Votre question

Suppression d'asd régie de pup

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Juillet 2011 15:58:41

Bonjour, comment dois-je faire pour ne plus recevoir ce site, et ce définitivement; merci

Autres pages sur : suppression asd regie pup

a c 614 8 Sécurité
20 Juillet 2011 10:31:16

Bonjour,

Pour voir :

Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.

Lance-le en cliquant sur l'icône dds.scr

Cette fenêtre DOS va apparaitre


  • Le scan ne doit pas dépasser trois minutes.
  • Deux rapport vont alors apparaitre en bloc-note : DDS.txt et Attach.txt.
  • Enregistre-les sur ton bureau avant de fermer ou valider.
  • Poste-moi le rapport DDS.txt dans ta prochaine réponse.
  • Conserve l'autre si je te le demande.
    20 Juillet 2011 16:52:51




    J'ai bien l'icone sur le bureau, et quand j'ouvre il disparraît aussitôt, merci pour ton aide, je vais m'habituer à recevoir ce site .
    a c 614 8 Sécurité
    20 Juillet 2011 19:08:33

    Re,

    J'ai pas compris ton message, DDS ne se lance pas c'est çà ?

    Essaye ceci :

    Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    eventlog.dll
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    20 Juillet 2011 20:10:59

    merci, l'analyse est en cours; dommage que nous ne pouvons parler de vive voix.
    20 Juillet 2011 20:29:58

    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    eventlog.dll
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT
    20 Juillet 2011 20:33:00

    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    eventlog.dll
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockednetsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    eventlog.dll
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles OTL logfile created on: 20/07/2011 20:19:57 - Run 2
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\jean-louis\Downloads\Nouveau dossier
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,93 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 40,90% Memory free
    7,33 Gb Paging File | 5,55 Gb Available in Paging File | 75,70% Paging File free
    Paging file location(s): C:\pagefile.sys 4501 4501 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451,66 Gb Total Space | 394,33 Gb Free Space | 87,31% Space Free | Partition Type: NTFS
    Drive D: | 534,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

    Computer Name: JEAN-LOUIS-PC | User Name: jean-louis | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whnetsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    eventlog.dll
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINTitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/07/20 19:49:33 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\jean-louis\Downloads\Nouveau dossier\OTL.exe
    PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/06/03 14:17:39 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\jean-louis\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
    PRC - [2011/06/01 12:45:58 | 001,299,080 | ---- | M] (SPAMfighter ApS) -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe
    PRC - [2011/05/16 11:22:26 | 000,326,504 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe
    PRC - [2011/05/16 11:22:26 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
    PRC - [2011/04/28 13:56:25 | 000,826,688 | ---- | M] (Preventon Technologies Limited) -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
    PRC - [2011/04/14 13:40:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe
    PRC - [2011/03/16 13:28:04 | 001,736,000 | ---- | M] (Reviversoft, (www.reviversoft.com)) -- C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe
    PRC - [2011/01/23 20:00:23 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
    PRC - [2011/01/23 20:00:20 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
    PRC - [2010/11/20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    PRC - [2010/06/29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
    PRC - [2010/06/09 18:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
    PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    PRC - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
    PRC - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/07/20 19:49:33 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\jean-louis\Downloads\Nouveau dossier\OTL.exe
    MOD - [2011/07/04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
    MOD - [2010/11/20 14:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
    MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    MOD - [2010/11/20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
    MOD - [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2011/06/23 00:33:58 | 003,435,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
    SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/06/01 12:45:58 | 001,299,080 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe -- (Suite Service)
    SRV - [2011/05/17 19:26:28 | 000,037,600 | ---- | M] (Speedchecker) [Auto | Stopped] -- C:\Program Files (x86)\Accelerer PC\PCSpeedUpService.exe -- (PCSpeedUpService)
    SRV - [2011/05/16 09:45:14 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2011/04/28 13:56:25 | 000,826,688 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe -- (AV Engine Scanning Service)
    SRV - [2010/06/29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2010/04/14 14:56:01 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxebcoms.exe -- (lxeb_device)
    SRV - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
    SRV - [2010/04/04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/01/15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
    SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
    SRV - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
    SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/04/29 05:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)


    ========== Driver Services (SafeList) ==========

    DRV - [2009/09/02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    IE - HKLM\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
    IE - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qk...
    IE - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\..\URLSearchHook: {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
    IE - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jean-louis\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jean-louis\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\jean-louis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/07/20 18:08:31 | 000,000,000 | ---D | M]


    O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
    O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
    O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
    O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Avanquest FR Toolbar) - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
    O3 - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\..\Toolbar\WebBrowser: (Avanquest FR Toolbar) - {6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva0.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
    O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Solutions de télécopie\fm3032.exe ()
    O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO)
    O4 - HKLM..\Run: [Vaderetro Outlook] C:\Program Files (x86)\Goto Software\Vade Retro\VrMoRegister.exe ()
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3271210160-2566200060-2609365917-1000..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-wind... (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-wind... (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-wind... (Java Plug-in 1.6.0_26)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/04/28 16:38:37 | 000,000,296 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
    O33 - MountPoints2\{7afffd46-7f8d-11e0-839c-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7afffd46-7f8d-11e0-839c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2009/04/28 17:12:07 | 000,311,976 | ---- | M] ( )
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/07/20 19:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
    [2011/07/20 18:33:36 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\Documents\Fragments
    [2011/07/20 18:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
    [2011/07/20 18:01:39 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\Desktop\Adobe Acrobat X
    [2011/07/20 17:47:10 | 487,666,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\jean-louis\Documents\AcrobatPro_10_Web_WWEFD.exe
    [2011/07/20 17:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
    [2011/07/20 16:33:30 | 000,606,738 | R--- | C] (Swearware) -- C:\Users\jean-louis\Desktop\dds (1).scr
    [2011/07/18 13:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexmark Pro200-S500 Series
    [2011/07/17 16:04:18 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\{75D3B133-BEF7-4B34-9F66-7FC9B8F9471D}
    [2011/07/17 10:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
    [2011/07/17 10:54:27 | 000,000,000 | ---D | C] -- C:\BandwidthMeter
    [2011/07/17 10:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accelerer PC
    [2011/07/17 10:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Accelerer PC
    [2011/07/16 09:25:30 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\{8D22A57A-184A-4448-8A2B-984E9EF7AB0C}
    [2011/07/15 10:21:52 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\{6BAB71EA-B0B1-4B19-B026-83FAED4EF532}
    [2011/07/13 22:16:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2011/07/13 22:16:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2011/07/13 22:16:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2011/07/13 22:16:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2011/07/13 22:16:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2011/07/13 22:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2011/07/13 22:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2011/07/13 22:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2011/07/13 22:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2011/07/13 22:16:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2011/07/13 22:16:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2011/07/13 22:16:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2011/07/13 22:16:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2011/07/13 22:16:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2011/07/13 22:16:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2011/07/13 22:16:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2011/07/13 22:16:07 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
    [2011/07/13 22:16:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
    [2011/07/13 22:15:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2011/07/13 22:15:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2011/07/13 22:15:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2011/07/13 22:15:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2011/07/13 22:15:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2011/07/13 16:31:07 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\Documents\VadeRetro
    [2011/07/13 16:31:07 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\VadeRetro
    [2011/07/13 16:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\VadeRetro
    [2011/07/13 16:30:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Goto Software
    [2011/07/13 00:31:25 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\Malwarebytes
    [2011/07/13 00:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/07/13 00:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/07/11 08:12:00 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\Unity
    [2011/07/08 22:20:17 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
    [2011/07/08 22:20:16 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
    [2011/07/07 21:52:52 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\{A48A4BEF-F0B0-4F04-AE6B-D17A0FFA9C81}
    [2011/07/06 09:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
    [2011/07/04 17:12:20 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\ABBYY
    [2011/07/03 22:56:56 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\{414491CC-1493-41CC-A7AA-B31EC9645B53}
    [2011/07/03 10:14:17 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Local\{3ACD49CC-1CD9-407E-BFC3-6DC4926FF87F}
    [2011/06/30 16:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
    [2011/06/30 16:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
    [2011/06/30 00:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition
    [2011/06/30 00:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
    [2011/06/29 16:12:58 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\Total Immersion
    [2011/06/29 16:12:33 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Immersion
    [2011/06/29 16:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Immersion
    [2011/06/29 07:59:49 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
    [2011/06/29 07:59:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
    [2011/06/29 07:59:44 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
    [2011/06/29 07:59:44 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
    [2011/06/29 07:59:44 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
    [2011/06/29 07:59:43 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
    [2011/06/29 07:59:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
    [2011/06/29 07:59:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
    [2011/06/27 09:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Tools For Office
    [2011/06/26 11:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    [2011/06/26 10:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
    [2011/06/25 18:16:29 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\RibbonSoft
    [2011/06/25 18:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QCAD Professional Demo
    [2011/06/25 18:15:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QCAD Professional Demo
    [2011/06/25 17:47:36 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\SmartDraw
    [2011/06/25 17:46:36 | 000,000,000 | ---D | C] -- C:\SmartDraw VP
    [2011/06/25 17:17:52 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\Synaptics
    [2011/06/25 17:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\byLight
    [2011/06/25 12:28:17 | 000,218,408 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
    [2011/06/25 12:28:17 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
    [2011/06/25 12:28:16 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
    [2011/06/23 08:03:18 | 000,000,000 | ---D | C] -- C:\Users\jean-louis\AppData\Roaming\FaxCtr
    [2011/06/21 00:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark Solutions de télécopie
    [2011/06/21 00:00:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FaxCtr
    [2011/06/21 00:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Solutions de télécopie
    [2011/06/20 23:59:57 | 000,000,000 | ---D | C] -- C:\LEXMARK Fax
    [2011/05/16 13:35:45 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebserv.dll
    [2011/05/16 13:35:45 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebusb1.dll
    [2011/05/16 13:35:45 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomc.dll
    [2011/05/16 13:35:45 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebhbn3.dll
    [2011/05/16 13:35:45 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebpmui.dll
    [2011/05/16 13:35:45 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcoms.exe
    [2011/05/16 13:35:45 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeblmpm.dll
    [2011/05/16 13:35:45 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcfg.exe
    [2011/05/16 13:35:45 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomm.dll
    [2011/05/16 13:35:45 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebinpa.dll
    [2011/05/16 13:35:45 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebiesc.dll
    [2011/05/16 13:35:45 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebih.exe
    [2011/05/16 09:35:09 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
    [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/07/20 20:22:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3271210160-2566200060-2609365917-1000UA.job
    [2011/07/20 19:28:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/07/20 18:53:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/07/20 18:31:20 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2011/07/20 18:09:17 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    [2011/07/20 17:58:57 | 487,666,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\jean-louis\Documents\AcrobatPro_10_Web_WWEFD.exe
    [2011/07/20 17:33:24 | 000,000,038 | ---- | M] () -- C:\Users\jean-louis\.mjsync_fr_FR
    [2011/07/20 16:33:14 | 000,606,738 | R--- | M] (Swearware) -- C:\Users\jean-louis\Desktop\dds (1).scr
    [2011/07/20 14:22:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3271210160-2566200060-2609365917-1000Core.job
    [2011/07/20 09:36:10 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/07/20 09:36:04 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
    [2011/07/20 09:36:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
    [2011/07/20 09:35:22 | 2360,856,576 | -HS- | M] () -- C:\hiberfil.sys
    [2011/07/18 20:54:56 | 000,001,787 | ---- | M] () -- C:\Users\jean-louis\Desktop\ClubdeJeux.lnk
    [2011/07/18 13:49:03 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
    [2011/07/17 10:35:45 | 000,001,056 | ---- | M] () -- C:\Users\Public\Desktop\ACCELERER PC.lnk
    [2011/07/17 09:22:56 | 000,001,129 | ---- | M] () -- C:\Users\jean-louis\Application Data\Microsoft\Internet Explorer\Quick Launch\PixelPerfect.lnk
    [2011/07/17 09:22:56 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\PixelPerfect.lnk
    [2011/07/17 09:20:11 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2011/07/16 17:45:53 | 000,587,043 | ---- | M] () -- C:\Users\jean-louis\Documents\2011-07-15 00.54.58.jpg
    [2011/07/15 04:23:13 | 000,002,443 | ---- | M] () -- C:\Users\jean-louis\Desktop\Google Chrome.lnk
    [2011/07/11 01:13:06 | 000,010,547 | ---- | M] () -- C:\Users\jean-louis\Documents\ANALYSES- 2009-2010-2011 copie 2.ods
    [2011/07/11 01:01:35 | 000,010,531 | ---- | M] () -- C:\Users\jean-louis\Documents\ANALYSES- 2009-2010-2011.ods
    [2011/07/06 09:33:55 | 001,605,030 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/07/04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2011/07/04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
    [2011/07/02 13:50:16 | 000,001,139 | ---- | M] () -- C:\Users\jean-louis\Desktop\Périphérique d’entrée USB - Raccourci.lnk
    [2011/06/25 18:16:00 | 000,001,126 | ---- | M] () -- C:\Users\jean-louis\Desktop\QCAD Professional Demo.lnk
    [2011/06/25 17:54:59 | 000,000,619 | ---- | M] () -- C:\Users\jean-louis\Desktop\SmartDraw VP.lnk
    [2011/06/25 17:39:00 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
    [2011/06/25 17:38:55 | 000,000,033 | ---- | M] () -- C:\Windows\iltwain.ini
    [2011/06/25 12:28:18 | 000,066,856 | ---- | M] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
    [2011/06/25 12:28:17 | 000,218,408 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
    [2011/06/25 12:28:17 | 000,107,816 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
    [2011/06/25 12:28:16 | 000,173,352 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
    [2011/06/23 19:35:16 | 000,001,114 | ---- | M] () -- C:\Users\jean-louis\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
    [2011/06/21 13:16:03 | 000,141,182 | ---- | M] () -- C:\Users\jean-louis\Documents\radiation de mallakoff mederic.pdf
    [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/07/20 18:09:17 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
    [2011/07/20 18:09:17 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
    [2011/07/20 18:09:17 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    [2011/07/20 12:37:14 | 000,141,182 | ---- | C] () -- C:\Users\jean-louis\Documents\radiation de mallakoff mederic.pdf
    [2011/07/17 10:35:45 | 000,001,056 | ---- | C] () -- C:\Users\Public\Desktop\ACCELERER PC.lnk
    [2011/07/17 09:21:42 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\PixelPerfect.lnk
    [2011/07/16 17:48:57 | 000,587,043 | ---- | C] () -- C:\Users\jean-louis\Documents\2011-07-15 00.54.58.jpg
    [2011/07/11 01:03:54 | 000,010,547 | ---- | C] () -- C:\Users\jean-louis\Documents\ANALYSES- 2009-2010-2011 copie 2.ods
    [2011/07/06 09:34:13 | 000,002,198 | ---- | C] () -- C:\Windows\epplauncher.mif
    [2011/07/06 09:23:07 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/07/06 09:23:07 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/07/02 13:50:16 | 000,001,139 | ---- | C] () -- C:\Users\jean-louis\Desktop\Périphérique d’entrée USB - Raccourci.lnk
    [2011/06/27 19:38:58 | 000,010,531 | ---- | C] () -- C:\Users\jean-louis\Documents\ANALYSES- 2009-2010-2011.ods
    [2011/06/25 18:16:00 | 000,001,126 | ---- | C] () -- C:\Users\jean-louis\Desktop\QCAD Professional Demo.lnk
    [2011/06/25 17:47:30 | 000,000,619 | ---- | C] () -- C:\Users\jean-louis\Desktop\SmartDraw VP.lnk
    [2011/06/25 17:16:49 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
    [2011/06/25 17:12:48 | 000,000,033 | ---- | C] () -- C:\Windows\iltwain.ini
    [2011/06/25 12:28:18 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
    [2011/06/23 19:35:23 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
    [2011/06/23 19:35:16 | 000,001,114 | ---- | C] () -- C:\Users\jean-louis\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
    [2011/06/09 09:04:11 | 000,000,039 | -H-- | C] () -- C:\Windows\SysWow64\spfid.bin
    [2011/06/09 09:04:11 | 000,000,039 | -H-- | C] () -- C:\Windows\spfid.bin
    [2011/05/17 13:09:05 | 000,000,095 | ---- | C] () -- C:\Windows\RTE.INI
    [2011/05/17 11:04:40 | 001,605,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/05/16 13:35:45 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxebcomx.dll
    [2011/05/16 13:35:45 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXEBinst.dll
    [2011/05/16 13:35:45 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxebins.dll
    [2011/05/16 13:35:45 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxebinsb.dll
    [2011/05/16 13:35:45 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxebcu.dll
    [2011/05/16 13:35:45 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxebinsr.dll
    [2011/05/16 13:35:45 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxebcub.dll
    [2011/05/16 13:35:45 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxebjswr.dll
    [2011/05/16 13:35:45 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxebcur.dll
    [2011/05/16 13:35:24 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEBsm.dll
    [2011/05/16 13:35:24 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXEBsmr.dll
    [2011/05/16 09:35:09 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
    [2011/05/16 09:35:09 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
    [2011/05/16 09:35:09 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
    [2010/09/30 09:15:25 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
    [2010/09/30 09:15:24 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
    [2010/09/30 09:15:24 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
    [2010/09/30 09:15:24 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
    [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [2008/06/01 09:13:10 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

    ========== Custom Scans ==========



    < MD5 for: EXPLORER.EXE >
    [2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
    [2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
    [2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
    [2010/07/17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
    [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
    [2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
    [2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
    [2010/02/04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
    [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
    [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2010/07/17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
    [2010/02/04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
    [2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
    [2010/07/17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
    [2010/02/04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
    [2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
    [2010/07/17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
    [2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
    [2010/02/04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

    < MD5 for: USERINIT.EXE >
    [2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
    [2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
    [2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
    [2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
    [2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

    < MD5 for: WININIT.EXE >
    [2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
    [2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
    [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
    [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
    [2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
    [2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
    [2010/07/17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
    [2010/07/17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

    < %SYSTEMDRIVE%\*.exe >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2011/07/20 18:39:01 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Adobe
    [2011/05/25 14:56:34 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\DriverCure
    [2011/07/13 09:44:17 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\FaxCtr
    [2011/06/22 18:05:30 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Fighters
    [2011/05/16 10:17:59 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Identities
    [2011/05/16 10:18:42 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Intel Corporation
    [2011/05/16 10:18:28 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Macromedia
    [2011/07/13 00:31:25 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Malwarebytes
    [2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Media Center Programs
    [2011/07/06 09:31:20 | 000,000,000 | --SD | M] -- C:\Users\jean-louis\AppData\Roaming\Microsoft
    [2011/05/30 00:16:50 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Nero
    [2011/05/17 23:58:47 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Packard Bell
    [2011/05/25 14:56:34 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\ParetoLogic
    [2011/05/16 11:25:27 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\PCtuto
    [2011/06/10 17:17:22 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\RegistryKeys
    [2011/05/16 10:55:16 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Reviversoft
    [2011/06/27 15:02:16 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\RibbonSoft
    [2011/05/17 13:35:30 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\RTE
    [2011/06/25 17:48:48 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\SmartDraw
    [2011/07/14 19:02:59 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\SoftGrid Client
    [2011/06/25 17:17:52 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Synaptics
    [2011/05/16 10:29:01 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Tific
    [2011/06/29 16:12:58 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Total Immersion
    [2011/06/19 23:34:38 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\TP
    [2011/05/27 17:05:41 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Uniblue
    [2011/07/13 16:31:07 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\VadeRetro
    [2011/06/07 12:40:15 | 000,000,000 | ---D | M] -- C:\Users\jean-louis\AppData\Roaming\Windows Live Writer

    < %APPDATA%\*.exe /s >
    [2011/04/14 13:40:06 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\jean-louis\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
    [2011/05/16 11:25:21 | 000,725,029 | ---- | M] () -- C:\Users\jean-louis\AppData\Roaming\PCtuto\UpdatePCTuto\unins000.exe
    [2011/04/14 13:40:06 | 000,769,664 | ---- | M] (Agence-Exclusive) -- C:\Users\jean-louis\AppData\Roaming\PCtuto\UpdatePCTuto\UpdatePCTuto.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < End of report >

    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINTfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT
    a c 614 8 Sécurité
    20 Juillet 2011 21:49:40

    Re,

    Houlà c'est un peu mélangé et en double ce rapport mais bon ... Et manque le rapport extra.txt ...


    Bref le souci principal c'est que tu as installé TOI-MêMe la régie de pub en ne lisant pas les conditions d'utilisation de PCTuto !!!

    à lire :
    http://95.142.169.206/tuto4pc.htm


    Donc pour continuer :

    Désinstalle normalement comme n'importe quel programme (si présent) :

    - PCtuto
    - SweetIM Toolbar for Internet Explorer
    - Conduit Engine
    - Avanquest FR Toolbar (sauf réelle utilité ... dont je doute ...)


    Puis :

    Télécharge Ad-R (de la TeamXscript) sur ton Bureau.

    /!\ Désactive tes protections résidentes : antivirus, antispyware ... Déconnecte-toi et ferme toutes les applications en cours (notamment ton navigateur)/!\

  • Installe le programme (avec les paramètres par défaut).
  • Le programme se lance automatiquement à la fin de l'installation, sinon, lance-le via le raccourci Ad-R situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le raccourci de Ad-R -> Exécuter en tant qu'administrateur)
  • Valide l'avertissement, puis, dans la fenêtre principal, choisis l'option Nettoyer, et valide avec "Oui"
  • A la fin, appuie sur une touche, un rapport apparaitra (sinon, il est situé ici C:\Ad-report-CLEAN[X].txt). Poste-le dans ta prochaine réponse

    /!\ N'oublie pas de réactiver tes protections résidentes /!\


    Ps : Process est détecté par certains antivirus (Antivir, DrWeb, Kaspersky) comme étant un programme malveillant, ce n'est pas le cas. Si tu as une alerte concernant ce fichier, n'empêche pas process de s'exécuter.
    http://www.beyondlogic.org/consulting/processutil/proce...
    21 Juillet 2011 08:45:02

    youpi!!!!!!!!!!! Grand merci, cela a fonctionné magnifiquement, je te remerci infiniment, bonne journée, à bientôt; qui sait?
    a c 614 8 Sécurité
    21 Juillet 2011 09:52:18

    Re,

    Il aurait été bien de me transmettre le rapport AD-R ... comme demandé ...
    26 Juillet 2011 23:59:12

    bonjour, désolé pour le retard, je n'étais pas chez moi; j'espère que mon envoi correspondra à ton attente, mais surtout je réitère mes remerciements, bonne journée,

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
    HKCU_SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} - "Inbox Recherche" (hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=804...)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
    HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
    HKLM_Toolbar|{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (C:\PROGRA~2\INBOXT~1\Inbox.dll)
    HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll)
    HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\symerr.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6} - C:\Program Files (x86)\SiteRanker\SiteRankTray.exe (x)
    HKLM_ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB} - C:\Program Files (x86)\Inbox Toolbar\Inbox.exe (Inbox.com, Inc.)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
    BHO\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} - "Inbox Toolbar" (C:\PROGRA~2\INBOXT~1\Inbox.dll)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 31 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 20/07/2011 23:43:34 (5794 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 22/07/2011 17:52:02 (483 Octet(s))
    C:\Ad-Report-SCAN[2].txt - 22/07/2011 17:55:30 (4845 Octet(s))
    C:\Ad-Report-SCAN[3].txt - 22/07/2011 18:06:17 (4772 Octet(s))

    Fin à: 18:10:11, 22/07/2011

    ============== E.O.F ==============
    27 Juillet 2011 00:01:53

    bonjour, désolé pour le retard, je n'étais pas chez moi; j'espère que mon envoi correspondra à ton attente, mais surtout je réitère mes remerciements, bonne journée,

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
    HKCU_SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} - "Inbox Recherche" (hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=804...)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
    HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
    HKLM_Toolbar|{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (C:\PROGRA~2\INBOXT~1\Inbox.dll)
    HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll)
    HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\symerr.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6} - C:\Program Files (x86)\SiteRanker\SiteRankTray.exe (x)
    HKLM_ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB} - C:\Program Files (x86)\Inbox Toolbar\Inbox.exe (Inbox.com, Inc.)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
    BHO\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} - "Inbox Toolbar" (C:\PROGRA~2\INBOXT~1\Inbox.dll)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 31 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 20/07/2011 23:43:34 (5794 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 22/07/2011 17:52:02 (483 Octet(s))
    C:\Ad-Report-SCAN[2].txt - 22/07/2011 17:55:30 (4845 Octet(s))
    C:\Ad-Report-SCAN[3].txt - 22/07/2011 18:06:17 (4772 Octet(s))

    Fin à: 18:10:11, 22/07/2011

    ============== E.O.F ==============
    a c 614 8 Sécurité
    27 Juillet 2011 09:09:47

    Bonjour,

    Ben de toute façon le rapport est tronqué, donc je peux pas voir ce qui m'intéresserait ...

    Bref, si plus de pub :

    Désinstalle AD-R

  • Relance-le via le raccourci Ad-R situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le raccourci de Ad-R -> Exécuter en tant qu'administrateur)
  • Valide l'avertissement, puis, dans la fenêtre principal, choisis l'option Désinstaller, et valide avec "Oui"

    Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Clique sur "Purge d'outils"
  • Valide l'avertissement par "ok" et laisse le pc redémarrer.


    Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :

  • Attention lors de l'installation de logiciel :
    Veiller à toujours lire les conditions d'utilisation (CLUF), afin de déceler la gestion des données personnelles, l'installation de sponsors publicitaires ou tout autre atteintes à la vie privée. Refuser les toolbars et autres addons proposés.

  • Utiliser un navigateur alternatif pour surfer de manière plus sécurisée :
    Firefox offre une meilleure sécurité par rapport à Internet Explorer, surtout si on le complète de quelques plugins très intéressant : Noscript et WOT par exemple.

  • Maintenir ses logiciels et son système à jour :
    De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
    Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.

    Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantanées, ou des sites inconnu, sites pornographiques.
    A lire !


    Tu peux indiquer ton sujet "réglé" en cliquant sur le bouton "éditer" dans ton tout premier message.
    -> Ajoute ensuite "résolu" à coté de ton titre et valide.

    Tu peux aussi, si tu le souhaites, valider une "meilleure réponse", ton sujet sera alors automatiquement marqué comme "résolu"

    A bientôt sur les forums Tom's Guide
    27 Juillet 2011 11:30:19

    j'ai pu retrouvé ceci, j'espère que cela t'aideras.




    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [3]) -> Lancé à 18:06:12 le 22/07/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
    jean-louis@JEAN-LOUIS-PC (Packard Bell EasyNote LJ65)

    ============== RECHERCHE ==============





    ============== SCAN ADDITIONNEL ==============

    **** Google Chrome Version [12.0.742.122] ****

    Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (x)
    Extension\icmlaeflemplmjndnaapfdbbnpncnbda (C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx) (?)

    -- C:\Users\jean-louis\AppData\Local\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "Google" (Activé: true) (?)
    Preferences - homepage: hxxp://www.google.com/
    Preferences - homepage_is_newtabpage: false

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
    HKCU_SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} - "Inbox Recherche" (hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=804...)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
    HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
    HKLM_Toolbar|{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (C:\PROGRA~2\INBOXT~1\Inbox.dll)
    HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll)
    HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\symerr.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6} - C:\Program Files (x86)\SiteRanker\SiteRankTray.exe (x)
    HKLM_ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB} - C:\Program Files (x86)\Inbox Toolbar\Inbox.exe (Inbox.com, Inc.)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
    BHO\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} - "Inbox Toolbar" (C:\PROGRA~2\INBOXT~1\Inbox.dll)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 31 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 20/07/2011 23:43:34 (5794 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 22/07/2011 17:52:02 (483 Octet(s))
    C:\Ad-Report-SCAN[2].txt - 22/07/2011 17:55:30 (4845 Octet(s))
    C:\Ad-Report-SCAN[3].txt - 22/07/2011 18:06:17 (4772 Octet(s))

    Fin à: 18:10:11, 22/07/2011

    ============== E.O.F ==============
    a c 614 8 Sécurité
    27 Juillet 2011 11:49:54

    Re,

    Non c'est toujours pas le bon, il m'aurait fallu celui-là :
    C:\Ad-Report-CLEAN[1].txt

    Mais comme j'ai dis, c'est pas grave, tu peux faire le nettoyage que je dis dans le post précédent et mettre en résolu.

    [:_tom_:7]
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS