_pref("CT3228304.keyword", true);
Présente : user_pref("CT3228304.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Présente : user_pref("CT3228304.openThankYouPage", "false");
Présente : user_pref("CT3228304.openUninstallPage", "true");
Présente : user_pref("CT3228304.search.searchAppId", "129838879213960425");
Présente : user_pref("CT3228304.search.searchCount", "0");
Présente : user_pref("CT3228304.searchInNewTabEnabledInHidden", "true");
Présente : user_pref("CT3228304.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Présente : user_pref("CT3228304.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Présente : user_pref("CT3228304.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Présente : user_pref("CT3228304.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Présente : user_pref("CT3228304.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Présente : user_pref("CT3228304.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Présente : user_pref("CT3228304.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Présente : user_pref("CT3228304.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Présente : user_pref("CT3228304.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1341137069066");
Présente : user_pref("CT3228304.serviceLayer_services_appTracking_lastUpdate", "1341137069978");
Présente : user_pref("CT3228304.serviceLayer_services_appsMetadata_lastUpdate", "1341154334055");
Présente : user_pref("CT3228304.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1341137069273");
Présente : user_pref("CT3228304.serviceLayer_services_login_10.10.12.5_lastUpdate", "1341757785830");
Présente : user_pref("CT3228304.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1341137069202");
Présente : user_pref("CT3228304.serviceLayer_services_searchAPI_lastUpdate", "1341137067277");
Présente : user_pref("CT3228304.serviceLayer_services_serviceMap_lastUpdate", "1341690702237");
Présente : user_pref("CT3228304.serviceLayer_services_toolbarContextMenu_lastUpdate", "1341137069243");
Présente : user_pref("CT3228304.serviceLayer_services_toolbarSettings_lastUpdate", "1341757785750");
Présente : user_pref("CT3228304.serviceLayer_services_translation_lastUpdate", "1341690702502");
Présente : user_pref("CT3228304.settingsINI", true);
Présente : user_pref("CT3228304.shouldFirstTimeDialog", "false");
Présente : user_pref("CT3228304.smartbar.CTID", "CT3228304");
Présente : user_pref("CT3228304.smartbar.Uninstall", "0");
Présente : user_pref("CT3228304.smartbar.homepage", true);
Présente : user_pref("CT3228304.smartbar.isHidden", true);
Présente : user_pref("CT3228304.smartbar.toolbarName", "01net 3 ");
Présente : user_pref("CT3228304.startPage", "userChanged");
Présente : user_pref("CT3228304.toolbarBornServerTime", "1-7-2012");
Présente : user_pref("CT3228304.toolbarCurrentServerTime", "8-7-2012");
Présente : user_pref("CT3228304.twitter_v1.8.0_twitter_app_open_t_f", "false");
Présente : user_pref("Smartbar.ConduitHomepagesList", "");
Présente : user_pref("Smartbar.ConduitSearchEngineList", "01net 3 Customized Web Search");
Présente : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3228304[...]
Présente : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://isearch.avg.com/search?cid=%7Bda7dcb14-14[...]
Présente : user_pref("Smartbar.keywordURLSelectedCTID", "CT3228304");
Présente : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Présente : user_pref("browser.search.selectedEngine", "01net 3 Customized Web Search");
Présente : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3228304&SearchSource=2&q=[...]

-\\ Google Chrome v20.0.1132.47

Fichier : C:\Users\Famille Miot-serti\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente : "homepage": "hxxp://search.conduit.com/?ctid=CT3228304&SearchSource=48",
Présente : "urls_to_restore_on_startup": [ "hxxp://search.conduit.com/?ctid=CT3228304&SearchSource=48"[...]
Présente : "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...]
Présente : "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...]
Présente : "path": "plugins/ConduitChromeApiPlugin.dll",
Présente : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT322830[...]
Présente : "explicit_host": [ "hxxp://*.wajam.com/*", "hxxp://*/*", "hxxps://*/*" ],
Présente : "name": "Wajam",
Présente : "permissions": [ "hxxp://*.wajam.com/*", "bookmarks", "tabs", "hxxp://*/*", "hxxps://[...]
Présente : "update_url": "hxxp://www.wajam.com/update/Chrome/chrome_addon_updates.xml",
Présente : "homepage": "hxxp://search.conduit.com/?ctid=CT3228304&SearchSource=48",
Présente : "name": "Conduit Chrome Plugin",
Présente : "path": "C:\\Users\\Famille Miot-serti\\AppData\\Local\\Google\\Chrome\\User Data\\Default\[...]
Présente : "name": "Conduit Chrome Plugin"
Présente : "name": "Wajam",
Présente : "name": "Wajam"
Présente : "urls_to_restore_on_startup": [ "hxxp://search.conduit.com/?ctid=CT3228304&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [16922 octets] - [09/07/2012 08:00:07]

########## EOF - C:\AdwCleaner[R1].txt - [17051 octets] ##########
oeno33
 
Messages: 7
Inscription: 01 Juil 2012, 15:25

Re: Pages internet s'ouvrent sans arret

Messagede nickW » 09 Juil 2012, 22:13

Bonsoir,

Nouveau nettoyage:

Je te conseille d'imprimer la procédure, ou d'en sélectionner toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC (Note: tu n'auras pas accès à Internet lors de l'étape 2, et un redémarrage est possible).
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.



Étape 1: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 2: AdwCleaner (de Xplode), nettoyage

Fermer tous les navigateurs internet (Internet Explorer, Firefox, Opera, Google Chrome, etc).

Faire un clic droit sur adwcleaner.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal d'AdwCleaner s'affiche:
Image

Cliquer sur le bouton Suppression.

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer la fenêtre d'AdwCleaner.
Fermer le Bloc-notes.


Étape 3: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 4: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Analyse rapide:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 5: Résultats
Envoyer en réponse:
*- le rapport de nettoyage d'AdwCleaner (contenu du fichier %SystemDrive%\AdwCleaner[Sn].txt, n étant un numéro d'ordre).
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.Txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End of report>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 28 invités